1. //自定义realm
    2. public class CustomerRealm extends AuthorizingRealm {
    4.     @Override
    5.     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    6.         return null;
    7.     }
    9.     @Override
    10.     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    12.         //根据身份信息//从传过来的token获取到的用户名
    13.         String principal = (String) token.getPrincipal();
    15.         //在工厂中获取service对象
    16.         UserService userService = (UserService) ApplicationContextUtils.getBean("userService");
    18.         //根据身份信息查询
    19.         User user = userService.findByUserName(principal);
    21.         //用户不为空
    22.         if(!ObjectUtils.isEmpty(user)){
    23.             //返回数据库信息
    24.             return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(),
    25.                     ByteSource.Util.bytes(user.getSalt()), this.getName());;
    26.         }
    28.         return null;
    29.     }