shiro管理下MD5加密的使用

2/22/2017来源:ASP.NET技巧人气:2328

1. 正文:

package com.service.impl;

import java.util.ArrayList;

import java.util.List;

import javax.annotation.Resource;

import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
import org.sPRingframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import com.entity.AuthAdmin;
import com.github.pagehelper.PageHelper;
import com.github.pagehelper.PageInfo;
import com.mapper.AuthAdminMapper;
import com.service.IAuthAdminService;
import com.service.IAuthRoleService;

/**
 * 用户管理
 * @author JiangYu
 */
@Service
public class AuthAdminServiceImpl implements IAuthAdminService {
	
	private RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator();
	
	@Resource
	private AuthAdminMapper _authAdminMapper;
	@Resource
	private IAuthRoleService _authRoleService;
	// 从配置properties文件中读取以下3项
	@Value("${passWord.algorithmName}")
    	private String algorithmName; // 加密方式:md5
   	@Value("${password.hashIterations}")
   	private int hashIterations;   // 次数:2
   	@Value("${init.password}")
   	private String initPwd;       // 初始化密码:admin
	
	Logger _logger = Logger.getLogger(AuthAdminServiceImpl.class);
	
	//新增用户
	@Override
	public void insertAuthAdmin(AuthAdmin authAdmin) throws Exception {
		if ( StringUtils.isBlank(authAdmin.getAccount())
				|| StringUtils.isBlank(authAdmin.getRoleIds())) {
			_logger.error("---------添加用户数据出错-------------");
			throw new Exception();
		}
		// 密码加盐
		authAdmin.setSalt(randomNumberGenerator.nextBytes().toHex());
        String newPassword = new SimpleHash(
                algorithmName,
                initPwd,
                ByteSource.Util.bytes(authAdmin.getSalt()),
                hashIterations).toHex();

        authAdmin.setPassword(newPassword);
		authAdmin.setRoleName(_authRoleService.selectRoleNameByIds(authAdmin.getRoleIds()));
		authAdmin.setLocked("否");
		_authAdminMapper.insertAuthAdmin(authAdmin);
	}

	/**
	 * 修改密码
	 */
	@Override
	public Integer updatePwd(AuthAdmin admin) throws Exception {
		
		// 密码加盐
		admin.setSalt(randomNumberGenerator.nextBytes().toHex());
        String newPassword = new SimpleHash(
                algorithmName,
                admin.getPassword(),
                ByteSource.Util.bytes(admin.getSalt()),
                hashIterations).toHex();
        admin.setPassword(newPassword);
		Integer resullt  = _authAdminMapper.updateAuthAdmin(admin);
		return resullt;
	}
	
	... ...

2. 配置文件中配置:

#MD5
password.algorithmName=md5
password.hashIterations=2
#initpwd
init.password=admin

3. 说明:加密工作主要是 对管理员对象admin  的salt属性、password属性赋值就行了。

存入数据库的是这样的值;