1.自定义一个Realm类,继承AuthorizingRealm。
2.重写,doGetAuthorizationInfo(用于实现授权)和doGetAuthenticationInfo(用于实现验证)方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {......}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {.......}
3.写一个方法initCredentialsMatcher(用于初始化匹配器)
@PostConstruct // 该注释表示该方法将在服务器启动时调用一次
public void initCredentialsMatcher() {
/**
*调用setCredentialsMatcher设置匹配器
*传入的是一个匹配器的匿名对象
*要重写doCredentialsMatch方法,返回值为Boolean类型的匹配结果
*/
setCredentialsMatcher(new SimpleCredentialsMatcher(){
@Override
public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo){
}
}
}