e or update to your data store Be sure to save this encrypted password in your data store and never the original/raw submitted password.
Login Password Comparison
Shiro performs the comparison during login automatically. Along with your {@code PasswordService}, you just have to configure a {@link PasswordMatcher} on a realm that has password-based accounts. During a login attempt,shiro will use the {@code PasswordMatcher} and the {@code PasswordService} to automatically compare submittedpasswords.
For example, if using Shiro's INI, here is how you might configure the PasswordMatcher and PasswordService:
[main] ... passwordService = org.apache.shiro.authc.credential.DefaultPasswordService # configure the passwordService to use the settings you desire ... passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher passwordMatcher.passwordService = $passwordService ... # Finally, set the matcher on a realm that requires password matching for account authentication: myRealm = ... myRealm.credentialsMatcher = $passwordMatcher
@see DefaultPasswordService
@see PasswordMatcher
@since 1.2