You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Andy <si...@gmail.com> on 2011/03/25 02:59:27 UTC
How Shiro Check User's Password
*hi,I study shiro just now,and read some code like below,but I have one
question:the user's password\role stored in database,how shiro get the
password\role and check it? Thanks.
code:
UsernamePasswordToken token =
new UsernamePasswordToken(username, password);*
* try {
Subject subject = SecurityUtils.getSubject();
subject.login(token);
token.clear();
url = "/secure/index.jsp";
}*
Re: How Shiro Check User's Password
Posted by Brian Demers <br...@gmail.com>.
I'm not sure what exists out of the box with the JdbcRealm (worse case
it is a good starting point)
Basically you need to configure a SecurityManager with a Realm (i.e.
the JdbcRealm). The realm is what actually does the talking to your
DB.
Take a look at: http://shiro.apache.org/realm.html
The example code is pretty good and should get you on your way.
On Thu, Mar 24, 2011 at 9:59 PM, Andy <si...@gmail.com> wrote:
> hi,I study shiro just now,and read some code like below,but I have one
> question:the user's password\role stored in database,how shiro get the
> password\role and check it? Thanks.
>
> code:
> UsernamePasswordToken token =
> new UsernamePasswordToken(username, password);
> try {
> Subject subject = SecurityUtils.getSubject();
> subject.login(token);
> token.clear();
> url = "/secure/index.jsp";
> }