/** 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Object principal = principals.getPrimaryPrincipal();
SecurityUser<Long> user =
(SecurityUser) principal; // userHessianService.findUserByPrincipal(principal);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
if (user != null) {
List<String> roles = userHessianService.getSecurityGroups(user.getId());
List<String> auths = userHessianService.getSecurityPermissions(user.getId());
if (null != roles && !roles.isEmpty()) info.addRoles(roles);
if (null != auths && !auths.isEmpty()) info.addStringPermissions(auths);
}
return info;
}
/** 认证回调函数,登录时调用. */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
SecurityUser<Long> user =
userHessianService.findUserByAccount(token.getUsername(), UserStaEnum.ENABLE);
if (user != null) {
token.setUsername(user.getLoginName());
return new SimpleAuthenticationInfo(user, user.getPassWord(), getName());
} else {
return null;
}
}