|
@@ -4,25 +4,29 @@ import com.rxida.xilinedu.sys.dao.UserDao;
|
|
import com.rxida.xilinedu.sys.entity.Permission;
|
|
import com.rxida.xilinedu.sys.entity.Permission;
|
|
import com.rxida.xilinedu.sys.entity.Role;
|
|
import com.rxida.xilinedu.sys.entity.Role;
|
|
import com.rxida.xilinedu.sys.entity.User;
|
|
import com.rxida.xilinedu.sys.entity.User;
|
|
|
|
+import com.rxida.xilinedu.sys.security.Digests;
|
|
import com.rxida.xilinedu.sys.utils.Encodes;
|
|
import com.rxida.xilinedu.sys.utils.Encodes;
|
|
-import org.apache.shiro.authc.AuthenticationException;
|
|
|
|
-import org.apache.shiro.authc.AuthenticationInfo;
|
|
|
|
-import org.apache.shiro.authc.AuthenticationToken;
|
|
|
|
-import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
|
|
|
|
|
+import org.apache.shiro.authc.*;
|
|
import org.apache.shiro.authz.AuthorizationInfo;
|
|
import org.apache.shiro.authz.AuthorizationInfo;
|
|
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
|
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
|
import org.apache.shiro.realm.AuthorizingRealm;
|
|
import org.apache.shiro.realm.AuthorizingRealm;
|
|
import org.apache.shiro.subject.PrincipalCollection;
|
|
import org.apache.shiro.subject.PrincipalCollection;
|
|
import org.apache.shiro.util.ByteSource;
|
|
import org.apache.shiro.util.ByteSource;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
+import org.springframework.stereotype.Service;
|
|
|
|
|
|
import javax.annotation.Resource;
|
|
import javax.annotation.Resource;
|
|
import java.io.Serializable;
|
|
import java.io.Serializable;
|
|
|
|
+import java.util.Arrays;
|
|
|
|
|
|
public class SystemAuthorizingRealm extends AuthorizingRealm {
|
|
public class SystemAuthorizingRealm extends AuthorizingRealm {
|
|
@Autowired
|
|
@Autowired
|
|
private UserDao userDao;
|
|
private UserDao userDao;
|
|
|
|
|
|
|
|
+ public SystemAuthorizingRealm() {
|
|
|
|
+ this.setCachingEnabled(false);
|
|
|
|
+ }
|
|
|
|
+
|
|
//角色权限和对应权限添加
|
|
//角色权限和对应权限添加
|
|
@Override
|
|
@Override
|
|
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
|
|
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
|
|
@@ -51,60 +55,19 @@ public class SystemAuthorizingRealm extends AuthorizingRealm {
|
|
return null;
|
|
return null;
|
|
}
|
|
}
|
|
//获取用户信息
|
|
//获取用户信息
|
|
- String username = authenticationToken.getPrincipal().toString();
|
|
|
|
|
|
+ String username = (String) authenticationToken.getPrincipal();
|
|
User user = userDao.findByUsername(username);
|
|
User user = userDao.findByUsername(username);
|
|
if (user == null) {
|
|
if (user == null) {
|
|
//这里返回后会报出对应异常
|
|
//这里返回后会报出对应异常
|
|
return null;
|
|
return null;
|
|
} else {
|
|
} else {
|
|
- byte[] salt = Encodes.decodeHex(user.getPassword().substring(0, 16));
|
|
|
|
- //这里验证authenticationToken和simpleAuthenticationInfo的信息
|
|
|
|
-// SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username, salt, getName());
|
|
|
|
- return new SimpleAuthenticationInfo(new Principal(user, false),
|
|
|
|
- user.getPassword().substring(16), ByteSource.Util.bytes(salt), getName());
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- /**
|
|
|
|
- * 授权用户信息
|
|
|
|
- */
|
|
|
|
- public static class Principal implements Serializable {
|
|
|
|
|
|
|
|
- private static final long serialVersionUID = 1L;
|
|
|
|
-
|
|
|
|
- private String id; // 编号
|
|
|
|
- private String loginName; // 登录名
|
|
|
|
- private String name; // 姓名
|
|
|
|
- private boolean mobileLogin; // 是否手机登录
|
|
|
|
-
|
|
|
|
- public Principal(User user, boolean mobileLogin) {
|
|
|
|
- this.id = user.getId();
|
|
|
|
- this.loginName = user.getUsername();
|
|
|
|
- this.name = user.getName();
|
|
|
|
- this.mobileLogin = mobileLogin;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- public String getId() {
|
|
|
|
- return id;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- public String getLoginName() {
|
|
|
|
- return loginName;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- public String getName() {
|
|
|
|
- return name;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- public boolean isMobileLogin() {
|
|
|
|
- return mobileLogin;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- @Override
|
|
|
|
- public String toString() {
|
|
|
|
- return id;
|
|
|
|
|
|
+ byte[] salt = Encodes.decodeHex(user.getPassword().substring(0, 16));
|
|
|
|
+ return new SimpleAuthenticationInfo(
|
|
|
|
+ user,
|
|
|
|
+ user.getPassword().substring(16),
|
|
|
|
+ ByteSource.Util.bytes(salt),
|
|
|
|
+ getName());
|
|
}
|
|
}
|
|
-
|
|
|
|
}
|
|
}
|
|
-
|
|
|
|
}
|
|
}
|