import java.util.List;
import javax.annotation.Resource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
public class MyRealm extends AuthorizingRealm {
@Resource
private PermissionService permissionService;
@Resource
private UserService userService;
/**
* 只有需要验证权限时才会调用, 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.在配有缓存的情况下,只加载一次.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//System.out.println("***********************开始授权");
//String loginName = SecurityUtils.getSubject().getPrincipal().toString();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
User user = (User) principalCollection.getPrimaryPrincipal();
if (user != null) {
//String userId = SecurityUtils.getSubject().getSession().getAttribute("userSessionId").toString();
List<Permission> rs = permissionService.getUserPermission(user.getId());
// 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
//SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 用户的角色对应的所有权限,如果只使用角色定义访问权限
//System.out.println("获取用户权限验证权限");
for (Permission permission : rs) {
//System.out.println(permission.getFunctionUrl());
info.addStringPermission(permission.getFunctionUrl());
}
return info;
}
return null;
}
/**
* 认证回调函数,登录时调用
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException{
//System.out.println("######################开始认证");
User user2 = new User();
UsernamePasswordToken token = (UsernamePasswordToken)arg0;
String username = token.getUsername();
String pwd = new String(token.getPassword());
user2.setUserName(username);
user2.setPassword(pwd);
//System.out.println(pwd);
User user= userService.load(user2);
if (user != null) {
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, pwd, getName());
return info;
} else {
throw new UnknownAccountException();// 没找到帐号
}
}
/**
* 更新用户授权信息缓存.
*/
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
/**
* 更新用户信息缓存.
*/
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}
/**
* 清除用户授权信息缓存.
*/
public void clearAllCachedAuthorizationInfo() {
getAuthorizationCache().clear();
}
/**
* 清除用户信息缓存.
*/
public void clearAllCachedAuthenticationInfo() {
getAuthenticationCache().clear();
}
/**
* 清空所有缓存
*/
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}
/**
* 清空所有认证缓存
*/
public void clearAllCache() {
clearAllCachedAuthenticationInfo();
clearAllCachedAuthorizationInfo();
}
/**
*
* @Title: clearAuthz
* @Description: TODO()
* @param 自定义清空权限 并重新获取权限
* @return void 返回类型
* @throws
*/
public void clearAuthz(){
this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
}
}