jiangjiazhi / center

ShiroRealm.java 3.06 KB
edit raw blame history 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
package com.lyms.cm.shiro;

import java.util.Arrays;
import java.util.HashSet;

import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.lyms.cm.entity.sys.User;
import com.lyms.cm.service.sys.ResourceService;
import com.lyms.cm.service.sys.UserService;
import com.lyms.shiro.HashUtils;
import com.lyms.shiro.ShiroWebUtils;
import com.lyms.util.StrUtils;

/**
 * <li>@ClassName: ShiroRealm
 * <li>@Description: 自定义Realm授权与验证实现
 * <li>@author 方承
 * <li>@date 2015年12月29日
 * <li>
 */
public class ShiroRealm extends AuthorizingRealm {

	@SuppressWarnings("unused")
	private static Logger logger = LoggerFactory.getLogger(ShiroRealm.class);
	
	
	public ShiroRealm() {
        super(new AllowAllCredentialsMatcher());
        setAuthenticationTokenClass(UsernamePasswordToken.class);
        //FIXME: 暂时禁用Cache
        setCachingEnabled(false);
    }

	@Autowired
	private UserService userService;

	@Autowired
	private ResourceService resourceService;

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		String username = (String) principals.getPrimaryPrincipal();
		User user = userService.getUserByUserName(username);
		// 授权
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		if(StrUtils.isNotEmpty(user.getRoles())){
			authorizationInfo.setRoles(new HashSet<String>(Arrays.asList(user.getRoles().split(","))));
		}
		authorizationInfo.setStringPermissions(resourceService.getResourcePermissionSet(userService.getUserResourceIdSet(user)));
		return authorizationInfo;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		String username = token.getUsername();
		User user = userService.getUserByUserName(username);
		if (user == null) {
			throw new UnknownAccountException("未知用户");
		}
		StringBuilder pwd = new StringBuilder(100);
		for (int i = 0; i < token.getPassword().length; i++) {
			pwd.append(token.getPassword()[i]);
		}
		if (!StrUtils.equals(user.getPassword(), HashUtils.md5(pwd.toString()))) {
			throw new AccountException("用户名密码不一致");
		}
		ShiroWebUtils.saveCurrentUser(user);
		AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, pwd.toString(), username);
		return authcInfo;
	}

}