接上一篇博客 > Springboot整合Shiro:实现RememberMe
(1)ShiroConfig.java配置中增加
/**
* 注入自定义的Ream
* @return
*/
@Bean
public CustomRealm customRealm(){
CustomRealm customRealm = new CustomRealm();
//注入密码加密
customRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return customRealm;
}
/**
* 密码加密算法设置
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");
//散列的次数
hashedCredentialsMatcher.setHashIterations(2);
return hashedCredentialsMatcher;
}
(2)Realm注入到SecurityManager中
@Bean
public SecurityManager securityManager(){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//将自定义的realm交给SecurityManager管理
securityManager.setRealm(customRealm());
// 自定义缓存实现 使用redis
securityManager.setCacheManager(cacheManager());
// 自定义session管理 使用redis
securityManager.setSessionManager(SessionManager());
// 使用记住我
securityManager.setRememberMeManager(rememberMeManager());
return securityManager;
}
(3)修改CustomRealm中的doGetAuthenticationInfo方法
//3.通过SimpleAuthenticationInfo做身份处理
SimpleAuthenticationInfo simpleAuthenticationInfo =
new SimpleAuthenticationInfo(user,user.getPassword(), ByteSource.Util.bytes(user.getSalt()),getName());
(4)生成用户实体时,密码以密文存储
/**
* 模拟数据库数据
* @return
*/
private List<User> getUsers(){
/**
* 模拟创建用户1
*/
List<User> users = new ArrayList<>(2);
String username1 = "张小黑的猫";
String salt1 = Long.toString(System.currentTimeMillis());
String password1 = PasswordGenerateUtil.getPassword(username1,"123qwe",salt1,2);
List<String> cat = new ArrayList<>(2);
cat.add("sing");
cat.add("rap");
users.add(new User(username1,password1,salt1,true,"cat",cat));
/***
* 模拟创建用户2
*/
String username2 = "张小黑的狗";
String salt2 = Long.toString(System.currentTimeMillis());
String password2 = PasswordGenerateUtil.getPassword(username2,"123qwe",salt2,2);
List<String> dog = new ArrayList<>(2);
dog.add("jump");
dog.add("basketball");
users.add(new User(username2,password2,salt2,true,"dog",dog));
System.out.println(users);
return users;
}
附:User.java
public class User implements Serializable {
private String username;
private String password;
private String salt;
private Boolean available;
private String role;
private List<String> permissions;
public User(String username, String password, String salt, Boolean available, String role, List<String> permissions) {
this.username = username;
this.password = password;
this.salt = salt;
this.available = available;
this.role = role;
this.permissions = permissions;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
/**
* 获取MD5盐 这里用username+salt实现
* @return
*/
public String getSalt() {
return username+salt;
}
public void setSalt(String salt) {
this.salt = salt;
}
public Boolean getAvailable() {
return available;
}
public void setAvailable(Boolean available) {
this.available = available;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
public List<String> getPermissions() {
return permissions;
}
public void setPermissions(List<String> permissions) {
this.permissions = permissions;
}
@Override
public String toString() {
return "User{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
", salt='" + salt + '\'' +
", available=" + available +
", role='" + role + '\'' +
", permissions=" + permissions +
'}';
}
}
PasswordGenerateUtil
public class PasswordGenerateUtil {
public static String getPassword(String username,String password,String salt,int hashTimes){
Md5Hash md5Hash = new Md5Hash(password,username+salt,hashTimes);
return md5Hash.toString();
}
}
OK!完成~~~
共同学习,欢迎指正修改~ 喵喵喵❤
下一篇文章:Springboot整合Shiro: 整合Kaptcha验证码
