zoukankan      html  css  js  c++  java
  • 【Shiro】06 自定义Realm授权实现

    创建一个激活的用户类:

    public class ActiverUser {
        private User user;
        private List<String> roleList;
        private List<String> permitList;
    } // 省略SETTER & GETTER & CONSTRUCTOR ...

    对应的创建业务层:

    用户业务:

    public interface UserService {
        User queryUserByUserName(String username);
    }

    实现类:

    这个Switch迷一样不支持String,不管了

    public class UserServiceImpl implements UserService {
    
        public User queryUserByUserName(String username) {
            User user = null;
            switch (username) {
                case "zhangsan":
                    user=new User(1, "zhangsan", "123456", new Date());
                    break;
                case "lisi":
                    user=new User(2, "lisi", "123456", new Date());
                    break;
                case "wangwu":
                    user=new User(3, "wangwu", "123456", new Date());
                    break;
            }
            return user;
        }
    }

    角色业务:

    根据用户名查询对应的所有角色:

    public interface RoleService {
        List<String> queryRoleByUsername(String username);
    }

    实现类:

    public class RoleServiceImpl implements RoleService {
        public List<String> queryRoleByUsername(String username) {
            return Arrays.asList("role1", "role2", "role3");
        }
    }

    权限业务:

    public interface PermissionService {
        List<String> queryPermissionByUsername(String username);
    }

    实现类:

    public class PermissionServiceImpl implements PermissionService{
        public List<String> queryPermissionByUsername(String username) {
            return Arrays.asList("user:query", "user:insert", "user:update", "user:delete");
        }
    }

    UserRealm的修改:

    package cn.echo42.shiro;
    
    import cn.echo42.pojo.User;
    import cn.echo42.service.*;
    import org.apache.shiro.authc.AuthenticationException;
    import org.apache.shiro.authc.AuthenticationInfo;
    import org.apache.shiro.authc.AuthenticationToken;
    import org.apache.shiro.authc.SimpleAuthenticationInfo;
    import org.apache.shiro.authz.AuthorizationInfo;
    import org.apache.shiro.authz.SimpleAuthorizationInfo;
    import org.apache.shiro.realm.AuthorizingRealm;
    import org.apache.shiro.subject.PrincipalCollection;
    
    import java.util.Collection;
    import java.util.List;
    
    /**
     * @author DaiZhiZhou
     * @file Shiro
     * @create 2020-08-01 18:38
     */
    public class UserRealm extends AuthorizingRealm {
    
        private UserService userService = new UserServiceImpl();
        private RoleService roleService = new RoleServiceImpl();
        private PermissionService permissionService = new PermissionServiceImpl();
    
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
            ActiverUser activerUser = (ActiverUser) principalCollection.getPrimaryPrincipal();
            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
            
            //添加角色
            Collection<String> roles = activerUser.getRoleList();
            // 角色存在
            if(null != roles && roles.size() > 0) {
                info.addRoles(roles);
            }
            
            Collection<String> permissions = activerUser.getPermitList();
            //添加权限
            if(null != permissions && permissions.size() > 0) {
                info.addStringPermissions(permissions);
            }
    //        if(activerUser.getUser().getType()==0) {
    //            info.addStringPermission("*:*");
    //        }
            return info;
        }
    
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    
            // 通过提交的令牌获取信息(用户名称?)
            String principal = authenticationToken.getPrincipal().toString();
    
            // 查询数据库得到记录
            User user = userService.queryUserByUserName(principal);
    
            // user非空
            if(null != user) {
                // 装载用户到权限的所有信息
                List<String> roles = roleService.queryRoleByUsername(user.getUsername());
                List<String> permissions = permissionService.queryPermissionByUsername(user.getUsername());
                ActiverUser activerUser = new ActiverUser(user, roles, permissions);
    
                // 返回认证信息出去
                return new SimpleAuthenticationInfo(activerUser, authenticationToken.getCredentials(), this.getName());
            }
            return null;
        }
    }
  • 相关阅读:
    3.13 获取位置
    团队博客(三)
    团队博客(二)
    团队博客(一)
    Android抽奖
    声网实现视频会议(二)
    声网实现视频会议(一)
    Android弹幕实现原理
    人月神话 胸有成竹
    Android的弹幕功能实现(四)
  • 原文地址:https://www.cnblogs.com/mindzone/p/13416432.html
Copyright © 2011-2022 走看看