com.greenline.hrs.admin.auth.realm.WebRealm.java Source code

Java tutorial

Introduction

Here is the source code for com.greenline.hrs.admin.auth.realm.WebRealm.java

Source

/*
 * Project: admin-parent
 * 
 * File Created at 2014-04-15
 * 
 * Copyright 2012 Greenline.com Corporation Limited.
 * All rights reserved.
 *
 * This software is the confidential and proprietary information of
 * Greenline Company. ("Confidential Information").  You shall not
 * disclose such Confidential Information and shall use it only in
 * accordance with the terms of the license agreement you entered into
 * with Greenline.com.
 */
package com.greenline.hrs.admin.auth.realm;

import com.greenline.hrs.admin.auth.cons.AuthMessageConstants;
import com.greenline.hrs.admin.user.po.UserPassport;
import com.greenline.hrs.admin.user.service.ManUserService;
import com.greenline.hrs.admin.user.vo.UserAuthInfo;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @author July
 * @version V1.0
 * @type WebRealm
 * @desc WebRealmsubject.login
 * @date 2014-04-15
 */
public class WebRealm extends AuthorizingRealm {

    private static final Log LOG = LogFactory.getLog(WebRealm.class);

    @Autowired
    private ManUserService manUserService;

    /**
     * ???
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //null usernames are invalid
        if (principals == null || principals.getPrimaryPrincipal() == null) {
            throw new AuthorizationException(AuthMessageConstants.PRINCIPAL_NULL);
        }
        UserAuthInfo userAuthInfo = null;
        try {
            Long userId = Long.valueOf(getAvailablePrincipal(principals).toString());
            userAuthInfo = manUserService.getUserAuthInfo(userId);
        } catch (Exception e) {
            LOG.error(AuthMessageConstants.AUTHORIZATION_EXCEPTION, e);
        }
        if (userAuthInfo == null) {
            throw new AuthorizationException(AuthMessageConstants.AUTHORIZATION_EXCEPTION + principals);
        }
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(userAuthInfo.getRoles());
        info.setStringPermissions(userAuthInfo.getPermissions());
        return info;
    }

    /**
     * Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given
     * authentication token.
     * <p/>
     * For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing
     * more and letting Shiro do the rest.  But in some systems, this method could actually perform EIS specific
     * log-in logic in addition to just retrieving data - it is up to the Realm implementation.
     * <p/>
     * A {@code null} return value means that no account could be associated with the specified token.
     *
     * @param token the authentication token containing the user's principal and credentials.
     * @return an {@link org.apache.shiro.authc.AuthenticationInfo} object containing account data resulting from the
     * authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.)
     * @throws org.apache.shiro.authc.AuthenticationException if there is an error acquiring data or performing
     *                                                        realm-specific authentication logic for the specified <tt>token</tt>
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        String username = upToken.getUsername();
        String encryptPasswd = new String(upToken.getPassword());
        SimpleAuthenticationInfo authInfo = null;
        UserPassport userPassport = null;
        try {
            userPassport = manUserService.getUserPassportFromEncryptedPwd(Long.valueOf(username), encryptPasswd);
        } catch (Exception e) {
            LOG.error(AuthMessageConstants.AUTHORICATION_EXCEPTION, e);
            throw new AuthenticationException(AuthMessageConstants.AUTHORICATION_EXCEPTION, e);
        }
        if (userPassport == null) {
            throw new AuthenticationException(AuthMessageConstants.USER_PWD_ILLEGAL);
        }
        authInfo = new SimpleAuthenticationInfo(username, userPassport.getPassword(), getName());
        authInfo.setCredentialsSalt(ByteSource.Util.bytes(userPassport.getSalt()));
        return authInfo;
    }

}