How do you add additional parameters in a SHIRO configuration INI file, especially for db query

Question

I have a standard shiro.ini file that is used to authenticate/authorize my Java EE maven project. I am stuck at a point where I cannot use multiple fields for the username authentication using the shiro INI config file. Here is how it is

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds
jdbcRealm.credentialsMatcher = $passwordMatcher
jdbcRealm.permissionsLookupEnabled = false
jdbcRealm.authenticationQuery = SELECT user_password FROM user WHERE user_name = ? AND user_status = 1
jdbcRealm.userRolesQuery = SELECT login_type_name FROM login_type t INNER JOIN schooler_user_rel r ON r.login_type_id = t.login_type_id INNER JOIN user u ON u.user_id = r.user_id WHERE u.user_name = ?

authc.usernameParam = username
authc.passwordParam = password

Here the problem is that I cannot use another field like a user-email or user-id for authenticating. When I add this

jdbcRealm.authenticationQuery = SELECT user_password FROM user WHERE (user_name = ? OR user_id = ?) AND user_status = 1

This says I do not have the second parameter setup. Help!

Answer 1

您需要实现自己的领域，可能扩展JdbcRealm并覆盖doGetAuthenticationInfo()方法以实现您自己的逻辑。