<!-- ini整合方式的依赖       -->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.9.0</version>
        </dependency>
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>

[main]
md5CredentialsMatcher=org.apache.shiro.authc.credential.Md5CredentialsMatcher
#此项是配置加盐次数的md5CredentialsMatcher.hashIterations=3

myrealm=com.shrimpking.realm.MyRealm
myrealm.credentialsMatcher=$md5CredentialsMatcher
securityManager.realms=$myrealm


[users]
zhangsan=81dc9bdb52d04dc20036dbd8313ed055,role1,role2
lisi=1234

[roles]
role1:user:insert,user:select

package com.shrimpking.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.util.ByteSource;

import javax.print.DocFlavor;

/**
 * Created by IntelliJ IDEA.
 *
 * @Author : Shrimpking
 * @create 2023/9/30 11:39
 */
public class MyRealm extends AuthenticatingRealm
{
    /**
     * 自定义的认证登录方法，shiro的login方法的底层调用此类的认证方法进行认证
     * 需要配置自定义的realm生效，在ini文件中配置，在springboot中配置
     * 此方法只是获取需要验证的信息
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException
    {
        //获取身份信息
        String principal = authenticationToken.getPrincipal().toString();
        //获取凭证信息
        String password  = new String((char[]) authenticationToken.getCredentials());
        System.out.println("身份信息=" + principal);
        System.out.println("密码=" + password);
        System.out.println(getName());
        //访问数据库获取用户信息
        if(principal.equals("zhangsan")){
            //从数据库查询加密的密码
            String pwdInfo = "81dc9bdb52d04dc20036dbd8313ed055";
            //封装到校验的逻辑对象中
            AuthenticationInfo info = new SimpleAuthenticationInfo(
                    authenticationToken.getPrincipal(),
                    pwdInfo,
                    ByteSource.Util.bytes(""),
                    getName()
            );
            return info;
        }
        return null;
    }
}

package com.shrimpking;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;

/**
 * Created by IntelliJ IDEA.
 *
 * @Author : Shrimpking
 * @create 2023/9/30 10:22
 */
@SpringBootTest
public class ShiroTest
{
    @Test
    public void test(){
        //获取securityManager
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        //获取subject对象
        Subject subject = SecurityUtils.getSubject();
        //创建token
        AuthenticationToken token = new UsernamePasswordToken("zhangsan", "1234");
        //完成登录
        try
        {
            subject.login(token);
            System.out.println("登录成功");
            //判断角色是否存在
            boolean hasRole = subject.hasRole("role1");
            System.out.println("是否拥有此角色=" +hasRole);
            //判断权限
            boolean permitted = subject.isPermitted("user:insert");
            System.out.println("是否拥有此权限=" + permitted);
            try
            {
                subject.checkPermission("user:delete");
            }
            catch (AuthorizationException e)
            {
                System.out.println("无权限");
            }
        }
        catch (UnknownAccountException e){
            e.printStackTrace();
            System.out.println("用户不存在");
        }
        catch (IncorrectCredentialsException e){
            e.printStackTrace();
            System.out.println("密码错误");
        }
        catch (AuthenticationException e)
        {
            e.printStackTrace();
        }

    }
}

package com.shrimpking;

import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;

import javax.swing.plaf.SliderUI;

/**
 * Created by IntelliJ IDEA.
 *
 * @Author : Shrimpking
 * @create 2023/9/30 11:01
 */
@SpringBootTest
public class ShiroMD5
{

    @Test
    public void test(){
        //密码明文
        String password = "1234";
        //使用md5加密
        Md5Hash md5Hash1 = new Md5Hash(password);
        System.out.println("使用md5加密 = " + md5Hash1);
        //使用md5加密 = 81dc9bdb52d04dc20036dbd8313ed055

        //带盐的md5加密
        String salt = "salt";
        Md5Hash md5Hash2 = new Md5Hash(password,salt);
        System.out.println("带盐的加密 = " +md5Hash2);
        //带盐的加密 = a6d4f0a9c109cd24eacb88e75e5be690

        //带盐的3次md5加密
        Md5Hash md5Hash3 = new Md5Hash(password,salt,3);
        System.out.println("带盐的3次加密 = " + md5Hash3);
        //带盐的3次加密 = 3eb72410276a5e43764a2722874c27c6

        //使用父类加密
        SimpleHash simpleHash = new SimpleHash("MD5",password,salt,3);
        System.out.println("使用父类加密 = " + simpleHash);
        //使用父类加密 = 3eb72410276a5e43764a2722874c27c6

    }
}