commit
This commit is contained in:
ouburikou
@@ -1,10 +1,5 @@
|
||||
package com.xinwei.utils;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class Constants {
|
||||
|
||||
|
||||
|
||||
@@ -1,65 +0,0 @@
|
||||
|
||||
/**
|
||||
* 权限认证,为当前登录的Subject授予角色和权限
|
||||
* @see:本例中该方法的调用时机为需授权资源被访问时
|
||||
* @see :并且每次访问需授权资源时都会执行该方法中的逻辑,这表明本例中默认并未启用AuthorizationCache
|
||||
* @see :如果连续访问同一个URL(比如刷新),该方法不会被重复调用,Shiro有一个时间间隔(也就是cache时间,在ehcache-shiro.xml中配置),超过这个时间间隔再刷新页面,该方法会被执行
|
||||
*/
|
||||
|
||||
@Override
|
||||
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
|
||||
//获取当前登录输入的用户名,等价于(String) principalCollection.fromRealm(getName()).iterator().next();
|
||||
String loginName = (String)super.getAvailablePrincipal(principalCollection);
|
||||
//到数据库查是否有此对象
|
||||
ShiroUser user= shiroUserService.findByUsername(loginName);
|
||||
if(user!=null){
|
||||
//权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
|
||||
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
|
||||
//用户的角色集合
|
||||
info.setRoles(user.getRolesName());
|
||||
List<ShiroRole> roleList=user.getRoleList();
|
||||
for (ShiroRole role : roleList) {
|
||||
info.addStringPermissions(role.getPermissionsName());
|
||||
}
|
||||
return info;
|
||||
}
|
||||
// 返回null的话,就会导致任何用户访问被拦截的请求时,都会自动跳转到unauthorizedUrl指定的地址
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 登录认证
|
||||
*/
|
||||
|
||||
|
||||
@Override
|
||||
protected AuthenticationInfo doGetAuthenticationInfo(
|
||||
AuthenticationToken authenticationToken) throws AuthenticationException {
|
||||
|
||||
//UsernamePasswordToken对象用来存放提交的登录信息
|
||||
UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;
|
||||
|
||||
//查出是否有此用户
|
||||
ShiroUser user= shiroUserService.findByUsername(token.getUsername());
|
||||
|
||||
if(user==null){
|
||||
throw new UnknownAccountException();//账户不存在
|
||||
}
|
||||
if(user!=null&&user.getStatus().equals(Constants.userStatus_2)){
|
||||
|
||||
throw new LockedAccountException(); //账户被锁
|
||||
}
|
||||
if(user!=null&&user.getStatus().equals(Constants.userStatus_0)){
|
||||
|
||||
throw new DisabledAccountException();//账户不存在
|
||||
}
|
||||
if(user!=null&&user.getStatus().equals(Constants.userStatus_1)){
|
||||
// 若存在,将此用户存放到登录认证info中,无需自己做密码对比,Shiro会为我们进行密码对比校验
|
||||
return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), ByteSource.Util.bytes("www"),getName());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user