問題描述
Spring boot 整合shiro以后不執(zhí)行自定義的login方法����,但是卻執(zhí)行了自定義的Relam方法
相關(guān)代碼
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-freemarker</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>com.sun.mail </groupId>
<artifactId>javax.mail </artifactId>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>
</dependencies>
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 如果不設(shè)置默認(rèn)會(huì)自動(dòng)尋找Web工程根目錄下的"/login.jsp"頁面
shiroFilterFactoryBean.setLoginUrl("/user/login");
// 登錄成功后要跳轉(zhuǎn)的鏈接
shiroFilterFactoryBean.setSuccessUrl("/index");
// 未授權(quán)界面;
shiroFilterFactoryBean.setUnauthorizedUrl("/user/unauthorized");
// 攔截器.
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
// 配置不會(huì)被攔截的鏈接 順序判斷
filterChainDefinitionMap.put("/res/**", "anon");
filterChainDefinitionMap.put("/user/register", "anon");
filterChainDefinitionMap.put("/user/retrieve", "anon");
filterChainDefinitionMap.put("/user/getIdentifyingCode", "anon");
filterChainDefinitionMap.put("/user/isExists", "anon");
// 配置退出 過濾器,其中的具體的退出代碼Shiro已經(jīng)替我們實(shí)現(xiàn)了
filterChainDefinitionMap.put("/user/logout", "logout");
// <!-- 過濾鏈定義�����,從上向下順序執(zhí)行����,一般將/**放在最為下邊 -->:這是一個(gè)坑呢���,一不小心代碼就不好使了;
// <!-- authc:所有url都必須認(rèn)證通過才可以訪問; anon:所有url都都可以匿名訪問-->
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
/**
* 憑證匹配器
*
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher() {
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
// 散列算法:這里使用MD5算法;
hashedCredentialsMatcher.setHashAlgorithmName("MD5");
// 散列的次數(shù),比如散列兩次�����,相當(dāng)于 md5(md5(""));
hashedCredentialsMatcher.setHashIterations(1024);
return hashedCredentialsMatcher;
}
/**
* 創(chuàng)建Realm對(duì)象
*
* @return
*/
@Bean
public MyShiroRealm myShiroRealm() {
MyShiroRealm myShiroRealm = new MyShiroRealm();
myShiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return myShiroRealm;
}
/**
* 注入自定義Realm
*
* @return
*/
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
return securityManager;
}
}
public ModelAndView doLogin(ModelAndView modelAndView, @RequestParam("username") String username,
@RequestParam("password") String password, Map<String, Object> map, HttpServletRequest request) {
String msg = "";
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject currentUser = SecurityUtils.getSubject();
try {
currentUser.login(token);
// 登陸成功查找用戶
UserEntity user = userService.findUserByName(username);
user.setPassword("");
user.setCredentialsSalt("");
HttpSession userSession = request.getSession(true);
userSession.setAttribute("user", user);
} catch (IncorrectCredentialsException ice) {
logger.info("對(duì)用戶【" + username + "】進(jìn)行登錄驗(yàn)證���,驗(yàn)證未通過,錯(cuò)誤的憑證�����!");
msg = "用戶名或密碼不正確���!";
} catch (UnknownAccountException uae) {
logger.info("對(duì)用戶【" + username + "】進(jìn)行登錄驗(yàn)證���,驗(yàn)證未通過,未知賬戶�!");
msg = "未知賬戶!";
} catch (LockedAccountException lae) {
logger.info("對(duì)用戶【" + username + "】進(jìn)行登錄驗(yàn)證����,驗(yàn)證未通過��,賬戶鎖定�����!");
msg = "賬戶已鎖定�����!";
} catch (ExcessiveAttemptsException eae) {
logger.info("對(duì)用戶【" + username + "】進(jìn)行登錄驗(yàn)證���,驗(yàn)證未通過,錯(cuò)誤次數(shù)太多���!");
msg = "用戶名或密碼錯(cuò)誤次數(shù)太多��!";
} catch (AuthenticationException ae) {
logger.info("對(duì)用戶【" + username + "】進(jìn)行登錄驗(yàn)證�,驗(yàn)證未通過��,堆棧軌跡如下:�!");
ae.printStackTrace();
msg = "用戶名或密碼不正確!";
}
map.put("msg", msg);
modelAndView.setViewName("login");
return modelAndView;
}
你期待的結(jié)果是什么���?實(shí)際看到的錯(cuò)誤信息又是什么�?
