【发布时间】:2015-08-23 12:04:06
【问题描述】:
这是我的 shiro.ini。
[main]
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.requiredType = javax.sql.DataSource
ds.resourceName = java:/comp/env/jdbc/at
credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher
credentialsMatcher.hashAlgorithmName=MD5
credentialsMatcher.hashIterations=1024
credentialsMatcher.storedCredentialsHexEncoded=true
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.dataSource = $ds
jdbcRealm.authenticationQuery = SELECT password FROM accounts.users WHERE username = ?
jdbcRealm.userRolesQuery = SELECT role_id FROM accounts.org_user_roles WHERE user_id = (SELECT id FROM accounts.users WHERE username = ?)
jdbcRealm.permissionsQuery = SELECT feature_id FROM accounts.role_features WHERE role_id = ?
jdbcRealm.credentialsMatcher = $credentialsMatcher
shiro.loginUrl = /at/login.htm
authc = org.apache.shiro.web.filter.authc.FormAuthenticationFilter
authc.loginUrl = /at/login.htm
logout.redirectUrl = /at/login.htm
[urls]
/at/login.htm = authc
/at/forgotpw.htm = anon
/at/resources/** = authc
/at/tss/** = authc
/at/tde/** = authc
/at/lcs/** = authc
/at/cdt/** = authc
/at/tp/** = authc
/at/ip/** = authc
/at/dashboard/** = authc
/at/logout.htm = logout
当我进入登录页面并输入我的用户名和密码时,出现异常:
org.apache.shiro.authc.IncorrectCredentialsException:提交的令牌凭据 [org.apache.shiro.authc.UsernamePasswordToken - root, rememberMe=false] 与预期凭据不匹配。
我的数据库包含密码的 MD5 哈希值。看来验证不起作用。我不明白为什么。
【问题讨论】: