wunmiji commented on issue #1101:
URL: https://github.com/apache/shiro/issues/1101#issuecomment-1747978059
Method 3
password = 123456
Hashpassword : 2R7mQYMu3OkORIEbRJY/AqvDqWvVAoFIhXMBa8dwh2o=
Salt = 25+ri82pdmDMrcUHpFOaCg==
EmployeeRealm
```
@Named("NamedEmployeeRealm")
@ApplicationScoped
public class EmployeeRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
authenticationToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken)
authenticationToken;
String username = token.getUsername();
char[] passwordChar = token.getPassword();
if (username == null) throw new AccountException("Null usernames!");
if (passwordChar == null) throw new AccountException("Null
passwords!");
String password = new String(passwordChar);
// Return the authentication info
return new SimpleAuthenticationInfo(secret,
"2R7mQYMu3OkORIEbRJY/AqvDqWvVAoFIhXMBa8dwh2o=", getName());
}
}
```
EmployeeCredentialsMatcher
```
@Named("NamedEmployeeCredentialsMatcher")
public class EmployeeCredentialsMatcher implements CredentialsMatcher {
@Override
public boolean doCredentialsMatch(AuthenticationToken
authenticationToken, AuthenticationInfo authenticationInfo) {
UsernamePasswordToken token = (UsernamePasswordToken)
authenticationToken;
char[] passwordChar = token.getPassword();
String password = new String(passwordChar);
var credentials = authenticationInfo.getCredentials().toString();
String base64 = new Sha256Hash(password, "25+ri82pdmDMrcUHpFOaCg==",
1024).toBase64();
return Objects.equals(credentials, base64);
}
}
```
shiro,ini
```
[main]
# Objects and their properties are defined here,
# Such as the securityManager, Realms and anything
# else needed to build the SecurityManager
employeeRealm = NamedEmployeeRealm
employeeCredentialsMatcher = NamedEmployeeCredentialsMatcher
employeeRealm.credentialsMatcher = $employeeCredentialsMatcher
securityManager.realms = $employeeRealm
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.sessionIdCookieEnabled = false
#
-----------------------------------------------------------------------------
# Users and their (optional) assigned roles
#
-----------------------------------------------------------------------------
[users]
#
-----------------------------------------------------------------------------
# Roles with assigned permissions
#
-----------------------------------------------------------------------------
[roles]
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
