1. There's a tricky problem today, where you write down blogs that remind yourself and help people who are going to be in trouble.
In the Shiro framework, you can login directly in your code with a username password.
First looked up on the internet, found this way:
Subject CurrentUser = Securityutils.getsubject ();
Usernamepasswordtoken token = new Usernamepasswordtoken (Username,password, false,request.getremoteaddr ());
Currentuser.login (token);
Because you have to judge the user role when you log in to your project. So, with Usernamepasswordusertypetoken.java, the code is as follows
Package Com.linkage.educloud.ucenter.login.shiro;
Import Org.apache.shiro.authc.HostAuthenticationToken;
Import Org.apache.shiro.authc.RememberMeAuthenticationToken; /** * Reference Org.apache.shiro.authcUsernamePasswordToken, added user type parameter * @author caihz * @see Org.apache.shiro.authcUsernamePas Swordtoken */public class Usernamepasswordusertypetoken implements Hostauthenticationtoken,
Remembermeauthenticationtoken {/** * user name */private String username;
/** * password, in char[] format */private char[] password;
/** * Remember Me * default value:<code>false</code> */private Boolean rememberme = false;
/** * Host name or IP/private String host;
/** * User Type * * Private String usertype; Public Usernamepasswordusertypetoken () {}/** * Construction method * @param username username * @param password password (c
har[] * @param rememberme Remember Me * @param host host or IP * @param usertype user Type * * Public Usernamepasswordusertypetoken (final String username, final char[] password, FINA
L Boolean rememberme, final string host, final string usertype) {this.username = username;
This.password = password;
This.rememberme = RememberMe;
This.host = host;
This.usertype = usertype;
/** * Construction method * @param username username * @param password password (String) * @param rememberme Remember Me * @param host or IP * @param usertype user type/public usernamepasswordusertypetoken (final String username, Final string password, final Boolean rememberme, final string host, final string usertype
{This (username, password!= null? Password.tochararray (): null, RememberMe, host, usertype);
Public String GetUserName () {return username;
} public void Setusername (String username) {this.username = username; } public ChAr[] GetPassword () {return password;
} public void SetPassword (char[] password) {this.password = password;
/** * Simply returns {@link #getUsername () GetUserName ()}.
* @return The {@link #getUsername () Username}. * @see Org.apache.shiro.authc.authenticationtoken#getprincipal () */public Object Getprincipal () {return
GetUserName ();
}/** * Returns the {@link #getPassword () password} char array.
* @return The {@link #getPassword () password} char array. * @see org.apache.shiro.authc.authenticationtoken#getcredentials () */public Object getcredentials () {RE
Turn GetPassword ();
Public String GetHost () {return host;
public void Sethost (String host) {this.host = host;
public Boolean isrememberme () {return rememberme;
} public void Setrememberme (Boolean rememberme) {this.rememberme = RememberMe; Public String Getusertype () {return usertype;
} public void Setusertype (String usertype) {this.usertype = usertype;
/** * Erase data * Password if not NULL, set to 0x00/public void Clear () {this.username = null;
This.host = null;
This.rememberme = false;
This.usertype = null; if (This.password!= null) {for (int i = 0; i < password.length; i++) {This.password[i] =
0x00
} This.password = null; }/** * Rewrite toString method */Public String toString () {StringBuilder sb = new StringBuilder (
);
Sb.append (GetClass (). GetName ());
Sb.append ("-");
Sb.append (username);
Sb.append (", usertype="). Append (usertype);
Sb.append (", rememberme="). Append (RememberMe);
if (host!= null) {Sb.append ("("). Append (Host). Append (")");
return sb.tostring ();
}
}
The above code is modified as follows:
Subject CurrentUser = Securityutils.getsubject ();
Usernamepasswordusertypetoken token = new Usernamepasswordusertypetoken (User.getphone (), User.getloginpass (), False, REQ.GETREMOTEADDR (), role);
Currentuser.login (token);
Here the code in the controller layer is almost there, and then you have to modify the configuration in Shiro and realm
The configuration is as follows:
The realm of <!--and education 2015-9-10-->
<bean id= "Shiroandedurealm" class= " Com.linkage.educloud.ucenter.learn.service.ShiroAndEduRealm ">
<!--property Name=" Accountservice "ref=" Accountservice "/-->
<!--The user password obtained is already encrypted, the verification of the time without encryption to verify the-->
<!--<property Name=" Credentialsmatcher "ref=" Credentialsmatcher "/>--> <property name=" Authenticationtokenclass "value="
Com.linkage.educloud.ucenter.login.shiro.UsernamePasswordUsertypeToken "/>
</bean>
<bean id= "Authenticator" class= " Com.linkage.educloud.ucenter.login.shiro.FirstSuccessfulModularRealmAuthenticator ">
<property name=" Authenticationstrategy "ref=" Firstsuccessfulstrategy "/>
<property name=" Realms ">
<list>
<ref bean= "Shirodbrealm"/> <ref bean= "Shiroxxtrealm"/> <ref "bean="
/ >
</list>
</property>
</bean>
The Com.linkage.educloud.ucenter.learn.service.ShiroAndEduRealm.java code is as follows:
Package com.linkage.educloud.ucenter.learn.service;
Import org.apache.shiro.authc.AccountException;
Import org.apache.shiro.authc.AuthenticationException;
Import Org.apache.shiro.authc.AuthenticationInfo;
Import Org.apache.shiro.authc.AuthenticationToken;
Import Org.apache.shiro.authc.SimpleAuthenticationInfo;
Import Org.apache.shiro.authz.AuthorizationInfo;
Import Org.apache.shiro.authz.SimpleAuthorizationInfo;
Import Org.apache.shiro.realm.AuthorizingRealm;
Import org.apache.shiro.subject.PrincipalCollection;
Import Org.slf4j.Logger;
Import Org.slf4j.LoggerFactory;
Import org.springframework.beans.factory.annotation.Autowired;
Import Com.linkage.educloud.api.ucenter.service.Uc2XXTIfaceService;
Import Com.linkage.educloud.base.util.StringUtil;
Import Com.linkage.educloud.domain.ucenter.login.UcenterLoginUser;
Import Com.linkage.educloud.ucenter.login.service.UcenterLoginService;
Import Com.linkage.educloud.ucenter.login.shiro.UsernamePasswordUsertypeToken; /** * School Communication Login Realm * @auThor Caihz * */public class Shiroandedurealm extends Authorizingrealm {final static Logger log = Loggerfactory.getlog
GER (Shiroandedurealm.class);
@Autowired private Ucenterloginservice Ucenterloginservice;
@Autowired private Uc2xxtifaceservice Xxtservice;
/** * Login Authentication callback function, call at login. * @param authctoken Login page parameters, username and password, etc. * * @Override protected AuthenticationInfo dogetauthenticationinfo (Authenticationtok En authctoken) throws authenticationexception {Usernamepasswordusertypetoken token = (Usernamepasswordusertypetoken) A
Uthctoken;
String username = token.getusername ();
if (username = = null) {throw new Accountexception ("Account cannot be empty");
///If the User Center does not have a user, request the campus Access login interface and query the user Center for the corresponding user String password = string.valueof (Token.getpassword ());
Password = stringutil.md5 (password);
Password = password.tolowercase ();
Ucenterloginuser user = Ucenterloginservice.finduserbyxxt (token.getusername (), Password, token.getusertype ()); if (user!= null) {return new SimpleauthenticatIoninfo (User, User.getloginpass (), GetName ());
}else {return null; }/** * Login authentication through the right query function, because the current User Center front page does not require permission to control, so did not write, later if you need to expand * * @see ORG.APACHE.SHIRO.AUTHZ.AUTHORIZATIONINF O/@Override protected authorizationinfo dogetauthorizationinfo (principalcollection principals) {Simpleauthoriza
Tioninfo info = new Simpleauthorizationinfo ();
return info;
}
}
This can finally solve the user directly through the token authentication login problem.
Example:
@RequestMapping ("/test") public
String test (HttpServletRequest request) {
Subject Subject = Securityutils.getsubject ();
Subject.login (New Usernamepasswordtoken (User.getphone (), User.getloginpass ()));
Usernamepasswordusertypetoken up = new Usernamepasswordusertypetoken ("13816005001", "123456aa1", false, NULL, "3"); C4/>usernamepasswordusertypetoken up = new Usernamepasswordusertypetoken ("20212414", " 4d45acd6c95faab86980ebbae7cad57c ", False, Request.getremoteaddr ()," 1 ");
Usernamepasswordusertypetoken up = new Usernamepasswordusertypetoken ("20212414", "blap7@3u", false, REQUEST.GETREMOTEADDR (), "1");
Subject.login (up);
SYSTEM.OUT.PRINTLN ("Parental login succeeded.") ");
return "Redirect:/ucenter/index/index";
}