com.plateform.admin.security.ShiroDbRealm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.plateform.admin.security.ShiroDbRealm.java

Introduction

Here is the source code for com.plateform.admin.security.ShiroDbRealm.java

Source

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package com.plateform.admin.security;

import java.util.List;

import javax.annotation.PostConstruct;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
//import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

import com.plateform.common.constants.UserConst.UserStaEnum;
import com.plateform.common.sercurity.SecurityUser;
import com.plateform.middleware.hessian.UserHessianService;

public class ShiroDbRealm extends AuthorizingRealm {

    protected UserHessianService userHessianService;

    /**
     * ?,.
     */
    //   @Override
    //   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
    //      UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
    //      SecurityUser<Serializable> user = userService.findUserByLoginName(token.getUsername());
    //      if (user != null) {
    //         if (user.isDisabled()) {
    //            throw new DisabledAccountException();
    //         }
    //
    ////         byte[] salt = EncodeUtils.decodeHex(user.getSalt());
    //         String password = userService.getLoginPassword(user.getId());
    //         //return new SimpleAuthenticationInfo(userService.createPrincipal(user), password, ByteSource.Util.bytes(salt), getName());
    //         return new SimpleAuthenticationInfo(userService.createPrincipal(user), password, getName());
    //      } else {
    //         return null;
    //      }
    //   }

    public UserHessianService getUserHessianService() {
        return userHessianService;
    }

    public void setUserHessianService(UserHessianService userHessianService) {
        this.userHessianService = userHessianService;
    }

    /**
     * ?,.
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
            throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
        SecurityUser<Long> user = userHessianService.findUserByAccount(token.getUsername(), UserStaEnum.ENABLE);
        if (user != null) {
            token.setUsername(user.getLoginName());
            return new SimpleAuthenticationInfo(user, user.getPassWord(), getName());
        } else {
            return null;
        }
    }

    /**
     * ?, ???.
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        Object principal = principals.getPrimaryPrincipal();
        SecurityUser<Long> user = (SecurityUser) principal;//userHessianService.findUserByPrincipal(principal);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        if (user != null) {
            List<String> roles = userHessianService.getSecurityGroups(user.getId());
            List<String> auths = userHessianService.getSecurityPermissions(user.getId());
            if (null != roles && !roles.isEmpty())
                info.addRoles(roles);
            if (null != auths && !auths.isEmpty())
                info.addStringPermissions(auths);

        }
        return info;
    }

    /**
     * PasswordHash.
     */
    @PostConstruct
    public void initCredentialsMatcher() {
        //      HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Settings.get("hash.algorithm", Settings.HASH_ALGORITHM));
        //      matcher.setHashIterations(Settings.get("hash.interations", Settings.HASH_INTERATIONS));
        //      setCredentialsMatcher(matcher);

        //??shiro??shiro?  
        setCredentialsMatcher(new CustomCredentialsMatcher());
    }

    /** 
    * ?ShiroSession, 
    * @see Controller,HttpSession.getAttribute(key)?? 
    */
    private void setSession(Object key, Object value) {
        Subject currentUser = SecurityUtils.getSubject();
        if (null != currentUser) {
            Session session = currentUser.getSession();
            System.out.println("Session[" + session.getTimeout() + "]");
            if (null != session) {
                session.setAttribute(key, value);
            }
        }
    }

}