All operations are in the shiro framework
Convert our object to an object in the shiro framework
UsernamePasswordToken token = new UsernamePasswordToken(user.getUserName(), user.getPassword()); Subject currentUser = SecurityUtils.getSubject();
currentUser.login(token);
login will go into class UserRealm extends AuthorizingRealm
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {方法
AuthenticationToken is the parent class of UsernamePasswordToken
2. Find the user in the database and generate the object in shiro new SimpleAuthenticationInfo(user, user.getPassword(), this.getClass().getName());//Put it in shiro. Call
3. Enter the configuration, set the custom class CredentialsMatcher extends SimpleCredentialsMatcher{
doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {中
AuthenticationInfo is the superclass of SimpleAuthenticationInfo.
, in the method to compare whether the passwords in the two objects are equal.
//Enter username and password
UsernamePasswordToken utoken=(UsernamePasswordToken) token;
String inPassword = new String(utoken.getPassword());
SimpleHash sh2 = new SimpleHash("md5", inPassword, "Shiro", 3);
System.out.println(sh2); //Encrypt it.
//The password in the database is the encrypted password
String dbPassword=(String) info.getCredentials();
return this.equals(sh2.toString(),dbPassword);
4. If it matches, log in, if not, jump to the error method set in the configuration.