shiro summary 1

Others 2022-05-27 14:25:17 views: 0

1: Create securitymannager through ini configuration file;

2: Call the subject.login method to submit the authentication and submit the token

3: The securitymannager is authenticated, and the securitymannager is finally authenticated by the modularrealmauthenticator;

4: The modularrealmauthenticator calls inirealm (passes tolen to realm) to query user information in the ini configuration file

5: inirealm queries user information from shiro-first.ini according to the input token (usernamepasswordtoken), and queries user information (account, password) according to the account number

If user information is queried, return user information (account, password) to modularrealmauthenticator

If the query cannot be found, return null to the modularrealmauthenticator

6: modularrealmauthenticator receives the authentication information returned by inirealm

The returned authentication information is null, and the modularrealmauthenticator throws an exception unknownaccountexception

 

If the returned authentication information is not null (indicating that inireal has found the user), return the user password (existing in the ini file) to inirealm

 

Shiro certification process: (Master)
           1. The subject ( subject ) requests authentication and calls subject.login(token)
           2. SecurityManager ( Security Manager ) performs authentication
           3. SecurityManager authenticates through ModularRealmAuthenticator .
           4. ModularRealmAuthenticator passes the token to realm , and realm queries the user information (including identity and credentials) from the database according to the user information in the token .
    5. If realm fails to query the user and returns null to ModularRealmAuthenticator , ModularRealmAuthenticator throws an exception (user does not exist)
           6. If realm finds the user , it returns AuthenticationInfo ( authentication information ) to ModularRealmAuthenticator
           7. ModularRealmAuthenticator takes AuthenticationInfo ( authentication information ) to perform credential (password ) comparison. If it is consistent, the authentication is passed, if it does not throw an exception (credential error).


 

subject : the subject

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=327042960&siteId=291194637
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com