shiro reaml
packagecom.sojson.core.shiro.token;
importjava.util.Date;
importjava.util.Set;
importorg.apache.shiro.SecurityUtils;
importorg.apache.shiro.authc.AccountException;
importorg.apache.shiro.authc.AuthenticationException;
importorg.apache.shiro.authc.AuthenticationInfo;
importorg.apache.shiro.authc.AuthenticationToken;
importorg.apache.shiro.authc.DisabledAccountException;
importorg.apache.shiro.authc.SimpleAuthenticationInfo;
importorg.apache.shiro.authz.AuthorizationInfo;
importorg.apache.shiro.authz.SimpleAuthorizationInfo;
importorg.apache.shiro.realm.AuthorizingRealm;
importorg.apache.shiro.subject.PrincipalCollection;
importorg.apache.shiro.subject.SimplePrincipalCollection;
importorg.springframework.beans.factory.annotation.Autowired;
importcom.sojson.common.model.UUser;
importcom.sojson.core.shiro.token.manager.TokenManager;
importcom.sojson.permission.service.PermissionService;
importcom.sojson.permission.service.RoleService;
importcom.sojson.user.service.UUserService;
/**
*
*开发公司:SOJSON在线工具<p>
*版权所有:©www.sojson.com<p>
*博客地址:http://www.sojson.com/blog/<p>
*<p>
*
*shiro认证+授权重写
*
*<p>
*
*区分 责任人 日期 说明<br/>
*创建 周柏成 2016年6月2日 <br/>
*
*@authorzhou-baicheng
*@emailso@sojson.com
*@version1.0,2016年6月2日<br/>
*
*/
publicclassSampleRealmextendsAuthorizingRealm{
@Autowired
UUserServiceuserService;
@Autowired
PermissionServicepermissionService;
@Autowired
RoleServiceroleService;
publicSampleRealm(){
super();
}
/**
*认证信息,主要针对用户登录,
*/
protectedAuthenticationInfodoGetAuthenticationInfo(
AuthenticationTokenauthcToken)throwsAuthenticationException{
ShiroTokentoken=(ShiroToken)authcToken;
UUseruser=userService.login(token.getUsername(),token.getPswd());
if(null==user){
thrownewAccountException("帐号或密码不正确!");
/**
*如果用户的status为禁用。那么就抛出<code>DisabledAccountException</code>
*/
}elseif(UUser._0.equals(user.getStatus())){
thrownewDisabledAccountException("帐号已经禁止登录!");
}else{
//更新登录时间lastlogintime
user.setLastLoginTime(newDate());
userService.updateByPrimaryKeySelective(user);
}
returnnewSimpleAuthenticationInfo(user,user.getPswd(),getName());
}
/**
*授权
*/
@Override
protectedAuthorizationInfodoGetAuthorizationInfo(PrincipalCollectionprincipals){
LonguserId=TokenManager.getUserId();
SimpleAuthorizationInfoinfo=newSimpleAuthorizationInfo();
//根据用户ID查询角色(role),放入到Authorization里。
Set<String>roles=roleService.findRoleByUserId(userId);
info.setRoles(roles);
//根据用户ID查询权限(permission),放入到Authorization里。
Set<String>permissions=permissionService.findPermissionByUserId(userId);
info.setStringPermissions(permissions);
returninfo;
}
/**
*清空当前用户权限信息
*/
publicvoidclearCachedAuthorizationInfo(){
PrincipalCollectionprincipalCollection=SecurityUtils.getSubject().getPrincipals();
SimplePrincipalCollectionprincipals=newSimplePrincipalCollection(
principalCollection,getName());
super.clearCachedAuthorizationInfo(principals);
}
/**
*指定principalCollection清楚
*/
publicvoidclearCachedAuthorizationInfo(PrincipalCollectionprincipalCollection){
SimplePrincipalCollectionprincipals=newSimplePrincipalCollection(
principalCollection,getName());
super.clearCachedAuthorizationInfo(principals);
}
}