Java tutorial
/* * Project: admin-parent * * File Created at 2014-04-15 * * Copyright 2012 Greenline.com Corporation Limited. * All rights reserved. * * This software is the confidential and proprietary information of * Greenline Company. ("Confidential Information"). You shall not * disclose such Confidential Information and shall use it only in * accordance with the terms of the license agreement you entered into * with Greenline.com. */ package com.greenline.hrs.admin.auth.realm; import com.greenline.hrs.admin.auth.cons.AuthMessageConstants; import com.greenline.hrs.admin.user.po.UserPassport; import com.greenline.hrs.admin.user.service.ManUserService; import com.greenline.hrs.admin.user.vo.UserAuthInfo; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; /** * @author July * @version V1.0 * @type WebRealm * @desc WebRealmsubject.login * @date 2014-04-15 */ public class WebRealm extends AuthorizingRealm { private static final Log LOG = LogFactory.getLog(WebRealm.class); @Autowired private ManUserService manUserService; /** * ??? * * @param principals * @return */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null || principals.getPrimaryPrincipal() == null) { throw new AuthorizationException(AuthMessageConstants.PRINCIPAL_NULL); } UserAuthInfo userAuthInfo = null; try { Long userId = Long.valueOf(getAvailablePrincipal(principals).toString()); userAuthInfo = manUserService.getUserAuthInfo(userId); } catch (Exception e) { LOG.error(AuthMessageConstants.AUTHORIZATION_EXCEPTION, e); } if (userAuthInfo == null) { throw new AuthorizationException(AuthMessageConstants.AUTHORIZATION_EXCEPTION + principals); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(userAuthInfo.getRoles()); info.setStringPermissions(userAuthInfo.getPermissions()); return info; } /** * Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given * authentication token. * <p/> * For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing * more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific * log-in logic in addition to just retrieving data - it is up to the Realm implementation. * <p/> * A {@code null} return value means that no account could be associated with the specified token. * * @param token the authentication token containing the user's principal and credentials. * @return an {@link org.apache.shiro.authc.AuthenticationInfo} object containing account data resulting from the * authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.) * @throws org.apache.shiro.authc.AuthenticationException if there is an error acquiring data or performing * realm-specific authentication logic for the specified <tt>token</tt> */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); String encryptPasswd = new String(upToken.getPassword()); SimpleAuthenticationInfo authInfo = null; UserPassport userPassport = null; try { userPassport = manUserService.getUserPassportFromEncryptedPwd(Long.valueOf(username), encryptPasswd); } catch (Exception e) { LOG.error(AuthMessageConstants.AUTHORICATION_EXCEPTION, e); throw new AuthenticationException(AuthMessageConstants.AUTHORICATION_EXCEPTION, e); } if (userPassport == null) { throw new AuthenticationException(AuthMessageConstants.USER_PWD_ILLEGAL); } authInfo = new SimpleAuthenticationInfo(username, userPassport.getPassword(), getName()); authInfo.setCredentialsSalt(ByteSource.Util.bytes(userPassport.getSalt())); return authInfo; } }