Springboot整合Shiro:MD5加密方式

接上一篇博客 > Springboot整合Shiro:实现RememberMe
(1)ShiroConfig.java配置中增加

 /**
     * 注入自定义的Ream
     * @return
     */
    @Bean
    public CustomRealm customRealm(){
        CustomRealm customRealm = new CustomRealm();
        //注入密码加密
        customRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return customRealm;
    }

    /**
     * 密码加密算法设置
     * @return
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //散列的次数
        hashedCredentialsMatcher.setHashIterations(2);
        return hashedCredentialsMatcher;
    }

(2)Realm注入到SecurityManager

 @Bean
    public SecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //将自定义的realm交给SecurityManager管理
        securityManager.setRealm(customRealm());
        // 自定义缓存实现 使用redis
        securityManager.setCacheManager(cacheManager());
        // 自定义session管理 使用redis
        securityManager.setSessionManager(SessionManager());
        // 使用记住我
        securityManager.setRememberMeManager(rememberMeManager());
        return securityManager;
    }

(3)修改CustomRealm中的doGetAuthenticationInfo方法

  //3.通过SimpleAuthenticationInfo做身份处理
        SimpleAuthenticationInfo simpleAuthenticationInfo =
                new SimpleAuthenticationInfo(user,user.getPassword(), ByteSource.Util.bytes(user.getSalt()),getName());

(4)生成用户实体时,密码以密文存储

/**
     * 模拟数据库数据
     * @return
     */
    private List getUsers(){
        /**
         * 模拟创建用户1
         */
        List users = new ArrayList<>(2);
        String username1 = "张小黑的猫";
        String salt1 = Long.toString(System.currentTimeMillis());
        String password1 = PasswordGenerateUtil.getPassword(username1,"123qwe",salt1,2);
        List cat = new ArrayList<>(2);
        cat.add("sing");
        cat.add("rap");
        users.add(new User(username1,password1,salt1,true,"cat",cat));

        /***
         * 模拟创建用户2
         */
        String username2 = "张小黑的狗";
        String salt2 = Long.toString(System.currentTimeMillis());
        String password2 = PasswordGenerateUtil.getPassword(username2,"123qwe",salt2,2);
        List dog = new ArrayList<>(2);
        dog.add("jump");
        dog.add("basketball");
        users.add(new User(username2,password2,salt2,true,"dog",dog));

        System.out.println(users);
        return users;
    }

附:User.java

public class User implements Serializable {
    private String username;
    private String password;
    private String salt;
    private Boolean available;
    private String role;
    private List permissions;

    public User(String username, String password, String salt, Boolean available, String role, List permissions) {
        this.username = username;
        this.password = password;
        this.salt = salt;
        this.available = available;
        this.role = role;
        this.permissions = permissions;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    /**
     * 获取MD5盐  这里用username+salt实现
     * @return
     */
    public String getSalt() {
        return username+salt;
    }

    public void setSalt(String salt) {
        this.salt = salt;
    }

    public Boolean getAvailable() {
        return available;
    }

    public void setAvailable(Boolean available) {
        this.available = available;
    }

    public String getRole() {
        return role;
    }

    public void setRole(String role) {
        this.role = role;
    }

    public List getPermissions() {
        return permissions;
    }

    public void setPermissions(List permissions) {
        this.permissions = permissions;
    }

    @Override
    public String toString() {
        return "User{" +
                "username='" + username + '\'' +
                ", password='" + password + '\'' +
                ", salt='" + salt + '\'' +
                ", available=" + available +
                ", role='" + role + '\'' +
                ", permissions=" + permissions +
                '}';
    }
}

PasswordGenerateUtil

public class PasswordGenerateUtil {

    public static String getPassword(String username,String password,String salt,int hashTimes){
        Md5Hash md5Hash = new Md5Hash(password,username+salt,hashTimes);
        return md5Hash.toString();
    }
}

OK!完成~~~
共同学习,欢迎指正修改~ 喵喵喵❤
下一篇文章:Springboot整合Shiro: 整合Kaptcha验证码

你可能感兴趣的:(Springboot整合Shiro:MD5加密方式)