[main]

#Session
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionValidationSchedulerEnabled = false

#Session Cache
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionManager.sessionDAO = $sessionDAO
securityManager.sessionManager = $sessionManager

cacheManager_ehcache = org.apache.shiro.cache.ehcache.EhCacheManager
cacheManager_ehcache.cacheManagerConfigFile=classpath:ehcache.xml

securityManager.sessionManager.cacheManager = $cacheManager_ehcache

#Cookie
sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=sid
sessionIdCookie.maxAge=946080000
sessionIdCookie.httpOnly=true  

sessionManager.sessionIdCookie=$sessionIdCookie  
sessionManager.sessionIdCookieEnabled=true
sessionManager.globalSessionTimeout=946080000


authc.loginUrl=/login

#authenticator=com.bsd.security.shiro.ModularRealmAuthenticator2
#securityManager.authenticator=$authenticator

rlCredentialsMatcher = com.bsd.security.shiro.RetryLimitHashedCredentialsMatcher
rlCredentialsMatcher.hashAlgorithmName = SHA-256
rlCredentialsMatcher.storedCredentialsHexEncoded = true
rlCredentialsMatcher.hashIterations = 1024
rlCredentialsMatcher.hashSalted = true

rlCredentialsMatcher.maxRetryCount = 2
rlCredentialsMatcher.loginRetryCacheName = loginRetryCache
rlCredentialsMatcher.cacheManager = $cacheManager_ehcache



dbRealm = com.bsd.shiro.realm.DbAuthenticationRealm
dbRealm.credentialsMatcher = $rlCredentialsMatcher

simpleRealm = com.bsd.shiro.realm.SimpleAuthenticationRealm

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager

securityManager.realms = $dbRealm,$simpleRealm
securityManager.cacheManager = $cacheManager


[urls] 

shiro.ini

其中自定义的RetryLimitHashedCredentialsMatcher的

public class RetryLimitHashedCredentialsMatcher extends HashedCredentialsMatcher{

@Override  
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
...
}
}

没有进去？是哪里的问题呢