1. import java.util.HashSet;
    2. import java.util.List;
    3. import java.util.Set;
    5. import org.apache.shiro.authc.AuthenticationException;
    6. import org.apache.shiro.authc.AuthenticationInfo;
    7. import org.apache.shiro.authc.AuthenticationToken;
    8. import org.apache.shiro.authc.LockedAccountException;
    9. import org.apache.shiro.authc.SimpleAuthenticationInfo;
    10. import org.apache.shiro.authc.UnknownAccountException;
    11. import org.apache.shiro.authc.UsernamePasswordToken;
    12. import org.apache.shiro.authc.credential.CredentialsMatcher;
    13. import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
    14. import org.apache.shiro.authz.AuthorizationException;
    15. import org.apache.shiro.authz.AuthorizationInfo;
    16. import org.apache.shiro.authz.SimpleAuthorizationInfo;
    17. import org.apache.shiro.realm.AuthorizingRealm;
    18. import org.apache.shiro.subject.PrincipalCollection;
    19. import org.apache.shiro.util.ByteSource;
    20. import org.springframework.beans.factory.annotation.Autowired;
    21. import org.springframework.stereotype.Service;
    22. import org.springframework.util.StringUtils;
    24. import com.db.sys.dao.SysMenuDao;
    25. import com.db.sys.dao.SysRoleMenuDao;
    26. import com.db.sys.dao.SysUserDao;
    27. import com.db.sys.dao.SysUserRoleDao;
    28. import com.db.sys.entity.SysUser;
    30. @Service
    31. public class ShiroUserRealm extends AuthorizingRealm {
    33.     @Autowired
    34.     private SysUserDao sysUserDao;
    36.     @Autowired
    37.     private SysUserRoleDao sysUserRoleDao;
    39.     @Autowired
    40.     private SysRoleMenuDao sysRoleMenuDao;
    42.     @Autowired
    43.     private SysMenuDao sysMenuDao;
    45.     /**
    46.      * 设置凭证匹配器
    47.      */
    48.     @Override
    49.     public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
    50.         //构建凭证匹配对象
    51.         HashedCredentialsMatcher cMatcher=new HashedCredentialsMatcher();
    52.         //设置加密算法
    53.         cMatcher.setHashAlgorithmName("MD5");
    54.         //设置加密次数
    55.         cMatcher.setHashIterations(1);
    56.         super.setCredentialsMatcher(cMatcher);
    57.     }
    58.     /**
    59.      * 通过此方法完成认证数据的获取及封装,系统
    60.      * 底层会将认证数据传递认证管理器,由认证
    61.      * 管理器完成认证操作。
    62.      */
    63.     @Override
    64.     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) 
    65.             throws AuthenticationException {
    66.         //1.获取用户名(用户页面输入)
    67.         UsernamePasswordToken upToken=
    68.         (UsernamePasswordToken)token;
    69.         String username=upToken.getUsername();
    70.         //2.基于用户名查询用户信息
    71.         SysUser user=
    72.         sysUserDao.findUserByUserName(username);
    73.         //3.判定用户是否存在
    74.         if(user==null)
    75.         throw new UnknownAccountException();
    76.         //4.判定用户是否已被禁用。
    77.         if(user.getValid()==0)
    78.         throw new LockedAccountException();
    80.         //5.封装用户信息
    81.         ByteSource credentialsSalt=
    82.         ByteSource.Util.bytes(user.getSalt());
    83.         //记住:构建什么对象要看方法的返回值
    84.         SimpleAuthenticationInfo info=
    85.         new SimpleAuthenticationInfo(
    86.                 user,//principal (身份)
    87.                 user.getPassword(),//hashedCredentials
    88.                 credentialsSalt, //credentialsSalt
    89.                 getName());//realName
    90.         //6.返回封装结果
    91.         return info;
    92.     }
    93.     /**通过此方法完成授权信息的获取及封装*/
    94.     @Override
    95.     protected AuthorizationInfo doGetAuthorizationInfo(
    96.         PrincipalCollection principals) {
    97.         //1.获取登录用户信息,例如用户id
    98.         SysUser user=(SysUser)principals.getPrimaryPrincipal();
    99.         Integer userId=user.getId();
    100.         //2.基于用户id获取用户拥有的角色(sys_user_roles)
    101.         List<Integer> roleIds=
    102.         sysUserRoleDao.findRoleIdsByUserId(userId);
    103.         if(roleIds==null||roleIds.size()==0)
    104.         throw new AuthorizationException();
    105.         //3.基于角色id获取菜单id(sys_role_menus)
    106.         Integer[] array={};
    107.         List<Integer> menuIds=
    108.         sysRoleMenuDao.findMenuIdsByRoleIds(
    109.                 roleIds.toArray(array));
    110.         if(menuIds==null||menuIds.size()==0)
    111.         throw new AuthorizationException();
    112.         //4.基于菜单id获取权限标识(sys_menus)
    113.         List<String> permissions=
    114.         sysMenuDao.findPermissions(
    115.             menuIds.toArray(array));
    116.         //5.对权限标识信息进行封装并返回
    117.         Set<String> set=new HashSet<>();
    118.         for(String per:permissions){
    119.             if(!StringUtils.isEmpty(per)){
    120.                 set.add(per);
    121.             }
    122.         }
    123.         SimpleAuthorizationInfo info=
    124.         new SimpleAuthorizationInfo();
    125.         info.setStringPermissions(set);
    126.         return info;//返回给授权管理器
    127.     }
    129. }