Java Web编程入门--spring boot + shiro（续）

<form th:action="@{/login}" method="POST">
<div class="form-group has-feedback">
<input name="username" type="text" class="form-control"
placeholder="用户账户" required="" value="test"/><span
class="glyphicon glyphicon-envelope form-control-feedback"></span>
</div>
<div class="form-group has-feedback">
<input name="password" type="password" class="form-control"
placeholder="用户密码" required="" value="test"/><span
class="glyphicon glyphicon-lock form-control-feedback"></span>
</div>
<div class="row">
<!-- /.col -->
<div class="col-xs-12">
<button class="btn btn-default submit">
<span>登录</span>
</button>
</div>
<!-- /.col -->
</div>
<div id="tips"></div>
</form>

/**
* 认证信息(身份验证) Authentication 是用来验证用户身份
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken token) throws AuthenticationException {
System.out.println("身份认证-->MyShiroRealm.doGetAuthenticationInfo()");
// 获取用户的输入帐号
String username = (String) token.getPrincipal();
System.out.println("token.getCredentials():"+token.getCredentials());
//      通过username从数据库中查找 User对象，如果找到，没找到.
//      实际项目中，这里可以根据实际情况做缓存，
//      如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
SysRightUser sysRightUser = userInfoService.selectByAccount(username);
if (sysRightUser == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
sysRightUser, // 用户对象
sysRightUser.getPassword(), // 密码
getName() // realm name
);
Session session = SecurityUtils.getSubject().getSession();
session.setAttribute("userInfo",sysRightUser);
return authenticationInfo;

}