zoukankan      html  css  js  c++  java

  • shiro加密md5+salt+hash

    认证为了保证密码的相对安全需要对密码进行加密处理了,加密的方式有很多最常使用MD5加密,加盐

    MD5特点:不可逆

    public static void main(String[] args) {
        //md5+salt+hash
        Md5Hash md5Hash = new Md5Hash("123","salt",1024);
        System.out.println(md5Hash);

        //实例化securityManager
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //实例化Realm
        ShiroMD5Realm shiroRealm = new ShiroMD5Realm();
        //实例化HashedCredentialsMatcher,指定密码加密算法
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        //指定加密算法
        credentialsMatcher.setHashAlgorithmName("md5");
        //hash散列次数
        credentialsMatcher.setHashIterations(1024);

        shiroRealm.setCredentialsMatcher(credentialsMatcher);
        //  配置 SecurityManager,并注入 shiroRealm
        securityManager.setRealm(shiroRealm);

        //指定SecurityUtils中securityManager
        SecurityUtils.setSecurityManager(securityManager);
        //获取subject对象
        Subject subject = SecurityUtils.getSubject();
        //根据用户名和密码生成token令牌
        UsernamePasswordToken token = new UsernamePasswordToken("admin","123");
        try {
            //登录
            subject.login(token);
            System.out.println("登录成功");
        } catch (AuthenticationException e) {
            e.printStackTrace();
        }
    }

    认证

    加盐在注册用户时,需要随机生成盐,并将盐保存在磁盘上,为认证指定对应的盐。

    public class ShiroMD5Realm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String principal = (String) token.getPrincipal();

        if("admin".equals(principal)){
            return new SimpleAuthenticationInfo("","9c074aff230a802bf52901cddd5c81da", ByteSource.Util.bytes("salt"),this.getName());
        }
        return null;
    }
}

    随机盐

    public class SaltUtil {

    /**
     * 生成salt
     *
     * @return
     */
    public static String getSalt(int n) {
        char[] chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789~!@#$%^&*()_+".toCharArray();

        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < n; i++) {
            char aChar = chars[new Random().nextInt(chars.length)];
            sb.append(aChar);
        }
        return sb.toString();
    }
}
  • 相关阅读:
    浅谈FastJson的TypeReference用法
    勾选表中的行数据,点击添加,添加到另一个表中(二)
    获取表单内的所有元素的值 表单格式化插件jquery.serializeJSON
    基于BootStrap的Collapse折叠(包含回显展开折叠的对应状态)
    删除按钮和单条删除合并
    前台校验是否为空
    浅谈js的join()方法
    select前台转义后台取到的值为对应的文本 select同时接受list和map
    SpringBoot图片上传(二)
    给div拼接html 拼接字符串
  • 原文地址:https://www.cnblogs.com/WarBlog/p/15180219.html
Copyright © 2011-2022 走看看