//package com.lyms.cm.shiro;
//
//import java.util.Arrays;
//import java.util.HashSet;
//
//import org.apache.shiro.authc.AccountException;
//import org.apache.shiro.authc.AuthenticationException;
//import org.apache.shiro.authc.AuthenticationInfo;
//import org.apache.shiro.authc.AuthenticationToken;
//import org.apache.shiro.authc.SimpleAuthenticationInfo;
//import org.apache.shiro.authc.UnknownAccountException;
//import org.apache.shiro.authc.UsernamePasswordToken;
//import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
//import org.apache.shiro.authz.AuthorizationInfo;
//import org.apache.shiro.authz.SimpleAuthorizationInfo;
//import org.apache.shiro.realm.AuthorizingRealm;
//import org.apache.shiro.subject.PrincipalCollection;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.beans.factory.annotation.Autowired;
//
//import com.lyms.cm.entity.sys.User;
//import com.lyms.cm.service.sys.ResourceService;
//import com.lyms.cm.service.sys.UserService;
//import com.lyms.shiro.HashUtils;
//import com.lyms.shiro.ShiroWebUtils;
//import com.lyms.util.StrUtils;
//
///**
// * <li>@ClassName: ShiroRealm
// * <li>@Description: 自定义Realm授权与验证实现
// * <li>@author 方承
// * <li>@date 2015年12月29日
// * <li>
// */
//public class ShiroRealm extends AuthorizingRealm {
//
//	@SuppressWarnings("unused")
//	private static Logger logger = LoggerFactory.getLogger(ShiroRealm.class);
//	
//	
//	public ShiroRealm() {
//        super(new AllowAllCredentialsMatcher());
//        setAuthenticationTokenClass(UsernamePasswordToken.class);
//        //FIXME: 暂时禁用Cache
//        setCachingEnabled(false);
//    }
//
//	@Autowired
//	private UserService userService;
//
//	@Autowired
//	private ResourceService resourceService;
//
//	@Override
//	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//		String username = (String) principals.getPrimaryPrincipal();
//		User user = userService.getUserByUserName(username);
//		// 授权
//		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//		if(StrUtils.isNotEmpty(user.getRoles())){
//			authorizationInfo.setRoles(new HashSet<String>(Arrays.asList(user.getRoles().split(","))));
//		}
//		authorizationInfo.setStringPermissions(resourceService.getResourcePermissionSet(userService.getUserResourceIdSet(user)));
//		return authorizationInfo;
//	}
//
//	@Override
//	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
//		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
//		String username = token.getUsername();
//		User user = userService.getUserByUserName(username);
//		if (user == null) {
//			throw new UnknownAccountException("未知用户");
//		}
//		StringBuilder pwd = new StringBuilder(100);
//		for (int i = 0; i < token.getPassword().length; i++) {
//			pwd.append(token.getPassword()[i]);
//		}
//		if (!StrUtils.equals(user.getPassword(), HashUtils.md5(pwd.toString()))) {
//			throw new AccountException("用户名密码不一致");
//		}
//		ShiroWebUtils.saveCurrentUser(user);
//		AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, pwd.toString(), username);
//		return authcInfo;
//	}
//
//}