how to check md5 password with passwordmatcher

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

how to check md5 password with passwordmatcher

This post has NOT been accepted by the mailing list yet.
This post was updated on .
I am using shiro 1.4, my password is md5 without salt and has iteration. If I use following config(HashedCredentialsMatcher), I can log in successful:

    shiro.loginUrl = /login.jsp
    shiro.successUrl = /home.jsp

    ds = com.mchange.v2.c3p0.ComboPooledDataSource
    ds.driverClass = com.mysql.jdbc.Driver
    ds.jdbcUrl = jdbc:mysql://localhost:3306/simple_shiro_web_app
    ds.user = test
    ds.password = 123456

    jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
    jdbcRealm.permissionsLookupEnabled = true
    jdbcRealm.authenticationQuery = SELECT password FROM USERS WHERE username = ?
    jdbcRealm.userRolesQuery = SELECT role_name FROM USERS_ROLES WHERE username = ?
    jdbcRealm.permissionsQuery = SELECT permission_name FROM ROLES_PERMISSIONS WHERE role_name = ?
    jdbcRealm.credentialsMatcher = $passwordMatcher

    securityManager.realm = $jdbcRealm
However, If I use PasswordMatcher, I login failed:
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordMatcher.passwordService = $passwordService
And I found there is log message said:
TRACE ClassUtils.forName - Unable to load class named [e10adc3949ba59abbe56e057f20f] from the current ClassLoader.  Trying the system/application ClassLoader...
While e10adc3949ba59abbe56e057f20f is my md5 password. So how to check md5 with passwordmatcher/defaultpasswordservice? Thanks!