Shiro's many Realm certifications

Multi Realm authentication

Problem introduction
Implementation plan

First, MD5 and sha1 encryption are implemented respectively.

MD5
Sha1

Realize multi Realm authentication in the project

Implement Mapper interface
Implement the corresponding mapper.xml file
service processing
Add multi Realm configuration

Problem introduction

In the actual development, there is a scenario where the same password may be stored in MySQL or oracle. It is possible that MD5 encryption algorithm is used in MySQL and SHA1 encryption algorithm is used in Oracle. This requires multiple realms and authentication policies.

Implementation plan

First, MD5 and sha1 encryption are implemented respectively.

MD5

public class MD5Test {
	@Test
	public void test() {
		Md5Hash md5 = new Md5Hash("123456");
		md5 = new Md5Hash("123456","aaa",2);
		System.out.println(md5);
	}
}

Sha1

public class Sha1Test {
	@Test
	public void Test() {
		Sha1Hash hash = new Sha1Hash("123456", "aaa", 2);
		System.out.println(hash);
	}
}

Realize multi Realm authentication in the project

Implement Mapper interface

public interface UserMapper {
	
	public User queryUserByName(String username);
	
	public User queryUserBySha1(String username);
}

Implement the corresponding mapper.xml file

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.yjn.mapper.UserMapper">
	<select id="queryUserByName" resultType="com.yjn.bean.User">
		select * from user where username = #{param1}
	</select>
	<select id="queryUserBySha1" resultType="com.yjn.bean.User">
		select * from user where username = #{param1}
	</select>
</mapper>

service processing

public interface UserService {
	public User login(String username);
	public User loginSha1(String username);
}

public class UserServiceImpl implements UserService {

	private UserMapper userMapper;
	
	@Override
	public User login(String username) {
		return userMapper.queryUserByName(username);
	}

	@Override
	public User loginSha1(String username) {
		return userMapper.queryUserBySha1(username);
	}

}

Add multi Realm configuration

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd
		http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.3.xsd">

	<!-- Register custom Realm -->
	<bean class="com.yjn.realm.MyRealm" id="myRealm">
		<!-- Configure credential matcher -->
		<property name="credentialsMatcher">
			<!-- Define credential matcher -->
			<bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
				<!-- Configure hash algorithm -->
				<property name="hashAlgorithmName" value="MD5" />
				<!-- Configure hash count -->
				<property name="hashIterations" value="2" />
			</bean>
		</property>
	</bean>
	<!-- Register second Realm -->
	<bean class="com.yjn.realm.MyRealmSha1" id="myRealmSha1">
		<!-- Configure credential matcher -->
		<property name="credentialsMatcher">
			<!-- Define credential matcher -->
			<bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
				<!-- Configure hash algorithm -->
				<property name="hashAlgorithmName" value="SHA1"/>
				<!-- Configure hash count -->
				<property name="hashIterations" value="2" />
			</bean>
		</property>
	</bean>

	<!-- register SecurityManager -->
	<bean class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
		id="securityManager">
		<property name="authenticator">
			<bean class="org.apache.shiro.authc.pam.ModularRealmAuthenticator" >
				<property name="authenticationStrategy" >
					<!-- At least one Realm Authentication pass -->
					<bean class="org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy"/>
				</property>
			</bean>
		</property>
		<!-- Configure customization Realm -->
		<property name="realms"  >
			<list>
				<ref bean="myRealm"/>
				<ref bean="myRealmSha1"/>
			</list>
		</property>
	</bean>

	<!-- register ShiroFilterFactoryBean Be careful id Must and web.xml Registered in targetBeanName The value is consistent. -->
	<bean class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
		id="shiro">
		<!-- register SecurityManager -->
		<property name="securityManager" ref="securityManager" />
		<!-- Login address if the address requested by the user is login.do Then the address will be authenticated -->
		<property name="loginUrl" value="/login.do" />
		<!-- Login successful jump address -->
		<property name="successUrl" value="/success.jsp" />
		<!-- Address for accessing unauthorized page Jump -->
		<property name="unauthorizedUrl" value="/refuse.jsp" />
		<!-- Set filter chain -->
		<property name="filterChainDefinitions">
			<value>
				/login.do=authc
				/**=anon
			</value>
		</property>
	</bean>
</beans>

Posted by Noctule on Fri, 25 Oct 2019 10:24:54 -0700

Programmer Group