springboot集成shiro之登陆加密报错

其他 2021-01-25 06:11:15 阅读次数: 0

1.springboot集成shiro之登陆加密报错,提示如下:

20:25:27.818 WARN  org.apache.shiro.authc.AbstractAuthenticator 216 authenticate - Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - maweijie, rememberMe=false].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException). java.lang.IllegalArgumentException: Illegal hexadecimal character m at index 0
	at org.apache.shiro.codec.Hex.toDigit(Hex.java:156) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.codec.Hex.decode(Hex.java:135) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.codec.Hex.decode(Hex.java:95) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.authc.credential.HashedCredentialsMatcher.getCredentials(HashedCredentialsMatcher.java:353) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.authc.credential.HashedCredentialsMatcher.doCredentialsMatch(HashedCredentialsMatcher.java:380) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:581) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) ~[shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:275) [shiro-core-1.4.2.jar:1.4.2]
	at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:260) [shiro-core-1.4.2.jar:1.4.2]

2.分析经过

主要是这句:java.lang.IllegalArgumentException: Illegal hexadecimal character m at index 0

点进去查看这个地方

进去后debug

查看这个参数,不太对啊,也不是十六进制。

往上debug查看参数是什么,不是加密后的所以错误。

3.结论

在自定义的realm类里的方法doGetAuthenticationInfo处理加密验证的时候,password传成明文的了,应该是密文的。

注意参数:userName明文, password密文。

ByteSource byteSourceSalt = ByteSource.Util.bytes(user.getSalt());
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userName, password, byteSourceSalt, getName());
return simpleAuthenticationInfo;

猜你喜欢

转载自blog.csdn.net/Mint6/article/details/103846978
今日推荐
周排行
LRU cache算法
windows10, 自带的OpenSSH, key权限问题, 文件权限问题
测试用例书写方法
HIVE-默认分隔符的(linux系统的特殊字符)查看,输入和修改
最贵的AMD 7nm显卡来了!这设计 够狂野
java多线程简单demo
[ 转载 ]在Android系统上使用busybox——最简单的方法
QT connect学习
BFSIFT算法分析
Xcode10:library not found for -lstdc++.6.0.9 临时解决
每日归档
更多
2024-08-06(0)
2024-08-05(0)
2024-08-04(0)
2024-08-03(0)
2024-08-02(0)
2024-08-01(0)
2024-07-31(0)
2024-07-30(0)
2024-07-29(0)
2024-07-28(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022