自定義Realm

import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

 

public class MyRealm extends AuthorizingRealm {

@Resource
private PermissionService permissionService;

@Resource
private UserService userService;

/**
* 只有須要驗證權限時纔會調用, 受權查詢回調函數, 進行鑑權但緩存中無用戶的受權信息時調用.在配有緩存的狀況下，只加載一次.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//System.out.println("***********************開始受權");
//String loginName = SecurityUtils.getSubject().getPrincipal().toString();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
User user = (User) principalCollection.getPrimaryPrincipal();
if (user != null) {
//String userId = SecurityUtils.getSubject().getSession().getAttribute("userSessionId").toString();
List<Permission> rs = permissionService.getUserPermission(user.getId());
// 權限信息對象info,用來存放查出的用戶的全部的角色（role）及權限（permission）
//SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 用戶的角色對應的全部權限，若是隻使用角色定義訪問權限
//System.out.println("獲取用戶權限驗證權限");
for (Permission permission : rs) {
//System.out.println(permission.getFunctionUrl());
info.addStringPermission(permission.getFunctionUrl());
}

return info;
}
return null;
}

/**
* 認證回調函數,登陸時調用
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException{
//System.out.println("######################開始認證");
User user2 = new User();
UsernamePasswordToken token = (UsernamePasswordToken)arg0;
String username = token.getUsername();
String pwd = new String(token.getPassword());
user2.setUserName(username);
user2.setPassword(pwd);
//System.out.println(pwd);
User user= userService.load(user2);
if (user != null) {
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, pwd, getName());
return info;
} else {
throw new UnknownAccountException();// 沒找到賬號
}
}
/**
* 更新用戶受權信息緩存.
*/
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
/**
* 更新用戶信息緩存.
*/
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}

/**
* 清除用戶受權信息緩存.
*/
public void clearAllCachedAuthorizationInfo() {
getAuthorizationCache().clear();
}

/**
* 清除用戶信息緩存.
*/
public void clearAllCachedAuthenticationInfo() {
getAuthenticationCache().clear();
}

/**
* 清空全部緩存
*/
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}

/**

* 清空全部認證緩存
*/
public void clearAllCache() {
clearAllCachedAuthenticationInfo();
clearAllCachedAuthorizationInfo();
}

/**
*
* @Title: clearAuthz
* @Description: TODO()
* @param 自定義清空權限 並從新獲取權限
* @return void 返回類型
* @throws
*/
public void clearAuthz(){
this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
}

}