org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token
[org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=true] did not match the expected credentials. at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600) at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
shiro在实现登陆认证的时候,一般从前端传来的是明文密码,而我们库中存放的是hash值,于是我们就需要转换下user的密码,
当然,我们有可能会在使用验证查询的时候,将user的密码转换成hash,然而在loginAction中,存放的user中的密码仍为明文,此时会出现错误