Beispiel #1
0
 /*
  *获取了当前登录用户的角色信息。
  *
  * @see org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
  */
 @Override
 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   if (principals == null) {
     throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
   }
   /*User user = (User)principals.fromRealm(getName()).iterator().next();*/
   String name = (String) getAvailablePrincipal(principals);
   Set<String> roles = new HashSet<String>();
   User user = userService.findUserByNameAndPassword(name, "", 1);
   SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
   List<UserRoleOrgRelation> relations = user.getUserRoleOrgRelations();
   for (UserRoleOrgRelation relation : relations) {
     roles.add(String.valueOf(relation.getRole().getId()));
   }
   info.addRoles(roles);
   return info;
 }
Beispiel #2
0
 /*
  * (non-Javadoc)
  *  认证是否通过,登录
  * @see org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)
  */
 @Override
 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
     throws AuthenticationException {
   UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
   String userName = token.getUsername();
   User user = userService.findUserByNameAndPassword(userName, "", 1);
   if (user == null) {
     throw new AuthenticationException();
   }
   // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现
   SimpleAuthenticationInfo info =
       new SimpleAuthenticationInfo(
           user.getUserName(),
           user.getPassword(),
           ByteSource.Util.bytes(user.getSalt()),
           user.getRealName());
   return info;
 }