Esempio n. 1
0
 /** 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */
 @Override
 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   System.out.println("=========================doGetAuthorizationInfo");
   ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal();
   ShiroUser user = shiroUserService.findUserByLoginName(shiroUser.getUsername());
   SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
   List<ShiroRole> roles = user.getRoleList(); // 用户角色
   List<ShiroPermission> permissions = user.getPermissionList(); // 用户权限
   if (roles != null) {
     for (ShiroRole role : roles) {
       // 基于Role的权限信息
       info.addRole(role.getRoleName());
       // 基于角色Permission的权限信息
       List<ShiroPermission> rolePermissions = role.getPermissionList();
       if (rolePermissions != null) {
         for (ShiroPermission permission : rolePermissions) {
           info.addStringPermission(permission.getPermissionName());
         }
       }
     }
   }
   if (permissions != null) {
     for (ShiroPermission permission : permissions) {
       // 基于用户Permission的权限信息
       info.addStringPermission(permission.getPermissionName());
     }
   }
   // TODO:删除,测试用代码
   info.addRole("root");
   info.addStringPermission("user:edit");
   info.addStringPermission("user:list");
   return info;
 }
Esempio n. 2
0
 /** 认证回调函数,登录时调用. */
 @Override
 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
     throws AccountException {
   Subject currentUser = SecurityUtils.getSubject();
   currentUser.getSession();
   System.out.println("============" + this.getAuthenticationCacheName());
   System.out.println("============" + this.getAuthorizationCacheName());
   UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
   ShiroUser user = null;
   try {
     user = shiroUserService.findUserByLoginName(token.getUsername());
   } catch (Exception e) {
     e.printStackTrace();
   }
   if (user != null) {
     if (!user.isEnabled()) {
       throw new DisabledAccountException();
     }
     byte[] salt = EncodeUtils.hexDecode(user.getSalt());
     return new SimpleAuthenticationInfo(
         user, user.getPassword(), ByteSource.Util.bytes(salt), getName());
   } else {
     return null;
   }
 }
  /**
   * 覆盖默认实现,用sendRedirect直接跳出框架,以免造成js框架重复加载js出错。
   *
   * @param token
   * @param subject
   * @param request
   * @param response
   * @return
   * @throws Exception
   * @see
   *     org.apache.shiro.web.filter.authc.FormAuthenticationFilter#onLoginSuccess(org.apache.shiro.authc.AuthenticationToken,
   *     org.apache.shiro.subject.Subject, javax.servlet.ServletRequest,
   *     javax.servlet.ServletResponse)
   */
  @Override
  protected boolean onLoginSuccess(
      AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
      throws Exception {
    // issueSuccessRedirect(request, response);
    // we handled the success redirect directly, prevent the chain from continuing:
    HttpServletRequest httpServletRequest = (HttpServletRequest) request;
    HttpServletResponse httpServletResponse = (HttpServletResponse) response;

    ShiroUser shiroUser = (ShiroUser) subject.getPrincipal();
    // 加入ipAddress
    shiroUser.setIpAddress(request.getRemoteAddr());

    if (!"XMLHttpRequest".equalsIgnoreCase(httpServletRequest.getHeader("X-Requested-With"))
        || request.getParameter("ajax") == null) { // 不是ajax请求
      httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.getSuccessUrl());
    } else {
      httpServletResponse.sendRedirect(
          httpServletRequest.getContextPath() + "/login/timeout/success");
    }

    return false;
  }