Fatal编程技术网
  • java/
  • Java ApacheShiro的身份验证问题

Java ApacheShiro的身份验证问题

java apache authentication

Java ApacheShiro的身份验证问题,java,apache,authentication,shiro,Java,Apache,Authentication,Shiro,我是ApacheShiro的初学者。我一直在关注文档和许多其他教程、博客等,但我就是无法让认证工作。当我尝试使用有效的用户名和密码登录时,总会抛出一个InvalidCredentialsException。我使用DynamoDB作为存储用户凭据的自定义域,但我真的认为这并不重要。显然,我存储和/或进行凭证匹配的方式不正确。以下是我的设置: Shiro.ini: [main] myRealm = com.enki.closing.users.DynamoDBRealm credentialsMa

我是ApacheShiro的初学者。我一直在关注文档和许多其他教程、博客等,但我就是无法让认证工作。当我尝试使用有效的用户名和密码登录时,总会抛出一个
InvalidCredentialsException
。我使用DynamoDB作为存储用户凭据的自定义域,但我真的认为这并不重要。显然,我存储和/或进行凭证匹配的方式不正确。以下是我的设置:

Shiro.ini:

[main]
myRealm = com.enki.closing.users.DynamoDBRealm

credentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
credentialsMatcher.storedCredentialsHexEncoded = false
credentialsMatcher.hashIterations = 1024

myRealm.credentialsMatcher = $credentialsMatcher

String password = ...
ByteSource passwordSalt = new SecureRandomNumberGenerator().nextBytes();
String hashedPasswordBase64 = new Sha256Hash(password, passwordSalt, 1024).toBase64();

// store the hashedPassword and salt in DynamoDB...
// I've tried storing the salt with and without base64 encoding.
创建用户帐户:

[main]
myRealm = com.enki.closing.users.DynamoDBRealm

credentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
credentialsMatcher.storedCredentialsHexEncoded = false
credentialsMatcher.hashIterations = 1024

myRealm.credentialsMatcher = $credentialsMatcher

String password = ...
ByteSource passwordSalt = new SecureRandomNumberGenerator().nextBytes();
String hashedPasswordBase64 = new Sha256Hash(password, passwordSalt, 1024).toBase64();

// store the hashedPassword and salt in DynamoDB...
// I've tried storing the salt with and without base64 encoding.
密码和salt在DynamoDB中存储得很好,值看起来很正常。以下是用于身份验证的自定义域

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    UsernamePasswordToken userPass = (UsernamePasswordToken) token;
    String username = userPass.getUsername();
    ...
    // pull the matching password and salt out of DynamoDB, no problems...
    ByteSource passwordSalt = ByteSource.Util.bytes( storedPasswordSalt );
    return new SimpleAuthenticationInfo(username, passwordHash, passwordSalt, getName());
}
这几乎就是医生告诉我要做的,但有些事情不对。当我尝试登录时,它会出现
InvalidCredentialsException

我知道了如何让它工作。我必须改变这一点(在我的自定义域impl中):

为此:

ByteSource passwordSalt = ByteSource.Util.bytes( 
                                  Base64.decode( storedPasswordSalt) );