自定义Realm
import java.util.List;java
import javax.annotation.Resource;apache
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;缓存
public class MyRealm extends AuthorizingRealm {ide
@Resource
private PermissionService permissionService;函数
@Resource
private UserService userService;this
/**
* 只有须要验证权限时才会调用, 受权查询回调函数, 进行鉴权但缓存中无用户的受权信息时调用.在配有缓存的状况下,只加载一次.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//System.out.println("***********************开始受权");
//String loginName = SecurityUtils.getSubject().getPrincipal().toString();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
User user = (User) principalCollection.getPrimaryPrincipal();
if (user != null) {
//String userId = SecurityUtils.getSubject().getSession().getAttribute("userSessionId").toString();
List<Permission> rs = permissionService.getUserPermission(user.getId());
// 权限信息对象info,用来存放查出的用户的全部的角色(role)及权限(permission)
//SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 用户的角色对应的全部权限,若是只使用角色定义访问权限
//System.out.println("获取用户权限验证权限");
for (Permission permission : rs) {
//System.out.println(permission.getFunctionUrl());
info.addStringPermission(permission.getFunctionUrl());
}对象
return info;
}
return null;
}
/**
* 认证回调函数,登陆时调用
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException{
//System.out.println("######################开始认证");
User user2 = new User();
UsernamePasswordToken token = (UsernamePasswordToken)arg0;
String username = token.getUsername();
String pwd = new String(token.getPassword());
user2.setUserName(username);
user2.setPassword(pwd);
//System.out.println(pwd);
User user= userService.load(user2);
if (user != null) {
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, pwd, getName());
return info;
} else {
throw new UnknownAccountException();// 没找到账号
}
}
/**
* 更新用户受权信息缓存.
*/
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
/**
* 更新用户信息缓存.
*/
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}token
/**
* 清除用户受权信息缓存.
*/
public void clearAllCachedAuthorizationInfo() {
getAuthorizationCache().clear();
}ip
/**
* 清除用户信息缓存.
*/
public void clearAllCachedAuthenticationInfo() {
getAuthenticationCache().clear();
}
/**
* 清空全部缓存
*/
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}ci
/**
* 清空全部认证缓存
*/
public void clearAllCache() {
clearAllCachedAuthenticationInfo();
clearAllCachedAuthorizationInfo();
}
/**
*
* @Title: clearAuthz
* @Description: TODO()
* @param 自定义清空权限 并从新获取权限
* @return void 返回类型
* @throws
*/
public void clearAuthz(){
this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
}
}
- 1. 自定义Realm
- 2. shiro自定义realm
- 3. Shrio04 自定义Realm
- 4. Shiro -- (三) 自定义Realm
- 5. SSM+Apache shiro--自定义realm
- 6. Shiro-自定义Realm+Md5
- 7. Shrio02 Realm做用、自定义简洁Realm、Realm实现类使用
- 8. shiro学习之路(3)----自定义Realm
- 9. shiro 自定义Realm和加密
- 10. shiro中的自定义realm支持md5
- 更多相关文章...
- • 自定义TypeHandler - MyBatis教程
- • MySQL自定义函数(CREATE FUNCTION) - MySQL教程
- • RxJava操作符(十)自定义操作符
- • SpringBoot中properties文件不能自动提示解决方法
-
每一个你不满意的现在,都有一个你没有努力的曾经。