Apache Shiro login error: IncorrectCredentialsException
Apache Shiro login error: IncorrectCredentialsException
我尝试登录时一直收到此错误。感谢任何帮助。
登录码
Realm realm = new TestRealm();
SecurityManager sm = new DefaultSecurityManager(realm);
SecurityUtils.setSecurityManager(sm);
UsernamePasswordToken token = new UsernamePasswordToken();
token.setUsername("dave");
token.setPassword("le1990".toCharArray());
token.setRememberMe(true);
Subject sub = SecurityUtils.getSubject();
sub.login(token);
doGetAuthenticationInfo 方法
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException{
UsernamePasswordToken upToken = (UsernamePasswordToken)token;
String username = upToken.getUsername();
if(username == null)
this.logger.info("We don't except Null usernames. sorry. ");
AuthenticationInfo info = null;
try{
USER user = new USER();
String pass = user.getPassForUser();
if(pass == null)
throw new AccountException("The account your looking for doesn't exist");
info = new SimpleAuthenticationInfo(username, pass, getName());
user.getPassForUser 方法 returns 用于测试的硬连接值。从 DB $shiro1$SHA-256$500000$temCnap0k+zboIW7y49Mww==$veyM6YL3QiCJvMwo0r2yu0KDC3ueAxZOYuN0vT+0v5M=
复制的值
shiro.ini 文件
# realms to be used
customSecurityRealm=com.raven.rave.common.TestRealm
customSecurityRealm.jndiDataSourceName=java:jdbc/dbeka
customSecurityRealm.permissionsLookupEnabled=true
终于抛出了异常
ERROR [STDERR] org.apache.shiro.authc.IncorrectCredentialsException:
Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - dave, rememberMe=true] did not match the expected credent
ERROR [STDERR] at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600)
ERROR [STDERR] at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578)
ERROR [STDERR] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
ERROR [STDERR] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
ERROR [STDERR] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
ERROR [STDERR] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
ERROR [STDERR] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
ERROR [STDERR] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
当我注册用户时,我输入了相同的密码"le1990"。
此外,从数据库中检索到的密码是否必须为明文。如果是这样,我如何解密存储的密码?
问题很明显,即 missed.I 没有在 ini 文件中将 credentialMatcher 设置为 jdbc 领域。添加该语句修复它。
已更新 shiro.ini 文件
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordMatcher.passwordService = $passwordService
# realms to be used
jdbcrealm=com.raven.rave.common.TestRealm
jdbcrealm.permissionsLookupEnabled=true
securityManager.realm = $jdbcrealm
#statement that fixed it up
jdbcrealm.credentialsMatcher = $passwordMatcher
我尝试登录时一直收到此错误。感谢任何帮助。
登录码
Realm realm = new TestRealm();
SecurityManager sm = new DefaultSecurityManager(realm);
SecurityUtils.setSecurityManager(sm);
UsernamePasswordToken token = new UsernamePasswordToken();
token.setUsername("dave");
token.setPassword("le1990".toCharArray());
token.setRememberMe(true);
Subject sub = SecurityUtils.getSubject();
sub.login(token);
doGetAuthenticationInfo 方法
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException{
UsernamePasswordToken upToken = (UsernamePasswordToken)token;
String username = upToken.getUsername();
if(username == null)
this.logger.info("We don't except Null usernames. sorry. ");
AuthenticationInfo info = null;
try{
USER user = new USER();
String pass = user.getPassForUser();
if(pass == null)
throw new AccountException("The account your looking for doesn't exist");
info = new SimpleAuthenticationInfo(username, pass, getName());
user.getPassForUser 方法 returns 用于测试的硬连接值。从 DB $shiro1$SHA-256$500000$temCnap0k+zboIW7y49Mww==$veyM6YL3QiCJvMwo0r2yu0KDC3ueAxZOYuN0vT+0v5M=
复制的值shiro.ini 文件
# realms to be used
customSecurityRealm=com.raven.rave.common.TestRealm
customSecurityRealm.jndiDataSourceName=java:jdbc/dbeka
customSecurityRealm.permissionsLookupEnabled=true
终于抛出了异常
ERROR [STDERR] org.apache.shiro.authc.IncorrectCredentialsException:
Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - dave, rememberMe=true] did not match the expected credent
ERROR [STDERR] at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600)
ERROR [STDERR] at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578)
ERROR [STDERR] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
ERROR [STDERR] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
ERROR [STDERR] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
ERROR [STDERR] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
ERROR [STDERR] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
ERROR [STDERR] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
当我注册用户时,我输入了相同的密码"le1990"。 此外,从数据库中检索到的密码是否必须为明文。如果是这样,我如何解密存储的密码?
问题很明显,即 missed.I 没有在 ini 文件中将 credentialMatcher 设置为 jdbc 领域。添加该语句修复它。
已更新 shiro.ini 文件
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordMatcher.passwordService = $passwordService
# realms to be used
jdbcrealm=com.raven.rave.common.TestRealm
jdbcrealm.permissionsLookupEnabled=true
securityManager.realm = $jdbcrealm
#statement that fixed it up
jdbcrealm.credentialsMatcher = $passwordMatcher