SpringBoot Shiro 配置自定義密碼加密器
自定義認證加密方式
<code>/**
* 自定義認證加密方式
*/
public static class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
@Override
public boolean doCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo info) {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
//加密類型,密碼,鹽值,迭代次數
Object tokenCredentials = new SimpleHash("md5", password, username, 2).toHex();
//數據庫存儲密碼
Object accountCredentials = getCredentials(info);
//將密碼加密與系統加密後的密碼校驗,內容一致就返回true,不一致就返回false
return equals(tokenCredentials, accountCredentials);
}
}/<code>
第一種方式:配置Bean
<code>/**
* Shiro自帶密碼管理器
*
* @return HashedCredentialsMatcher
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher() {
//Shiro自帶加密
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
//散列算法使用md5
credentialsMatcher.setHashAlgorithmName("md5");
//散列次數,2表示md5加密兩次
credentialsMatcher.setHashIterations(2);
credentialsMatcher.setStoredCredentialsHexEncoded(true);
return credentialsMatcher;
}
/**
* 將自己的身份驗證器驗證方式加入容器
*
* @return CustomRealm
*/
@Bean
public CustomRealm shiroRealm() {
CustomRealm shiroRealm = new CustomRealm();
//shiroRealm.setCacheManager(cacheManager());
//加入密碼管理
//shiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());//Shiro自帶密碼管理器
shiroRealm.setCredentialsMatcher(new CustomCredentialsMatcher());//自定義密碼管理器
return shiroRealm;
}/<code>
第二種方式:實現AuthorizingRealm類setCredentialsMatcher方法
<code>public class CustomRealm extends AuthorizingRealm {
...
...
...
/**
* 設置自定義認證加密方式
*
* @param credentialsMatcher 默認加密方式
*/
@Override
public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
//自定義認證加密方式
CustomCredentialsMatcher customCredentialsMatcher = new CustomCredentialsMatcher();
// 設置自定義認證加密方式
super.setCredentialsMatcher(customCredentialsMatcher);
}
}/<code>
趙小胖個人博客
閱讀更多 趙小胖0914 的文章