Esempio n. 1
0
 /**
  * 获取授权信息
  *
  * @param principals
  * @return
  */
 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   if (!principals.isEmpty() && principals.fromRealm(getName()).size() > 0) {
     Object id = principals.fromRealm(getName()).iterator().next();
     if (id != null) {
       SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
       if (enableRoles && enablePerms) {
         Map<String, Collection<String>> rolesAndPerms = realmService.getUserRolesAndPerms(id);
         Collection<String> roles = rolesAndPerms.get(roles_in_map_key);
         Collection<String> perms = rolesAndPerms.get(perms_in_map_key);
         if (roles != null && !roles.isEmpty()) {
           info.addRoles(roles);
         }
         if (perms != null && !perms.isEmpty()) {
           info.addStringPermissions(perms);
         }
       } else if (enableRoles && !enablePerms) {
         Collection<String> perms = realmService.getPermissions(id);
         if (perms != null && !perms.isEmpty()) {
           info.addStringPermissions(perms);
         }
       } else if (enablePerms && !enableRoles) {
         Collection<String> roles = realmService.getRoles(id);
         if (roles != null && !roles.isEmpty()) {
           info.addRoles(roles);
         }
       }
       return info;
     } else {
       return null;
     }
   } else return null;
 }
Esempio n. 2
0
 /**
  * 获取认证信息,会通过realmDao或取用户的id和密码【此2项是必须的】,以及用户状态【非必须,当获取为NULL时不会中断认证】
  *
  * @param authcToken
  * @return
  * @throws AuthenticationException
  */
 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
     throws AuthenticationException {
   UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
   Map<String, Object> info = realmService.getUserUniqueIdentityAndPassword(token.getUsername());
   boolean flag =
       info == null
           || info.isEmpty()
           || info.get(identity_in_map_key) == null
           || info.get(password_in_map_key) == null;
   if (!flag) {
     Object status = info.get(user_status_in_map_key);
     if (status != null) {
       String userStatus = status.toString();
       if (user_status_forbidden.equals(userStatus)) { // 禁用账号
         throw new AccountForbiddenException("AccountForbiddenException");
       }
       if (user_status_locked.equals(userStatus)) { // 账号锁定
         throw new AccountLockedException("AccountLockedException");
       }
     }
     return new SimpleAuthenticationInfo(
         info.get(identity_in_map_key), info.get(password_in_map_key), getName());
   } else {
     throw new UnknownAccountException("UnknownAccountException"); // 没找到帐号;
   }
 }
Esempio n. 3
0
 /**
  * 认证缓存key,登录时调用,默认使用token值,使用缓存时才调用此方法 {@link
  * org.apache.shiro.realm.AuthenticatingRealm#getAuthenticationCacheKey(org.apache.shiro.authc.AuthenticationToken)}
  *
  * @param token token
  * @return key
  */
 protected Object getAuthenticationCacheKey(AuthenticationToken token) {
   UsernamePasswordToken simpleToken = (UsernamePasswordToken) token;
   Object id = realmService.getUniqueIdentity(simpleToken.getUsername().toLowerCase());
   if (id != null) {
     return "DRC_" + id;
   }
   return null;
 }