Apache Shiro登錄錯誤：IncorrectCredentialsException

Question

我試圖登錄時不斷收到此錯誤。任何幫助表示讚賞。

登錄碼

Realm realm = new TestRealm(); 
SecurityManager sm = new DefaultSecurityManager(realm); 
SecurityUtils.setSecurityManager(sm); 

UsernamePasswordToken token = new UsernamePasswordToken(); 
token.setUsername("dave"); 
token.setPassword("le1990".toCharArray()); 
token.setRememberMe(true); 

Subject sub = SecurityUtils.getSubject(); 
sub.login(token); 

doGetAuthenticationInfo方法

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException{  

    UsernamePasswordToken upToken = (UsernamePasswordToken)token;  
    String username = upToken.getUsername(); 

    if(username == null) 
     this.logger.info("We don't except Null usernames. sorry. "); 

    AuthenticationInfo info = null; 
    try{ 

     USER user = new USER(); 
     String pass = user.getPassForUser(); 

     if(pass == null) 
      throw new AccountException("The account your looking for doesn't exist"); 


     info = new SimpleAuthenticationInfo(username, pass, getName()); 

user.getPassForUser方法返回測試硬連線的值。從價值$ DB $ shiro1 SHA-256 $ $ 500000 temCnap0k + zboIW7y49Mww == $ veyM6YL3QiCJvMwo0r2yu0KDC3ueAxZOYuN0vT + 0v5M =

shiro.ini文件

# realms to be used 
customSecurityRealm=com.raven.rave.common.TestRealm 
customSecurityRealm.jndiDataSourceName=java:jdbc/dbeka 
customSecurityRealm.permissionsLookupEnabled=true 

最後拋出的異常

ERROR [STDERR] org.apache.shiro.authc.IncorrectCredentialsException: 
Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - dave, rememberMe=true] did not match the expected credent 
ERROR [STDERR]  at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600) 
ERROR [STDERR]  at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578) 
ERROR [STDERR]  at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) 
ERROR [STDERR]  at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) 
ERROR [STDERR]  at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) 
ERROR [STDERR]  at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) 
ERROR [STDERR]  at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) 
ERROR [STDERR]  at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) 

複製當我註冊用戶，我傳入了相同的密碼「le1990」。 另外，從數據庫中檢索的密碼是否必須是純文本。如果是這樣，我如何解密存儲的密碼？

Answer 1

問題很明顯，錯過了。我沒有將credentialMatcher設置爲ini文件中的jdbc領域。在聲明中加入了它。

更新shiro.ini文件

passwordService = org.apache.shiro.authc.credential.DefaultPasswordService 
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher 
passwordMatcher.passwordService = $passwordService 

# realms to be used 
jdbcrealm=com.raven.rave.common.TestRealm 
jdbcrealm.permissionsLookupEnabled=true 
securityManager.realm = $jdbcrealm 
#statement that fixed it up 
jdbcrealm.credentialsMatcher = $passwordMatcher