/** 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroEmp shiroEmp = (ShiroEmp) principals.getPrimaryPrincipal(); EosEmp eosEmp = eosEmpService.findByEno(shiroEmp.loginName); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); /* 系统不使用角色 */ /* * List<String> resourceList = * eosEmpService.getAllRoleAction(eosEmp.getRoleId()); * info.addStringPermissions(resourceList); String roleName = * eosRoleService.getRoleName(eosEmp.getRoleId()); * info.addRole(roleName); */ Session session = SecurityUtils.getSubject().getSession(); session.setAttribute("eosEmp", eosEmp); return info; }
/** 认证回调函数,登录时调用. */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { if (useCaptcha) { CaptchaUsernamePasswordToken token = (CaptchaUsernamePasswordToken) authcToken; String parm = token.getCaptcha(); String c = (String) SecurityUtils.getSubject() .getSession() .getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY); if (parm == null || !parm.equalsIgnoreCase(c)) { throw new IncorrectCaptchaException( ResourceUtils.getString("msg.login.kaptcha.code.error")); } } UsernamePasswordToken token = (UsernamePasswordToken) authcToken; // System.out.println("token.getUsername() : " + token.getUsername()); EosEmp eosEmp = eosEmpService.findByEno(token.getUsername()); // byte[] salt = Encodes.decodeHex(operator.getPwdSalt()); // byte[] salt = Encodes.decodeHex(PropertyUtil.getString("salt")); if (eosEmp != null) { if (PropertyUtil.getBoolean("encrypt")) { return new SimpleAuthenticationInfo( new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()), eosEmp.getEpwd(), ByteSource.Util.bytes(Encodes.decodeHex(PropertyUtil.getString("salt"))), getName()); } else { return new SimpleAccount( new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()), eosEmp.getPwd(), getName()); } } else { throw new UnknownAccountException(); } }