创建一个激活的用户类:
public class ActiverUser { private User user; private List<String> roleList; private List<String> permitList; } // 省略SETTER & GETTER & CONSTRUCTOR ...
对应的创建业务层:
用户业务:
public interface UserService { User queryUserByUserName(String username); }
实现类:
这个Switch迷一样不支持String,不管了
public class UserServiceImpl implements UserService { public User queryUserByUserName(String username) { User user = null; switch (username) { case "zhangsan": user=new User(1, "zhangsan", "123456", new Date()); break; case "lisi": user=new User(2, "lisi", "123456", new Date()); break; case "wangwu": user=new User(3, "wangwu", "123456", new Date()); break; } return user; } }
角色业务:
根据用户名查询对应的所有角色:
public interface RoleService { List<String> queryRoleByUsername(String username); }
实现类:
public class RoleServiceImpl implements RoleService { public List<String> queryRoleByUsername(String username) { return Arrays.asList("role1", "role2", "role3"); } }
权限业务:
public interface PermissionService { List<String> queryPermissionByUsername(String username); }
实现类:
public class PermissionServiceImpl implements PermissionService{ public List<String> queryPermissionByUsername(String username) { return Arrays.asList("user:query", "user:insert", "user:update", "user:delete"); } }
UserRealm的修改:
package cn.echo42.shiro; import cn.echo42.pojo.User; import cn.echo42.service.*; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import java.util.Collection; import java.util.List; /** * @author DaiZhiZhou * @file Shiro * @create 2020-08-01 18:38 */ public class UserRealm extends AuthorizingRealm { private UserService userService = new UserServiceImpl(); private RoleService roleService = new RoleServiceImpl(); private PermissionService permissionService = new PermissionServiceImpl(); protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { ActiverUser activerUser = (ActiverUser) principalCollection.getPrimaryPrincipal(); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); //添加角色 Collection<String> roles = activerUser.getRoleList(); // 角色存在 if(null != roles && roles.size() > 0) { info.addRoles(roles); } Collection<String> permissions = activerUser.getPermitList(); //添加权限 if(null != permissions && permissions.size() > 0) { info.addStringPermissions(permissions); } // if(activerUser.getUser().getType()==0) { // info.addStringPermission("*:*"); // } return info; } protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { // 通过提交的令牌获取信息(用户名称?) String principal = authenticationToken.getPrincipal().toString(); // 查询数据库得到记录 User user = userService.queryUserByUserName(principal); // user非空 if(null != user) { // 装载用户到权限的所有信息 List<String> roles = roleService.queryRoleByUsername(user.getUsername()); List<String> permissions = permissionService.queryPermissionByUsername(user.getUsername()); ActiverUser activerUser = new ActiverUser(user, roles, permissions); // 返回认证信息出去 return new SimpleAuthenticationInfo(activerUser, authenticationToken.getCredentials(), this.getName()); } return null; } }