// 验证用户 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String loginName = (String) token.getPrincipal(); // 得到用户名 String password = new String((char[]) token.getCredentials()); // 得到密码 User user = new User(); user.setLoginName(loginName); user.setPassword(password); User loginUser = adminUserDao.login(user.getLoginName(), user.getPassword()); if (loginUser == null || loginUser.getId() <= 0) { throw new IncorrectCredentialsException("用户名或密码不正确!"); } // 如果身份认证验证成功,返回一个 AuthenticationInfo 实现; return new SimpleAuthenticationInfo(loginName, password, getName()); }