shiro自定义realms及加密md5+salt教程
1、添加pom 文件
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.9.1</version>
</dependency>
2、创建realms自定义文件
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
public class AuthenticateCustomeRealms extends AuthorizingRealm {
// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
// 认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String principal = (String) authenticationToken.getPrincipal();
// 获取token信息
System.out.println(principal);
// 获取数据库相关信息 mybatis
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo("xiaochen","123",this.getName());
return simpleAuthenticationInfo;
}
}
3、创建测试shiro文件
public class TestCustomerRealm {
public static void main(String[] args) {
// 1、c创建 安全管理器
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
// 2、设置自定义realms 装配realms
defaultSecurityManager.setRealm(new AuthenticateCustomeRealms());
//3、设置安全管理器
SecurityUtils.setSecurityManager(defaultSecurityManager);
//4、获取主体 subject
Subject subject = SecurityUtils.getSubject();
//5、验证登陆
// 5.1、获取token
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("xiaochen","123");
try {
System.out.println("登陆前:"+subject.isAuthenticated());
subject.login(usernamePasswordToken);
System.out.println("登陆后:"+subject.isAuthenticated());
}catch (IncorrectCredentialsException exception){
System.out.print("密码错误");
exception.printStackTrace();
} catch(Exception e){
e.printStackTrace();
}
}
4、运行结果
5、MD5加密算法
特点: md5 算法不可逆,无论内容相同,执行多少次md5结果都相同
- 设置main java文件
步骤: 创建安全管理器、装配自定义realms、创建安全工具类、登陆
此处设置的自定义realms 完成的功能是 md5+salt+hash散列12次,需要将realms自定义类文件设置匹配器,在匹配中设置salt+md5+hash散列 md5\散列为HashedCredentialsMatcher匹配器中设置md5\散列, salt为自定义reamls中进行设置
import com.shrio.srpingbootshrio.realm.AuthorizingRealmMd5Customer;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
public class TestAuthorizingRealmMd5 {
public static void main(String[] args) {
// 1、创建安全管理器
DefaultSecurityManager securityManager = new DefaultSecurityManager();
// 2、封装自定义 realm
AuthorizingRealmMd5Customer authorizingRealmMd5Customer = new AuthorizingRealmMd5Customer();
// 2.1、设置md5加密匹配器
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName("md5");
// 2.1、设置 散列次数
credentialsMatcher.setHashIterations(12);
authorizingRealmMd5Customer.setCredentialsMatcher(credentialsMatcher);
securityManager.setRealm(authorizingRealmMd5Customer);
// 3、将安全管理器注入安全工具类
SecurityUtils.setSecurityManager(securityManager);
// 4、获取主体
Subject subject = SecurityUtils.getSubject();
// 5、登陆验证
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("xiaoli","123");
try {
System.out.println("登陆前:"+subject.isAuthenticated());
subject.login(usernamePasswordToken);
System.out.println("登陆后:"+subject.isAuthenticated());
}catch (IncorrectCredentialsException exception){
System.out.print("密码错误");
exception.printStackTrace();
} catch(Exception e){
e.printStackTrace();
}
}
}
- 设置自定义realms文件
此处的reamls类中需要设置 ByteSource.Util.bytes(“123”)->salt
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
public class AuthorizingRealmMd5Customer extends AuthorizingRealm{
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
Object principal = authenticationToken.getPrincipal();
if ("xiaoli".equals(principal)){
// 未加salt
// SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(principal,"202cb962ac59075b964b07152d234b70",this.getName());
// 加 salt
//SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(principal,"4297f44b13955235245b2497399d7a93", ByteSource.Util.bytes("123"),this.getName());
// 加 salt + 散列次数
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(principal,"8e1da37657ac12e4bc205eb6abcb60bb", ByteSource.Util.bytes("123"),this.getName());
return simpleAuthenticationInfo;
}
return null;
}
}
- 运行
登陆前:false
登陆后:true
