1. spring-context-shiro文件中配置Matcher
<bean id="jdbcRealm" class="com.pawn.shiro.realm.MyRealm"> <property name="credentialsMatcher" ref="credentialsMatcher"> </property> </bean> <bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher"> <property name="hashAlgorithmName" value="MD5"/> <property name="hashIterations" value="1"/> </bean>
2. 修改realm,将从db中获取的凭证修改为密文,并且返回规定的盐值
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { System.out.println("=========>MyRealm doGetAuthenticationInfo"); UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; String username = token.getUsername() ; if("unknown".equals(username)){ throw new UnknownAccountException("用户名不存在") ; } Object principal = username ; Object credentials= "a66abb5684c45962d887564f08346e8d" ; ByteSource credentialsSalt = ByteSource.Util.bytes(username); String realmName = getName() ; AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(principal,credentials,credentialsSalt,realmName) ; return authenticationInfo; }