/**
* 获取授权信息
*
* @param principals
* @return
*/
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (!principals.isEmpty() && principals.fromRealm(getName()).size() > 0) {
Object id = principals.fromRealm(getName()).iterator().next();
if (id != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
if (enableRoles && enablePerms) {
Map<String, Collection<String>> rolesAndPerms = realmService.getUserRolesAndPerms(id);
Collection<String> roles = rolesAndPerms.get(roles_in_map_key);
Collection<String> perms = rolesAndPerms.get(perms_in_map_key);
if (roles != null && !roles.isEmpty()) {
info.addRoles(roles);
}
if (perms != null && !perms.isEmpty()) {
info.addStringPermissions(perms);
}
} else if (enableRoles && !enablePerms) {
Collection<String> perms = realmService.getPermissions(id);
if (perms != null && !perms.isEmpty()) {
info.addStringPermissions(perms);
}
} else if (enablePerms && !enableRoles) {
Collection<String> roles = realmService.getRoles(id);
if (roles != null && !roles.isEmpty()) {
info.addRoles(roles);
}
}
return info;
} else {
return null;
}
} else return null;
}
/**
* 获取认证信息,会通过realmDao或取用户的id和密码【此2项是必须的】,以及用户状态【非必须,当获取为NULL时不会中断认证】
*
* @param authcToken
* @return
* @throws AuthenticationException
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
Map<String, Object> info = realmService.getUserUniqueIdentityAndPassword(token.getUsername());
boolean flag =
info == null
|| info.isEmpty()
|| info.get(identity_in_map_key) == null
|| info.get(password_in_map_key) == null;
if (!flag) {
Object status = info.get(user_status_in_map_key);
if (status != null) {
String userStatus = status.toString();
if (user_status_forbidden.equals(userStatus)) { // 禁用账号
throw new AccountForbiddenException("AccountForbiddenException");
}
if (user_status_locked.equals(userStatus)) { // 账号锁定
throw new AccountLockedException("AccountLockedException");
}
}
return new SimpleAuthenticationInfo(
info.get(identity_in_map_key), info.get(password_in_map_key), getName());
} else {
throw new UnknownAccountException("UnknownAccountException"); // 没找到帐号;
}
}
/**
* 认证缓存key,登录时调用,默认使用token值,使用缓存时才调用此方法 {@link
* org.apache.shiro.realm.AuthenticatingRealm#getAuthenticationCacheKey(org.apache.shiro.authc.AuthenticationToken)}
*
* @param token token
* @return key
*/
protected Object getAuthenticationCacheKey(AuthenticationToken token) {
UsernamePasswordToken simpleToken = (UsernamePasswordToken) token;
Object id = realmService.getUniqueIdentity(simpleToken.getUsername().toLowerCase());
if (id != null) {
return "DRC_" + id;
}
return null;
}