/* * (non-Javadoc) * 认证是否通过,登录 * @see org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken) */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; String userName = token.getUsername(); User user = userService.findUserByNameAndPassword(userName, "", 1); if (user == null) { throw new AuthenticationException(); } // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 SimpleAuthenticationInfo info = new SimpleAuthenticationInfo( user.getUserName(), user.getPassword(), ByteSource.Util.bytes(user.getSalt()), user.getRealName()); return info; }