/** 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
ShiroEmp shiroEmp = (ShiroEmp) principals.getPrimaryPrincipal();
EosEmp eosEmp = eosEmpService.findByEno(shiroEmp.loginName);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
/* 系统不使用角色 */
/*
* List<String> resourceList =
* eosEmpService.getAllRoleAction(eosEmp.getRoleId());
* info.addStringPermissions(resourceList); String roleName =
* eosRoleService.getRoleName(eosEmp.getRoleId());
* info.addRole(roleName);
*/
Session session = SecurityUtils.getSubject().getSession();
session.setAttribute("eosEmp", eosEmp);
return info;
}
/** 认证回调函数,登录时调用. */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
if (useCaptcha) {
CaptchaUsernamePasswordToken token = (CaptchaUsernamePasswordToken) authcToken;
String parm = token.getCaptcha();
String c =
(String)
SecurityUtils.getSubject()
.getSession()
.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
if (parm == null || !parm.equalsIgnoreCase(c)) {
throw new IncorrectCaptchaException(
ResourceUtils.getString("msg.login.kaptcha.code.error"));
}
}
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// System.out.println("token.getUsername() : " + token.getUsername());
EosEmp eosEmp = eosEmpService.findByEno(token.getUsername());
// byte[] salt = Encodes.decodeHex(operator.getPwdSalt());
// byte[] salt = Encodes.decodeHex(PropertyUtil.getString("salt"));
if (eosEmp != null) {
if (PropertyUtil.getBoolean("encrypt")) {
return new SimpleAuthenticationInfo(
new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()),
eosEmp.getEpwd(),
ByteSource.Util.bytes(Encodes.decodeHex(PropertyUtil.getString("salt"))),
getName());
} else {
return new SimpleAccount(
new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()),
eosEmp.getPwd(),
getName());
}
} else {
throw new UnknownAccountException();
}
}
