UserRealm.java
3.0 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package com.framework.shiro;
import java.util.Date;
import java.util.List;
import java.util.Set;
import javax.annotation.Resource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import com.google.common.collect.Sets;
import com.agent.entity.system.PermissionEntity;
import com.agent.entity.system.UserEntity;
import com.agent.service.system.RoleService;
import com.agent.service.system.UserService;
public class UserRealm extends AuthorizingRealm{
@Resource
private UserService userService;
@Resource
private RoleService roleService;
/**
* 返回当前subject的授权信息
* 交由shiro的Authorizer鉴权
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String loginAccount = (String) principals.getPrimaryPrincipal();
UserEntity user = userService.findByLoginaccount(loginAccount);
//System.out.println("user role id"+user.getRole().getId()+" role name:"+user.getRole().getRolename()+" :" +
//user.getRole().getRolecode()
// );
Set<String> roles = Sets.newHashSet(user.getRole().getRolecode());// user.getRole().getId().toString());
authorizationInfo.setRoles(roles);
//查询权限字符串
List<PermissionEntity> list = roleService.findAllPermisstionByRole(user.getRole());
Set<String> permisstions = Sets.newTreeSet();
for(PermissionEntity permisstion:list) {
permisstions.add(permisstion.getMenu().getPermission());
}
authorizationInfo.setStringPermissions(permisstions);
return authorizationInfo;
}
/**
* 返回用户身份认证信息
* 交由shiro的Authenticator验证
*
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String loginAccount = (String) token.getPrincipal();
UserEntity user = userService.findByLoginaccount(loginAccount);
if(user==null){
throw new UnknownAccountException();
}
user.setLastLoginTime(new Date());
userService.save(user);
Subject subject = SecurityUtils.getSubject();
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user.getLoginaccount(),user.getPassword(),getName());
//创建会话
subject.getSession().setAttribute("user", user);
//System.out.println("role:"+user.getRole().getId()+" name:"+user.getRole().getRolename());
//缓存用户菜单权限
subject.getSession().setAttribute("menuList", roleService.findAllFunctionByRole(user.getRole()));
return authenticationInfo;
}
}