| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 |
- package com.gxzc.zen.umps.config
- import com.gxzc.zen.api.sys.service.ISysUserService
- import com.gxzc.zen.umps.common.ZenAuthToken
- import com.gxzc.zen.umps.common.ZenSimpleByteSource
- import org.apache.shiro.authc.*
- import org.apache.shiro.authz.AuthorizationInfo
- import org.apache.shiro.authz.SimpleAuthorizationInfo
- import org.apache.shiro.realm.AuthorizingRealm
- import org.apache.shiro.subject.PrincipalCollection
- import org.slf4j.LoggerFactory
- import org.springframework.beans.factory.annotation.Autowired
- /**
- *
- * @author NorthLan
- * @date 2018/4/23
- * @url https://noahlan.com
- */
- class ZenShiroRealm : AuthorizingRealm() {
- companion object {
- private val logger = LoggerFactory.getLogger(ZenShiroRealm::class.java)
- }
- @Autowired
- private lateinit var userService: ISysUserService
- init {
- this.name = "zen_realm"
- }
- /**
- * 登陆验证
- */
- override fun doGetAuthenticationInfo(token: AuthenticationToken): AuthenticationInfo {
- logger.debug("ZenShiroRealm doGetAuthenticationInfo [${token.principal}]")
- if (token !is ZenAuthToken) {
- throw AccountException("token must be ZenAuthToken")
- }
- // 获取用户信息
- val user = token.user ?: throw UnknownAccountException()
- // 账号锁定判定
- if (user.lock != null && user.lock!!) {
- throw LockedAccountException()
- }
- return SimpleAuthenticationInfo(user.account, user.password, ZenSimpleByteSource(user.account + user.salt), user.username)
- }
- /**
- * <p>调用subject的权限验证,如 hasRole,hasPermission <br>
- * 将调用此方法给subject设置定义的权限
- * 而后交由Realm处理 <br></p>
- * 现改为集中式基于数据库的动态权限管理,此功能不做任何处理
- */
- override fun doGetAuthorizationInfo(principals: PrincipalCollection?): AuthorizationInfo {
- logger.debug("ZenShiroRealm doGetAuthorizationInfo [${principals?.primaryPrincipal}]")
- return SimpleAuthorizationInfo()
- }
- }
|
