Shiro CredentialsMatcher provides an interface for password encryption and password verification services, but it is CredentialsMatcher HashedCredentialsMatcher an implementation class. Writing project, it will use asymmetric encryption is always the user's password, the current mainstream of asymmetric encryption is SHA, salt and processed on the SHA, and HashedCredentialsMatcher also allows us to specify their own algorithms and salt.
ShiroConfig profile:
@Bean public HashedCredentialsMatcher hashedCredentialsMatcher() { HashedCredentialsMatcher HashedCredentialsMatcher = new new HashedCredentialsMatcher (); // encryption hashedCredentialsMatcher.setHashAlgorithmName ( "the SHA-512" ); // encrypted number hashedCredentialsMatcher.setHashIterations (2 ); // password stored hash for a hexadecimal // hashedCredentialsMatcher .isStoredCredentialsHexEncoded (); return hashedCredentialsMatcher; }
ShiroRealm:
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { System.out.println ( "================= perform authentication logic ===================" ); / / write logic Shiro's judgment, determines that the user name and password // query from the database to the user name and password // get controller pass over the token UsernamePasswordToken tokens = (UsernamePasswordToken) token; User user = userService.selectByUsername(tokens.getUsername()); IF (User == null ) { the throw new new UnknownAccountException (); // not found Account } IF (user.getIsValid () == 0 ) { the throw new new LockedAccountException (); // invalid account } // this is automatically checked by the configuration HashedCredentialsMatcher return new new SimpleAuthenticationInfo (User, user.getPassword (), ByteSource.Util.bytes (user.getSalt ()), getName ()); // parameters are:
ShiroUtils generating asymmetric cryptography:
import org.apache.commons.lang3.RandomStringUtils; import org.apache.shiro.crypto.hash.SimpleHash; public class ShiroUtils { /** * PWD_SALT_LENGTH: encryption password length salt value */ public static final int PWD_SALT_LENGTH = 6; /** * PWD_ALGORITHM_NAME: password encryption algorithm */ public static final String PWD_ALGORITHM_NAME = "SHA-512"; /** * PWD_ALGORITHM_NAME: the number of password encryption */ public static final int PWD_HASH_ITERATIONS = 2; /** * Generate a password <br/> * * @param pwd * @param salt * @return */ public static String generatePwdEncrypt(String pwd, String salt) { SimpleHash hash = new SimpleHash(PWD_ALGORITHM_NAME, pwd, salt, PWD_HASH_ITERATIONS); return hash.toString(); } /** * Generate salt value <br/> * * @return */ public static String generateSalt() { return RandomStringUtils.randomAlphabetic(PWD_SALT_LENGTH); } public static void main(String[] args) { String generateSalt = generateSalt(); String generatePwdEncrypt = generatePwdEncrypt("123456", generateSalt); System.out.println(generateSalt); System.out.println(generatePwdEncrypt); } }