image.pngimage.png

    • 错误解释: 由于shiro中提供的simpleByteSource实现没有实现序列化,所有在认证时出现错误信息
    • 解决方案: 需要自动salt实现序列化


    • 实现 实体类 序列化
    • 自定义salt实现 实现序列化接口 ```java package com.cedric.springboot_jsp_shiro.shiro.salt;

    import org.apache.shiro.codec.Base64; import org.apache.shiro.codec.CodecSupport; import org.apache.shiro.codec.Hex; import org.apache.shiro.util.ByteSource;

    import java.io.File; import java.io.InputStream; import java.io.Serializable; import java.util.Arrays;

    //自定义salt的实现 实现序列化接口 public class MyByteSource implements ByteSource,Serializable {

    1. private  byte[] bytes;
    2. private String cachedHex;
    3. private String cachedBase64;
    5. public MyByteSource(){
    7. }
    9. public MyByteSource(byte[] bytes) {
    10.     this.bytes = bytes;
    11. }
    13. public MyByteSource(char[] chars) {
    14.     this.bytes = CodecSupport.toBytes(chars);
    15. }
    17. public MyByteSource(String string) {
    18.     this.bytes = CodecSupport.toBytes(string);
    19. }
    21. public MyByteSource(ByteSource source) {
    22.     this.bytes = source.getBytes();
    23. }
    25. public MyByteSource(File file) {
    26.     this.bytes = (new MyByteSource.BytesHelper()).getBytes(file);
    27. }
    29. public MyByteSource(InputStream stream) {
    30.     this.bytes = (new MyByteSource.BytesHelper()).getBytes(stream);
    31. }
    33. public static boolean isCompatible(Object o) {
    34.     return o instanceof byte[] || o instanceof char[] || o instanceof String || o instanceof ByteSource || o instanceof File || o instanceof InputStream;
    35. }
    37. public byte[] getBytes() {
    38.     return this.bytes;
    39. }
    41. public boolean isEmpty() {
    42.     return this.bytes == null || this.bytes.length == 0;
    43. }
    45. public String toHex() {
    46.     if (this.cachedHex == null) {
    47.         this.cachedHex = Hex.encodeToString(this.getBytes());
    48.     }
    50.     return this.cachedHex;
    51. }
    53. public String toBase64() {
    54.     if (this.cachedBase64 == null) {
    55.         this.cachedBase64 = Base64.encodeToString(this.getBytes());
    56.     }
    58.     return this.cachedBase64;
    59. }
    61. public String toString() {
    62.     return this.toBase64();
    63. }
    65. public int hashCode() {
    66.     return this.bytes != null && this.bytes.length != 0 ? Arrays.hashCode(this.bytes) : 0;
    67. }
    69. public boolean equals(Object o) {
    70.     if (o == this) {
    71.         return true;
    72.     } else if (o instanceof ByteSource) {
    73.         ByteSource bs = (ByteSource)o;
    74.         return Arrays.equals(this.getBytes(), bs.getBytes());
    75.     } else {
    76.         return false;
    77.     }
    78. }
    80. private static final class BytesHelper extends CodecSupport {
    81.     private BytesHelper() {
    82.     }
    84.     public byte[] getBytes(File file) {
    85.         return this.toBytes(file);
    86.     }
    88.     public byte[] getBytes(InputStream stream) {
    89.         return this.toBytes(stream);
    90.     }
    91. }

    }

    
```java
  @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        //根据身份信息
        String principal = (String) authenticationToken.getPrincipal();
        //在工厂中获取service对象
        UserService userService = (UserService) ApplicationContextUtils.getBean("userService");
        User user = userService.findByUserName(principal);

        if(!ObjectUtils.isEmpty(user)){

            return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(),
                       new MyByteSource(user.getSalt()), this.getName());
        }
        return null;
    }

    image.png