springboot thymeleaf和shiro 整合 第二篇 配置許可權和認證
阿新 • • 發佈:2019-02-16
package com.ruiguang.config;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import com.ruiguang.dao.UserDao;
import com.ruiguang.entity.SysPermission;
import com.ruiguang.entity.SysRole;
import com.ruiguang.entity.UserInfo;
import javax.annotation.Resource;
public class MyShiroRealm extends AuthorizingRealm {
@Resource
private UserDao userInfoService;
//z 授權
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("許可權配置-->MyShiroRealm.doGetAuthorizationInfo()");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
UserInfo userInfo = (UserInfo)principals.getPrimaryPrincipal();
for(SysRole role:userInfo.getRoleList()){
authorizationInfo.addRole(role.getRole());
for(SysPermission p:role.getPermissions()){
authorizationInfo.addStringPermission(p.getPermission());
}
}
return authorizationInfo;
}
//認證 c
/*主要是用來進行身份認證的,也就是說驗證使用者輸入的賬號和密碼是否正確。*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
//1.賬/密碼 2.獲取角色
System.out.println("MyShiroRealm.doGetAuthenticationInfo()");
//獲取使用者的輸入的賬號.
String username = (String)token.getPrincipal();
System.out.println("獲取使用者的輸入的賬號---->>>"+username);
System.out.println("token.getCredentials()---->>>"+token.getCredentials().toString());
//通過username從資料庫中查詢 User物件,如果找到,沒找到.
//實際專案中,這裡可以根據實際情況做快取,如果不做,Shiro自己也是有時間間隔機制,2分鐘內不會重複執行該方法
UserInfo userInfo = userInfoService.findByUsername(username);
System.out.println("----->>userInfo.getName()="+userInfo.getName());
System.out.println("----->>userInfo.getCredentialsSalt()="+userInfo.getCredentialsSalt());
System.out.println("----->>userInfo.getPassword()="+userInfo.getPassword());
System.out.println("----->>userInfo.getSalt()="+userInfo.getSalt());
System.out.println("----->>userInfo.getUsername()="+userInfo.getUsername());
if(userInfo == null){
return null;
}
//此處使用的是user物件,不是username
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo, //使用者名稱
userInfo.getPassword(), //密碼
ByteSource.Util.bytes(userInfo.getCredentialsSalt()),//salt=username+salt
getName() //realm name
);
System.out.println("authenticationInfo.getCredentials()--->>"+authenticationInfo.getCredentials().toString());
System.out.println("authenticationInfo.getPrincipals()--->>"+authenticationInfo.getPrincipals().toString());
System.out.println("authenticationInfo.getCredentialsSalt()--->>"+authenticationInfo.getCredentialsSalt().getClass().getName());
System.out.println("authenticationInfo.getCredentialsSalt().toHex()--->>"+authenticationInfo.getCredentialsSalt().toHex());
return authenticationInfo;
}
}
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import com.ruiguang.dao.UserDao;
import com.ruiguang.entity.SysPermission;
import com.ruiguang.entity.SysRole;
import com.ruiguang.entity.UserInfo;
import javax.annotation.Resource;
public class MyShiroRealm extends AuthorizingRealm {
@Resource
private UserDao userInfoService;
//z 授權
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("許可權配置-->MyShiroRealm.doGetAuthorizationInfo()");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
UserInfo userInfo = (UserInfo)principals.getPrimaryPrincipal();
for(SysRole role:userInfo.getRoleList()){
authorizationInfo.addRole(role.getRole());
for(SysPermission p:role.getPermissions()){
authorizationInfo.addStringPermission(p.getPermission());
}
}
return authorizationInfo;
}
//認證 c
/*主要是用來進行身份認證的,也就是說驗證使用者輸入的賬號和密碼是否正確。*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
//1.賬/密碼 2.獲取角色
System.out.println("MyShiroRealm.doGetAuthenticationInfo()");
//獲取使用者的輸入的賬號.
String username = (String)token.getPrincipal();
System.out.println("獲取使用者的輸入的賬號---->>>"+username);
System.out.println("token.getCredentials()---->>>"+token.getCredentials().toString());
//通過username從資料庫中查詢 User物件,如果找到,沒找到.
//實際專案中,這裡可以根據實際情況做快取,如果不做,Shiro自己也是有時間間隔機制,2分鐘內不會重複執行該方法
UserInfo userInfo = userInfoService.findByUsername(username);
System.out.println("----->>userInfo.getName()="+userInfo.getName());
System.out.println("----->>userInfo.getCredentialsSalt()="+userInfo.getCredentialsSalt());
System.out.println("----->>userInfo.getPassword()="+userInfo.getPassword());
System.out.println("----->>userInfo.getSalt()="+userInfo.getSalt());
System.out.println("----->>userInfo.getUsername()="+userInfo.getUsername());
if(userInfo == null){
return null;
}
//此處使用的是user物件,不是username
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo, //使用者名稱
userInfo.getPassword(), //密碼
ByteSource.Util.bytes(userInfo.getCredentialsSalt()),//salt=username+salt
getName() //realm name
);
System.out.println("authenticationInfo.getCredentials()--->>"+authenticationInfo.getCredentials().toString());
System.out.println("authenticationInfo.getPrincipals()--->>"+authenticationInfo.getPrincipals().toString());
System.out.println("authenticationInfo.getCredentialsSalt()--->>"+authenticationInfo.getCredentialsSalt().getClass().getName());
System.out.println("authenticationInfo.getCredentialsSalt().toHex()--->>"+authenticationInfo.getCredentialsSalt().toHex());
return authenticationInfo;
}
}