权限的认证类

liyong1115

于 2012-03-06 17:47:03 发布

阅读量1.1k

点赞数

文章标签： user null string token class

public class ShiroDbRealm extends AuthorizingRealm {

    @Inject

    private UserService userService ;

    

    /**

 * 认证回调函数,登录时调用.

 */

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) 
throws AuthenticationException {

UsernamePasswordToken token = (UsernamePasswordToken) authcToken;

User user= userService.getUserByUserId(token.getUsername());

if (user!= null) {  

    return new SimpleAuthenticationInfo(user.getUserId(), user.getUserId(), getName());

} else {

return null;

}

}

/**

 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.

 */

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

String loginName = (String) principals.fromRealm(getName()).iterator().next();

User user= userService.getUserByUserId(loginName);

if (user != null) {

SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

info.addStringPermission("common-user");

return info;

} else {

return null;

}

}

}