Examples of org.apache.shiro.authc.credential.HashedCredentialsMatcher

• org.apache.shiro.authc.credential.HashedCredentialsMatcher
  wasp.org/index.php/Hashing_Java" _target="blank">Hashing Java article to learn about salting and multiple iterations and why you might want to use them. (Note of sections 5 "Why add salt?" and 6 "Hardening against the attacker's attack").

  We should also note here that all of Shiro's Hash implementations (for example, {@link org.apache.shiro.crypto.hash.Md5Hash Md5Hash}, {@link org.apache.shiro.crypto.hash.Sha1Hash Sha1Hash}, etc) support salting and multiple hash iterations via overloaded constructors.

  Salting

  Salting of the authentication token's credentials hash is disabled by default, but you may enable it by setting {@link #setHashSalted hashSalted} to{@code true}. If you do enable it, the value used to salt the hash will be obtained from {@link #getSalt(org.apache.shiro.authc.AuthenticationToken) getSalt(authenticationToken)}.

  The default {@code getSalt} implementation merely returns{@code token.getPrincipal()}, effectively using the user's identity as the salt, a most common technique. If you wish to provide the authentication token's salt another way, you may override this {@code getSalt} method.

  Multiple Hash Iterations

  If you hash your users' credentials multiple times before persisting to the data store, you will also need to set this class's {@link #setHashIterations(int) hashIterations} property.

  Note: MD5 and SHA-1 algorithms are now known to be vulnerable to compromise and/or collisions (read the linked pages for more). While most applications are ok with either of these two, if your application mandates high security, use the SHA-256 (or higher) hashing algorithms and their supporting {@code CredentialsMatcher} implementations. @author Les Hazlewood @see org.apache.shiro.crypto.hash.Md5Hash @see org.apache.shiro.crypto.hash.Sha1Hash @see org.apache.shiro.crypto.hash.Sha256Hash @since 0.9

        inMemoryRealm.setCachingEnabled(false);
        inMemoryRealm.addRootAccount(
                configuration.getRootUsername(),
                configuration.getRootPasswordSha2()
        );
        inMemoryRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-256"));

        passwordAuthenticator.setCachingEnabled(false);
        passwordAuthenticator.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-1"));
        mongoDbAuthorizationRealm.setCachingEnabled(false);

        ldapUserAuthenticator.setCachingEnabled(false);

        sessionAuthenticator.setCachingEnabled(false);

   * 给ShiroDbRealm提供编码信息，用于密码密码比对
   * 描述
   */
  public ShiroDbRealm() {
    super();
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(ALGORITHM);
    matcher.setHashIterations(INTERATIONS);

    setCredentialsMatcher(matcher);
  }

  /**
   * 设定Password校验的Hash算法与迭代次数.
   */
  @PostConstruct
  public void initCredentialsMatcher() {
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(AccountService.HASH_ALGORITHM);
    matcher.setHashIterations(AccountService.HASH_INTERATIONS);

    setCredentialsMatcher(matcher);
  }

  /**
   * 设定Password校验的Hash算法与迭代次数.
   */
  @PostConstruct
  public void initCredentialsMatcher() {
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(AccountService.HASH_ALGORITHM);
    matcher.setHashIterations(AccountService.HASH_INTERATIONS);

    setCredentialsMatcher(matcher);
  }

  /**
   * 设定Password校验的Hash算法与迭代次数.
   */
  @PostConstruct
  public void initCredentialsMatcher() {
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(AccountService.HASH_ALGORITHM);
    matcher.setHashIterations(AccountService.HASH_INTERATIONS);

    setCredentialsMatcher(matcher);
  }

    @Inject
    private IdentityManagement identityManagerment;

    public SecurityRealm() {
        setName("SecurityRealm");
        setCredentialsMatcher(new HashedCredentialsMatcher(Sha512Hash.ALGORITHM_NAME));
    }

  public SampleRealm()
  {
    setName("SampleRealm"); // This name must match the name in the User class's getPrincipals()
// method
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
    matcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME);
    setCredentialsMatcher(matcher);
  }

  public SampleRealm()
  {
    setName("SampleRealm"); // This name must match the name in the User class's getPrincipals()
// method
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
    matcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME);
    setCredentialsMatcher(matcher);
  }

   * ���캯��
   */
  public ShiroRealm() {
    setName("ShiroRealm");
    // TODO ��ʱ������������ܣ��Ժ�ָ����ǵûָ���ʱ����û���Ϣ��������뱣��Ҳ����
    setCredentialsMatcher(new HashedCredentialsMatcher());
  }

  /**
   * 设定密码校验的Hash算法与迭代次数
   */
  @PostConstruct
  public void initCredentialsMatcher() {
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(SystemService.HASH_ALGORITHM);
    matcher.setHashIterations(SystemService.HASH_INTERATIONS);
    setCredentialsMatcher(matcher);
  }