1、shiro授权
重新自定义realm中的授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("用户授权...");
String username = principals.getPrimaryPrincipal().toString();
User user = userService.queryByName(username);
Set<String> roles = userService.getRolesByUserId(user.getUserid());
Set<String> pers = userService.getPersByUserId(user.getUserid());
// SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// info.addRoles(roles);
// info.addStringPermissions(pers);
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
info.setRoles(roles);
info.setStringPermissions(pers);
return info;
}
2、注解式开发
2.1、常用注解介绍
@RequiresAuthenthentication:表示当前Subject已经通过login进行身份验证;即 Subject.isAuthenticated()