shiro的加密

 

接本文章中自定義realm測試代碼：

https://blog.csdn.net/qq_43560721/article/details/105411830

1.在測試類CustomRealmTest中主體提交認證請求前加入以下代碼

//shiro加密
        //創建HashedCredentialsMatcher
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");//設置加密算法名稱
        matcher.setHashIterations(1);//設置加密次數
        customRealm.setCredentialsMatcher(matcher);//自定義customRealm加密算法中放入我們matcher對象

2.在自定義的CustomRealm自定義的userMap裏邊密碼改爲MD5

加密的密碼

可以寫一main方法計算

3.接下來我們驗證一下，驗證成功

4.爲了我們的密碼更完美，我們得加點調料，加鹽

main方法計算一下

把自定義的CustomRealm自定義的userMap裏邊密碼改爲MD5加鹽加密後的string

在認證過程中加加鹽

5.接下來我們驗證一下，驗證成功

如果設置鹽是錯誤的xxs1，將會驗證錯誤，憑證錯誤

 

附整體代碼：

1.自定義realm

package cn.imooc.shiro.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * @Author xxs
 * @Date 2020/4/8 10:33
 */
public class CustomRealm  extends AuthorizingRealm {

    Map<String,String> userMap = new HashMap<String, String>(16);
    {
        //123   202cb962ac59075b964b07152d234b70  加鹽後的787ea83776f422929ec91b73168c0e67
        userMap.put("xxs","787ea83776f422929ec91b73168c0e67");
        super.setName("customRealm");
    }
    //做授權
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 1.從主體傳過來的認證信息中，獲得用戶名
        String userName = (String) principalCollection.getPrimaryPrincipal();
        //2.通過用戶名到數據庫或者緩存中獲取角色數據
        Set<String> roles = getRolesByUserName(userName);
        //3.通過用戶名到數據庫或者緩存中獲取權限數據
        Set<String> permissions = getPermissionsByUserName(userName);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setStringPermissions(permissions);
        simpleAuthorizationInfo.setRoles(roles);
        return simpleAuthorizationInfo;
    }

    /**
     *模擬數據庫或緩存中查詢角色的權限
     * @param userName
     * @return
     */
    private Set<String> getPermissionsByUserName(String userName) {
        Set<String> sets = new HashSet<String>();
        sets.add("user:delete");
        sets.add("user:add");
        return sets;
    }

    /**
     *模擬數據庫或緩存中查詢角色
     * @param userName
     * @return
     */
    private Set<String> getRolesByUserName(String userName) {
        Set<String> sets = new HashSet<String>();
        sets.add("admin");
        sets.add("user");
        return sets;
    }

    //做認證
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
            throws AuthenticationException {
        // 1.從主體傳過來的認證信息中，獲得用戶名
        String userName = (String) authenticationToken.getPrincipal();
        //2.通過用戶名到數據庫中獲取憑證
        String password = getPasswordByUserName(userName);
        if(password==null){
            return null;
        }
        //創建返回對象
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo
                ("xxs", password, "customRealm");//用戶名，密碼，realm名稱
        authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("xxs"));//把我們的鹽設置進去
        return authenticationInfo;
    }

    /**
     * 模擬數據庫或緩存中查詢憑證
     * @param userName
     * @return
     */
    private String getPasswordByUserName(String userName) {
        return userMap.get(userName);
    }

    public static  void  main(String[] args){
        //md5加密
//      Md5Hash md5Hash = new Md5Hash("123");
        //加鹽
        Md5Hash md5Hash = new Md5Hash("123","xxs");
        System.out.println(md5Hash.toString());//202cb962ac59075b964b07152d234b70
    }
}

2.測試類

package cn.xxs.test;

import cn.imooc.shiro.realm.CustomRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

/**
 * @Author xxs
 * @Date 2020/4/8 10:49
 */
public class CustomRealmTest {
    @Test
    public void  testAuthentication(){
        CustomRealm customRealm = new CustomRealm();
        //1.構建SecurityManager環境,SecurityManager提供安全服務
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        defaultSecurityManager.setRealm(customRealm);

        //shiro加密
        //創建HashedCredentialsMatcher
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");//設置加密算法名稱
        matcher.setHashIterations(1);//設置加密次數
        customRealm.setCredentialsMatcher(matcher);//自定義customRealm加密算法中放入我們matcher對象

        //2.主題提交認證請求
        SecurityUtils.setSecurityManager(defaultSecurityManager);//設置SecurityManager環境
        Subject subject = SecurityUtils.getSubject();//獲得主體
        UsernamePasswordToken token = new UsernamePasswordToken("xxs","123");//認證數據
        subject.login(token);//提交認證
        System.out.println("isAuthenticated:"+subject.isAuthenticated());//看是否認證 true/false
//        subject.checkRole("admin");//檢查角色
//        subject.checkPermission("user:add");//檢查權限

    }
}