项目使用:
操作步骤:
- 配置xml
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="ShiroRealm" />
</bean>
<!-- 項目自定义的Realm -->
<bean id="ShiroRealm" class="com.jwp.interceptor.shiro.ShiroRealm" ></bean>
- 控制器(import org.apache.shiro.realm.AuthorizingRealm;)
public class ShiroRealm extends AuthorizingRealm {
/*
* 登录信息和用户验证信息验证(non-Javadoc)
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String)token.getPrincipal(); //得到用户名
String password = new String((char[])token.getCredentials()); //得到密码
//身份证认证授权转移到 com.fh.controller.system.login LoginController类下的login()方法中
if(null != username && null != password){
return new SimpleAuthenticationInfo(username, password, getName());
}else{
return null;
}
}
/*
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用,负责在应用程序中决定用户的访问控制的方法(non-Javadoc)
* @see org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
return null;
}
}