wunmiji commented on issue #1101:
URL: https://github.com/apache/shiro/issues/1101#issuecomment-1747969220
Method 2
password = 123456
Hashpassword : 2R7mQYMu3OkORIEbRJY/AqvDqWvVAoFIhXMBa8dwh2o=
Salt = 25+ri82pdmDMrcUHpFOaCg==
EmployeeRealm
```
@Named("NamedEmployeeRealm")
@ApplicationScoped
public class EmployeeRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
authenticationToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken)
authenticationToken;
String username = token.getUsername();
char[] passwordChar = token.getPassword();
if (username == null) throw new AccountException("Null usernames!");
if (passwordChar == null) throw new AccountException("Null
passwords!");
String password = new String(passwordChar);
// Return the authentication info
return new EmployeeSaltedAuthenticationInfo(username ,
"2R7mQYMu3OkORIEbRJY/AqvDqWvVAoFIhXMBa8dwh2o=", "25+ri82pdmDMrcUHpFOaCg==",
getName());
}
}
```
EmployeeSaltedAuthenticationInfo
```
public class EmployeeSaltedAuthenticationInfo implements
SaltedAuthenticationInfo {
private final Object username;
private final String password;
private final String salt;
private final String name;
public EmployeeSaltedAuthenticationInfo(Object username, String
password, String salt, String name) {
this.username = username;
this.password = password;
this.salt = salt;
this.name = name;
}
@Override
public ByteSource getCredentialsSalt() {
return ByteSource.Util.bytes(salt);
}
@Override
public PrincipalCollection getPrincipals() {
return new SimplePrincipalCollection(username, name);
}
@Override
public Object getCredentials() {
return password;
}
}
```
shiro.ini
```
[main]
# Objects and their properties are defined here,
# Such as the securityManager, Realms and anything
# else needed to build the SecurityManager
credentialsMatcher =
org.apache.shiro.authc.credential.Sha256CredentialsMatcher
# base64 encoding, not hex in this example:
credentialsMatcher.storedCredentialsHexEncoded = false
credentialsMatcher.hashIterations = 1024
employeeRealm = NamedEmployeeRealm
employeeRealm.credentialsMatcher = $credentialsMatcher
securityManager.realms = $employeeRealm
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.sessionIdCookieEnabled = false
#
-----------------------------------------------------------------------------
# Users and their (optional) assigned roles
#
-----------------------------------------------------------------------------
[users]
#
-----------------------------------------------------------------------------
# Roles with assigned permissions
#
-----------------------------------------------------------------------------
[roles]
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
