                        課程
                    
                        /后端開發(fā)
                        
                            /Java
                        
                        /Shiro安全框架入門

求大神看一下

Exception in thread "main" org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - kaka, rememberMe=false]. ?Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException)

慕萊塢0295526

2018-12-03

源自：Shiro安全框架入門 3-4

關注問題我要回答

980

操作

收起

2 回答

慕工程5036080
2018-12-10

CustomRealm：

public?class?CustomRealm?extends?AuthorizingRealm?{

????Map<String,?String>?userMap?=?new?HashMap<>(16);

????{
????????userMap.put("Mark",?"283538989cef48f3d7d8a1c1bdf2008f");
????????super.setName("customRealmName");
????}

//????授權
????@Override
????protected?AuthorizationInfo?doGetAuthorizationInfo(PrincipalCollection?principals)?{

????????String?userName=?(String)?principals.getPrimaryPrincipal();

//????????從數(shù)據(jù)庫或者緩存中獲取數(shù)據(jù)
????????Set<String>?roles=getRolesByUserName(userName);
????????Set<String>?permission?=getPermissionByUserName(userName);
????????SimpleAuthorizationInfo?simpleAuthorizationInfo=new?SimpleAuthorizationInfo();
????????simpleAuthorizationInfo.setStringPermissions(permission);
????????simpleAuthorizationInfo.setRoles(roles);

????????return?simpleAuthorizationInfo;

????}

????//????認證
????@Override
????protected?AuthenticationInfo?doGetAuthenticationInfo(AuthenticationToken?token)?throws?AuthenticationException?{

????????//????????從主體傳過來的用戶信息中獲得用戶名
????????String?userName?=?(String)?token.getPrincipal();
//????????通過用戶名到數(shù)據(jù)庫中獲取憑證
????????String?password?=?getPasswordByUserName(userName);
????????if?(password?==?null)?{
????????????return?null;
????????}
????????SimpleAuthenticationInfo?authenticationInfo?=?new?SimpleAuthenticationInfo("Mark",password,"customRealmName");
????????authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("Mark"));
????????return?authenticationInfo;
????}

?????/*模擬數(shù)據(jù)庫查詢憑證*/

????private?String?getPasswordByUserName(String?userName)?{
????????return?userMap.get(userName);
????}

?????/*模擬數(shù)據(jù)庫獲取角色*/
????private?Set<String>?getRolesByUserName(String?userName)?{
?????????Set<String>?sets=new?HashSet<>();
?????????sets.add("admin");
?????????sets.add("user");
?????????return?sets;
????}

????/*模擬數(shù)據(jù)庫獲取權限*/
????private?Set<String>?getPermissionByUserName(String?userName)?{
????????Set<String>?sets=new?HashSet<>();
????????sets.add("user:delete");
????????sets.add("user:add");
????????return?sets;
????}

//????計算加密之后的密文
public?static?void?main(String[]?args){
????Md5Hash?md5Hash=new?Md5Hash("123456","Mark");//鹽應為隨機數(shù)，此處用“Mark”寫死
????System.out.println(md5Hash.toString());//通過控制臺打印獲得密文
}
}

0 回復有任何疑惑可以回復我~

收起回答

慕工程5036080
2018-12-10

我的代碼，你自己看看：

CustomRealm：

public?class?CustomRealmTest?{
????@Test
????public?void?testAuthentication()?{
????????CustomRealm?customRealm=new?CustomRealm();


//????構建securityManager對象
????????DefaultSecurityManager?defaultSecurityManager=new?DefaultSecurityManager();
????????defaultSecurityManager.setRealm(customRealm);

????????HashedCredentialsMatcher?hashedCredentialsMatcher=new?HashedCredentialsMatcher();
????????hashedCredentialsMatcher.setHashAlgorithmName("md5");
????????hashedCredentialsMatcher.setHashIterations(1);
?????????customRealm.setCredentialsMatcher(hashedCredentialsMatcher);
//????主體提交認證請求
????????SecurityUtils.setSecurityManager(defaultSecurityManager);
????????Subject?subject=?SecurityUtils.getSubject();
????????UsernamePasswordToken?token=new?UsernamePasswordToken("Mark","123456");
????????subject.login(token);
????????System.out.println("isAuthenticated:"+subject.isAuthenticated());
????????subject.checkRole("admin");
????????subject.checkPermissions("user:add","user:delete");
????}
}

CustomRealmTest：

public?class?CustomRealmTest?{
????@Test
????public?void?testAuthentication()?{
????????CustomRealm?customRealm=new?CustomRealm();


//????構建securityManager對象
????????DefaultSecurityManager?defaultSecurityManager=new?DefaultSecurityManager();
????????defaultSecurityManager.setRealm(customRealm);

????????HashedCredentialsMatcher?hashedCredentialsMatcher=new?HashedCredentialsMatcher();
????????hashedCredentialsMatcher.setHashAlgorithmName("md5");
????????hashedCredentialsMatcher.setHashIterations(1);
?????????customRealm.setCredentialsMatcher(hashedCredentialsMatcher);
//????主體提交認證請求
????????SecurityUtils.setSecurityManager(defaultSecurityManager);
????????Subject?subject=?SecurityUtils.getSubject();
????????UsernamePasswordToken?token=new?UsernamePasswordToken("Mark","123456");
????????subject.login(token);
????????System.out.println("isAuthenticated:"+subject.isAuthenticated());
????????subject.checkRole("admin");
????????subject.checkPermissions("user:add","user:delete");
????}
}