场景
直接放代码
package com.genset.stockmanage.realm;
import com.genset.stockmanage.bean.User;
import com.genset.stockmanage.brige.UserBrige;
import com.genset.stockmanage.constant.SuperConstant;
import com.genset.stockmanage.core.base.ShiroUser;
import com.genset.stockmanage.dao.UserDao;
import com.genset.stockmanage.exception.FreeingException;
import com.genset.stockmanage.exception.NewPwdException;
import com.genset.stockmanage.service.UserService;
import com.genset.stockmanage.util.BeanConv;
import com.genset.stockmanage.util.EmptyUtil;
import com.genset.stockmanage.util.SpringBeanFactoryUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.List;
@Component
public class DefinitionRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
@Autowired
private UserBrige userBrige;
public DefinitionRealm(){
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(SuperConstant.HASH_ALGORITHM);
hashedCredentialsMatcher.setHashIterations(SuperConstant.HASH_INTERATIONS);
setCredentialsMatcher(hashedCredentialsMatcher);
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
ShiroUser shiroUser = (ShiroUser) principalCollection.getPrimaryPrincipal();
//查询用户对应的角色标识
assert userService != null;
List<String> roleList = userService.findRoleList(shiroUser.getId());
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
simpleAuthorizationInfo.addRoles(roleList);
return simpleAuthorizationInfo;
}
// 登录认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String) token.getPrincipal();
User user = userBrige.findUserByLoginName(username);
if (EmptyUtil.isNullOrEmpty(user)){
throw new UnknownAccountException("账号不存在!");
}
//构建认证令牌对象
ShiroUser shiroUser = BeanConv.toBean(user, ShiroUser.class);
if(shiroUser == null){
throw new RuntimeException("网络异常请重试!");
}
if(shiroUser.getState() == 0){
throw new NewPwdException("请修改您的初始密码!");
}
if(shiroUser.getIsFreezing() == 0){
throw new FreeingException("你的账号已被锁定,请联系管理员解锁");
}
String slat = shiroUser.getSalt();
String password = shiroUser.getUserpswd();
//构建认证信息对象:1、令牌对象 2、密文密码 3、加密因子 4、当前realm的名称
return new SimpleAuthenticationInfo(shiroUser, password, ByteSource.Util.bytes(slat), getName());
}
}
``在上述代码中
userService 和 userBrige是Null,无法自动注入
原因
原因此时这两个还没有初始化好.
解决方案
我手动从容器中拿.
工具类
@Component
public class SpringBeanFactoryUtils implements ApplicationContextAware{
private static ApplicationContext applicationContext;
@Override
public void setApplicationContext(ApplicationContext applicationContext)
throws BeansException {
if (SpringBeanFactoryUtils.applicationContext == null) {
SpringBeanFactoryUtils.applicationContext = applicationContext;
}
}
public static ApplicationContext getApplicationContext() {
return applicationContext;
}
//根据名称(@Resource 注解)
public static Object getBean(String name) {
return getApplicationContext().getBean(name);
}
//根据类型(@Autowired)
public static <T> T getBean(Class<T> clazz) {
return getApplicationContext().getBean(clazz);
}
public static <T> T getBean(String name, Class<T> clazz) {
return getApplicationContext().getBean(name, clazz);
}
}
调用
String username = (String) token.getPrincipal();
if(userBrige == null){
userBrige = SpringBeanFactoryUtils.getBean(UserBrige.class);
}
User user = userBrige.findUserByLoginName(username);
即可解决问题!