MyRealm.java
package cn.mldn.realm; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.realm.Realm; public class MyRealm implements Realm { @Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = (String)token.getPrincipal() ; // 取得用户名 String password = new String( (char [])token.getCredentials()) ; //取得密码 // 此时直接使用固定的用户名密码进行验证处理操作 if(!"admin".equals(username)) { throw new UnknownAccountException("用户不存在"); } if(!"hello".equals(password)) { throw new IncorrectCredentialsException("密码不正确"); } return new SimpleAuthenticationInfo(username, password, this.getName()); } @Override public String getName() { return "MyRealm"; // 名字随便给一个,只要能唯一标记即可 } @Override public boolean supports(AuthenticationToken token) { // 本次将在之前的程序基础之上继续使用UsernamePasswordToken完成信息的传递 return token instanceof UsernamePasswordToken; } }
shiro.ini
myRealm=cn.mldn.realm.MyRealm
# 整个Shiro的验证处理都是由SecurityManager接口负责的
securityManager.realms=$myRealm