1.验证策略
ModularRealmAuthenticator下面有关于验证策略的参数AuthenticationStrategy
存在三种策略：
AtLeastOneSuccessfulStrategy
AllSuccessfulStrategy
FirstSuccessfulStrategy
这里配置AllSuccessfulStrategy策略：

添加验证策略

authenticationStrategy=org.apache.shiro.authc.pam.FirstSuccessfulStrategy
securityManager.realms=authenticationStrategy

2。自定义realm继承AuthorizingRealm 类实现它的两个方法，对身份进行认证

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class UserRealm extends AuthorizingRealm {

    @Override
    public String getName() {
        return "userReam";
    }
//    获取身份认证信息

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String userName =(String) token.getPrincipal();
//        模拟数据库找密码
        String psw="1235";
        SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(userName,psw,getName());
        return info;
    }

    //获取授权信息
    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

}