com.g2.service.account.ShiroDbRealm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.g2.service.account.ShiroDbRealm.java

Introduction

Here is the source code for com.g2.service.account.ShiroDbRealm.java

Source

/*******************************************************************************
 * Copyright (c) 2005, 2014 springside.github.io
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 *******************************************************************************/
package com.g2.service.account;

import java.io.Serializable;

import javax.annotation.PostConstruct;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.web.subject.WebSubject;

import com.octo.captcha.service.CaptchaService;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springside.modules.utils.Encodes;

import com.g2.entity.User;
import com.google.common.base.Objects;

public class ShiroDbRealm extends AuthorizingRealm {

    private static final Logger logger = LoggerFactory.getLogger(ShiroDbRealm.class);

    protected AccountService accountService;

    @Autowired
    private CaptchaService captchaService;

    /**
     * ?,.
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
            throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
        User user = accountService.findUserByLoginName(token.getUsername());

        ServletRequest request = ((WebSubject) SecurityUtils.getSubject()).getServletRequest();
        HttpServletRequest trequest = (HttpServletRequest) request;
        String captchaID = trequest.getSession().getId();
        Boolean flag = false;
        flag = captchaService.validateResponseForID(captchaID, request.getParameter("j_captcha"));
        if (flag.booleanValue()) {
            logger.debug("??");
            if (user != null) {
                if (isNomal(user)) {
                    byte[] salt = Encodes.decodeHex(user.getSalt());
                    return new SimpleAuthenticationInfo(
                            new ShiroUser(user.getId(), user.getLoginName(), user.getName()), user.getPassword(),
                            ByteSource.Util.bytes(salt), getName());
                }
                return null;
            } else {
                return null;
            }
        } else {
            logger.debug("??");
            return null;
        }

    }

    private boolean isNomal(User user) {
        if (user.getStatus().equals(User.STATUS_VALIDE)) {
            return true;
        }
        return false;
    }

    /**
     * ?, ???.
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal();
        User user = accountService.findUserByLoginName(shiroUser.loginName);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addRoles(user.getRoleList());
        return info;
    }

    /**
     * PasswordHash.
     */
    @PostConstruct
    public void initCredentialsMatcher() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(AccountService.HASH_ALGORITHM);
        matcher.setHashIterations(AccountService.HASH_INTERATIONS);

        setCredentialsMatcher(matcher);
    }

    public void setAccountService(AccountService accountService) {
        this.accountService = accountService;
    }

    /**
     * AuthenticationSubject??????.
     */
    public static class ShiroUser implements Serializable {
        private static final long serialVersionUID = -1373760761780840081L;
        public Long id;
        public String loginName;
        public String name;

        public ShiroUser(Long id, String loginName, String name) {
            this.id = id;
            this.loginName = loginName;
            this.name = name;
        }

        public String getName() {
            return name;
        }

        /**
         * <shiro:principal/>.
         */
        @Override
        public String toString() {
            return loginName;
        }

        /**
         * ?hashCode,?loginName;
         */
        @Override
        public int hashCode() {
            return Objects.hashCode(loginName);
        }

        /**
         * ?equals,?loginName;
         */
        @Override
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null) {
                return false;
            }
            if (getClass() != obj.getClass()) {
                return false;
            }
            ShiroUser other = (ShiroUser) obj;
            if (loginName == null) {
                if (other.loginName != null) {
                    return false;
                }
            } else if (!loginName.equals(other.loginName)) {
                return false;
            }
            return true;
        }
    }
}