Shiro初步3_自定义Realm
来源:互联网 发布:中国软件学校 编辑:程序博客网 时间:2024/06/05 08:12
1.配置Mybatis和mvc环境
2.shiro.ini
[main]authc.loginUrl=/loginperms.unauthorizedUrl=/unauth.jsproles.unauthorizedUrl=/unauth.jspuserRealm = org.shiro.realm.UserRealmhashMatcher = org.apache.shiro.authc.credential.HashedCredentialsMatcherhashMatcher.hashAlgorithmName=md5userRealm.credentialsMatcher=$hashMatchersecurityManager.realms=$userRealm[urls]/admin/user/**=authc,roles[admin]/admin/role/**=authc,roles[abc]/admin/**=authc/login=anon/logout = logout
3.InitServlet.java
用于在自定义realm中加载bean
public class InitServlet extends HttpServlet { private static final long serialVersionUID = 1L; private static WebApplicationContext wc; @Override public void init(ServletConfig config) throws ServletException { super.init(config); //初始化spring的工厂 wc = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext()); } public static WebApplicationContext getWc() { return wc; } public static Object getBean(String name) { return wc.getBean(name); }}
<servlet-mapping> <servlet-name>shiro</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <servlet> <servlet-name>initServlet</servlet-name> <servlet-class>org.shiro.web.InitServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet>
4.自定义Realm
public class UserRealm extends AuthorizingRealm { /** * 授权 */ @Override protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals) { User user = ((User)principals.getPrimaryPrincipal()); int uid = user.getId(); System.out.println(user.getId()+","+user.getNickname()); IUserService userService = (IUserService)InitServlet.getBean("userService"); //得到用户所有角色 List<String> roles = userService.listRoleSnByUser(uid); //得到用户角色对应的 资源URL List<Resource> reses = userService.listAllResource(uid); List<String> permissions = new ArrayList<String>(); for(Resource r:reses) { permissions.add(r.getUrl()); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.setRoles(new HashSet<String>(roles)); info.setStringPermissions(new HashSet<String>(permissions)); return info; } /** * 认证 */ @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token) throws AuthenticationException { System.out.println("ccccccccccc-------------------------"); IUserService userService = (IUserService)InitServlet.getBean("userService"); String username = token.getPrincipal().toString(); String password = new String((char[])token.getCredentials()); System.out.println("password----------------------------"+password); User user = userService.login(username, password);//得到用户 System.out.println("username----------------------------"+username); SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), this.getName()); info.setCredentialsSalt(ByteSource.Util.bytes(user.getUsername()));//解密 前边 设置的盐值是用户名 return info; }}
5.
https://github.com/Amant-huangqi/shiro_Realm
0 0
- Shiro初步3_自定义Realm
- shiro笔记3《自定义Realm》
- shiro学习之路(3)----自定义Realm
- shiro自定义Realm
- Shiro入门-自定义realm
- Shiro自定义Realm
- shiro自定义Realm实现
- Shiro 自定义realm认证
- 【shiro】--- 自定义realm
- Shiro(四) 自定义Realm
- shiro 权限框架自定义Realm
- (六)shiro自定义realm
- 6、 Shiro中的自定义Realm
- shiro使用总结-自定义Realm
- 自定义realm shiro加密配置
- 【shiro】shiro学习笔记2-自定义realm
- 【Shiro】Apache Shiro架构之自定义realm
- 【Shiro】Apache Shiro架构之自定义realm
- Codeforces #317(div.2) C(二进制 状压)
- 第三章习题3-第三题=改写彩票例题
- C++中的new的用法
- POJ3612Telephone Wire[DP]
- 图像处理入门杂谈
- Shiro初步3_自定义Realm
- map的lisp实现
- Sqlite使用及升级
- poj 2528线段树应用+离散化
- 八数码问题(状态空间搜索)--《算法入门经典》
- java Generic介绍
- 在线算法与离线算法(online or offline)
- display:block|inline|inline-block;各自的特征
- 水水笔-续4(09/16)