gpt4 book ai didi

java - Shiro 匹配凭证匹配器和用户密码创建不匹配

转载 作者:行者123 更新时间:2023-12-01 09:08:30 25 4
gpt4 key购买 nike

我使用 shiro 作为我的 java 1.8 应用程序的身份验证。我的用户创建将使用 sha256 和 salt。

Shiro 仅当密码在输入的数据库中准确无误时才会匹配。例如,如果数据库密码是明文并且是“密码”,并且我输入“密码”,它将起作用。

如果我在密码在数据库中加密时输入“密码”,则它不匹配并且会失败。

如何让 shiro 根据输入的内容创建 sha256 和加盐密码,以便密码匹配?

我的用户创建代码

EntityManagerFactory factory = 
Persistence.createEntityManagerFactory("e");

EntityManager em = factory.createEntityManager();
em.getTransaction().begin();

com.e.dto.User user = new com.e.dto.User();

DefaultPasswordService a = new DefaultPasswordService();
password = a.encryptPassword(password);

user.setUsername(username);
user.setPassword(password);

em.persist(user);

em.getTransaction().commit();

shiro.ini

jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.authenticationQuery = SELECT password from user where username = ?
jdbcRealm.userRolesQuery = select role from userroles where userID = (select id FROM user WHERE username = ?)

ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
ds.serverName = localhost
ds.user = root
ds.password = password
ds.databaseName = myDatabase
jdbcRealm.dataSource= $ds

credentialsMatcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
credentialsMatcher.hashAlgorithmName = SHA-256
credentialsMatcher.storedCredentialsHexEncoded = true
credentialsMatcher.hashIterations = 10000
credentialsMatcher.hashSalted = true

新用户密码

$shiro1$SHA-256$500000$xRvz5dByhvAtFG7VHlCjHA==$xxakvEZdBF6cI+UmyR1OY098tAlscOKhpwQuT7THijw=

最佳答案

要使密码与 DefaultPasswordService 对象匹配,必须在 ini 中创建该对象,然后将其设置为 org.apache.shiro.authc.credential.PasswordMatcher passwordService

https://shiro.apache.org/static/1.3.1/apidocs/org/apache/shiro/authc/credential/PasswordService.html

passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
# configure the passwordService to use the settings you desire

passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordMatcher.passwordService = $passwordService

关于java - Shiro 匹配凭证匹配器和用户密码创建不匹配,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41070550/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com