cn.evilcoder.fantasyblog4j.shiro.ShiroDbRealm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. cn.evilcoder.fantasyblog4j.shiro.ShiroDbRealm.java

Introduction

Here is the source code for cn.evilcoder.fantasyblog4j.shiro.ShiroDbRealm.java

Source

/*******************************************************************************
 * Copyright (c) 2005, 2014 springside.github.io
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 *******************************************************************************/
package cn.evilcoder.fantasyblog4j.shiro;

import cn.evilcoder.fantasyblog4j.domain.User;
import cn.evilcoder.fantasyblog4j.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import javax.annotation.PostConstruct;

@Service
public class ShiroDbRealm extends AuthorizingRealm {
    @Autowired
    protected UserService userService;
    @Autowired
    TokenService tokenService;

    /**
     * ?,.
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String username = String.valueOf(token.getPrincipal());
        String password = new String((char[]) token.getCredentials());

        User user = userService.selectByUsername(username);
        if (user == null) {
            throw new AuthenticationException("???.");
        }
        if (!userService.checkPassword(user, password)) {
            throw new AuthenticationException("???.");
        }

        return new SimpleAuthenticationInfo(username, password, getName());
    }

    /**
     * ?, ???.
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return new SimpleAuthorizationInfo();
    }

    /**
     * PasswordHash.
     */
    @PostConstruct
    public void initCredentialsMatcher() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(UserService.HASH_ALGORITHM);
        matcher.setHashIterations(UserService.HASH_INTERATIONS);

        setCredentialsMatcher(matcher);
    }

}