Shiro自定义Realm

package com.sxt.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * shiro的认证使用shiro.ini文件
 * 
 * @author LJH
 *
 */
@SuppressWarnings("deprecation")
public class TestAuthenticationApp {
    // 日志输出工具
    private static final transient Logger log = LoggerFactory.getLogger(TestAuthenticationApp.class);

    public static void main(String[] args) {

        String username = "zhangsan";
        String password = "123456";

        log.info("My First Apache Shiro Application");
        // 1，创建安全管理器的工厂对象 org.apache.shiro.mgt.SecurityManager;
        // 不能使用java.lang.SecurityManager
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        // 2,使用工厂创建安全管理器
        DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance();
        // 3,创建UserRealm
        // UserRealm realm = new UserRealm();
        // 4,给securityManager注入userRealm
        // securityManager.setRealm(realm);
        // 6,把当前的安全管理器绑定当到线的线程
        SecurityUtils.setSecurityManager(securityManager);
        // 7,使用SecurityUtils.getSubject得到主体对象
        Subject subject = SecurityUtils.getSubject();
        // 8，封装用户名和密码
        AuthenticationToken token = new UsernamePasswordToken(username, password);
        // 9,得到认证
        try {
            subject.login(token);
            System.out.println("认证通过");

            Object principal = subject.getPrincipal();

            System.out.println(principal);

        } catch (IncorrectCredentialsException e) {
            System.out.println("密码不正确");
        } catch (UnknownAccountException e) {
            System.out.println("用户名不存在");
        }

        // 角色判断
        boolean hasRole1 = subject.hasRole("role1");
        System.out.println("是否有role1的角色:" + hasRole1);
        
        
        boolean permitted = subject.isPermitted("user:query");
        System.out.println(permitted);

    }
}

[main]
#创建userRealm对象
userRealm=com.sxt.realm.UserRealm
#把当前对象给安全管理器
#securityManager=org.apache.shiro.mgt.DefaultSecurityManager
securityManager.realm=$userRealm

package com.sxt.realm;

import java.util.Collection;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.sxt.domain.ActiverUser;
import com.sxt.domain.User;
import com.sxt.service.PermissionService;
import com.sxt.service.RoleService;
import com.sxt.service.UserService;
import com.sxt.service.imp.PermissionServiceImpl;
import com.sxt.service.imp.RoleServiceImpl;
import com.sxt.service.imp.UserServiceImpl;

public class UserRealm extends AuthorizingRealm {

    
    
    private UserService userService=new UserServiceImpl();
    
    private RoleService roleService =new RoleServiceImpl();
    
    private PermissionService permissionService=new PermissionServiceImpl();
    
    
    /**
     * 做认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String username=token.getPrincipal().toString();
        token.getCredentials();
        System.out.println(username);
        /**
         * 以前登陆的逻辑是  把用户和密码全部发到数据库  去匹配
         * 在shrio里面是先根据用户名把用户对象查询出来，再来做密码匹配
         */
        User user=userService.queryUserByUserName(username);
        if(null!=user) {
            List<String> roles=roleService.queryRoleByUserName(user.getUsername());
            
            List<String> permissions=permissionService.queryPermissionByUserName(user.getUsername());
            ActiverUser activerUser=new ActiverUser(user, roles, permissions);
            /**
             * 参数说明
             * 参数1:可以传到任意对象
             * 参数2:从数据库里面查询出来的密码
             * 参数3:当前类名
             */
            SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activerUser, user.getPwd(), this.getName());
            return info;
        }else {
            //用户不存在  shiro会抛 UnknowAccountException
            return null;
        }
    }


    /**
     * 作授权
     * 
     * 参数说明
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        ActiverUser activerUser = (ActiverUser) principals.getPrimaryPrincipal();
        SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
        //添加角色
        Collection<String> roles=activerUser.getRoles();
        if(null!=roles&&roles.size()>0) {
            info.addRoles(roles);
        }
        Collection<String> permissions=activerUser.getPermissions();
        //添加权限
        if(null!=permissions&&permissions.size()>0) {
            info.addStringPermissions(permissions);
        }
//        if(activerUser.getUser().getType()==0) {
//            info.addStringPermission("*:*");
//        }
        return info;
    }

}