这是我的realm方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
System.out.println(">>>>>>>>>>>>>>>????????");
System.out.println(authcToken);
System.out.println(authcToken.getPrincipal());
System.out.println("<<<<<<<<<<<<<<<!!!!!!!!");
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
System.out.println(token.getUsername());
User user = (User) userService.findUserBySchoolID(token.getUsername());
System.out.println("=======================");
if (user != null) {
return new SimpleAuthenticationInfo(new ShiroUser(user.getId(),
user.getSchoolID(), user.getRealName()),
user.getPassword(), getName());
} else {
return null;
}
}
执行结果:
>>>>>>>>>>>>>>>????????
org.apache.shiro.authc.UsernamePasswordToken - null, rememberMe=false (0:0:0:0:0:0:0:1)
null
<<<<<<<<<<<<<<<!!!!!!!!
null
Hibernate:
select
user0_.id as id0_,
user0_.grade as grade0_,
user0_.major as major0_,
user0_.password as password0_,
user0_.plainPassword as plainPas5_0_,
user0_.realName as realName0_,
user0_.registerDate as register7_0_,
user0_.schoolID as schoolID0_,
user0_.sex as sex0_,
user0_.status as status0_
from
ss_user user0_
where
user0_.schoolID is null
=======================配置:<bean id="shiroSecurityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- shiro的核心安全接口 -->
<property name="securityManager" ref="securityManager" />
<!-- 如果没有登录,用户请求要求登录的页面时要跳转的链接 -->
<property name="loginUrl" value="/login" />
<!-- 登陆成功后要跳转的连接 -->
<property name="successUrl" value="/" />
<!-- shiro连接约束配置 -->
<property name="filterChainDefinitions">
<value>
/login = authc
/logout = logout
/static/** = anon
</value>
</property>
</bean>访问路径:
http://localhost:8080/Ceit/loginshiroJava安全
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
System.out.println(">>>>>>>>>>>>>>>????????");
System.out.println(authcToken);
System.out.println(authcToken.getPrincipal());
System.out.println("<<<<<<<<<<<<<<<!!!!!!!!");
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
System.out.println(token.getUsername());
User user = (User) userService.findUserBySchoolID(token.getUsername());
System.out.println("=======================");
if (user != null) {
return new SimpleAuthenticationInfo(new ShiroUser(user.getId(),
user.getSchoolID(), user.getRealName()),
user.getPassword(), getName());
} else {
return null;
}
}
执行结果:
>>>>>>>>>>>>>>>????????
org.apache.shiro.authc.UsernamePasswordToken - null, rememberMe=false (0:0:0:0:0:0:0:1)
null
<<<<<<<<<<<<<<<!!!!!!!!
null
Hibernate:
select
user0_.id as id0_,
user0_.grade as grade0_,
user0_.major as major0_,
user0_.password as password0_,
user0_.plainPassword as plainPas5_0_,
user0_.realName as realName0_,
user0_.registerDate as register7_0_,
user0_.schoolID as schoolID0_,
user0_.sex as sex0_,
user0_.status as status0_
from
ss_user user0_
where
user0_.schoolID is null
=======================配置:<bean id="shiroSecurityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- shiro的核心安全接口 -->
<property name="securityManager" ref="securityManager" />
<!-- 如果没有登录,用户请求要求登录的页面时要跳转的链接 -->
<property name="loginUrl" value="/login" />
<!-- 登陆成功后要跳转的连接 -->
<property name="successUrl" value="/" />
<!-- shiro连接约束配置 -->
<property name="filterChainDefinitions">
<value>
/login = authc
/logout = logout
/static/** = anon
</value>
</property>
</bean>访问路径:
http://localhost:8080/Ceit/loginshiroJava安全
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货