如果登录验证成功以后开始写授权 ,授权的主要代码是MyRealm.class里面的 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)  这个方法

package util.shiro;

import java.util.ArrayList;
import java.util.Collection;

import javax.annotation.Resource;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Component;

import dao.user.UserManageDao;
import entities.login.User;
import entities.permission.Permission;
import entities.permission.Role;
import service.user.UserManageService;
@Component("MyRealm")
public class MyRealm extends AuthorizingRealm {
	@Resource
    private UserManageDao userManageDao; 
	@Resource
    private UserManageService userManageService; 
    /**
     *权限认证 
     */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //获得登录验证的时SimpleAuthenticationInfo(user.getName(),user.getPassword(),getName());  加入的第一参数  
也就是登录名

		String userName = (String) principals.fromRealm(getName()).iterator().next();
		User user=userManageService.getUserPermissions(userName);
        if( user != null ) {
            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
            for( Role role : user.getRoles() ) {
                info.addRole(role.getName());
                Collection<String> permissions= new ArrayList<String>();
                for(Permission permission:role.getPermissions()){
                	permissions.add(permission.getName());
                }
                info.addStringPermissions(permissions);
            }
            return info;
        } else {
            return null;
        }
	}
	/**
	 * 登录认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken aucatoken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken)aucatoken;
		String name=token.getUsername();
		User user=userManageDao.getUser(name);
        if(user!=null){
            return new SimpleAuthenticationInfo(user.getName(),user.getPassword(),getName());  
        }else{
            throw new AuthenticationException();  
        }
	}

}

BaseEntities.class

package entities.common;

import java.io.Serializable;
import java.util.Date;

import org.springframework.format.annotation.DateTimeFormat;
/**
 * 基本实体类
 * @author
 *
 */
public class BaseEntities implements Serializable {
	private static final long serialVersionUID = 582421988320252728L;
	/**
	 * 添加人
	 */
    private String add_person;
    /**
     * 添加时间
     */
    @DateTimeFormat(pattern="yyyy-MM-dd HH:mm:ss")
    private Date add_time;
    /**
     * 修改人
     */
    private String update_person;
    /**
     * 修改时间
     */
    @DateTimeFormat(pattern="yyyy-MM-dd HH:mm:ss")
    private Date update_time;
	public String getAdd_person() {
		return add_person;
	}
	public void setAdd_person(String add_person) {
		this.add_person = add_person;
	}
	public Date getAdd_time() {
		return add_time;
	}
	public void setAdd_time(Date add_time) {
		this.add_time = add_time;
	}
	public String getUpdate_person() {
		return update_person;
	}
	public void setUpdate_person(String update_person) {
		this.update_person = update_person;
	}
	public Date getUpdate_time() {
		return update_time;
	}
	public void setUpdate_time(Date update_time) {
		this.update_time = update_time;
	}
    
}

user.class

package entities.login;

import java.util.List;

import entities.common.BaseEntities;
import entities.organization.Dept;
import entities.permission.Role;

public class User extends BaseEntities {
	    private static final long serialVersionUID = 2039861692418167602L;
		private String id;//主键
        private String name;//用户名
        private String password;//密码
        private String deptId;//所属部门ID
	    private List<Role> roles;//用户所属角色
		public String getId() {
			return id;
		}
		public void setId(String id) {
			this.id = id;
		}
		public void setName(String name){
        	this.name=name;
        }
        public String getName(){
        	return name;
        }
		public String getPassword() {
			return password;
		}
		public void setPassword(String password) {
			this.password = password;
		}
		
		public String getDeptId() {
			return deptId;
		}
		public void setDeptId(String deptId) {
			this.deptId = deptId;
		}
		public List<Role> getRoles() {
			return roles;
		}
		public void setRoles(List<Role> roles) {
			this.roles = roles;
		}
		
}

Role.class

package entities.permission;

import java.util.Collection;
import java.util.List;

import entities.common.BaseEntities;
/**
 * 角色VO
 * @author
 *
 */
public class Role extends BaseEntities {
	private static final long serialVersionUID = 4959629763490520963L;
	private String id;//角色ID
    private String name;//角色名称
    private String remark;  //角色描述
    private List<Permission> permissions;//角色所拥有的权限
	public String getId() {
		return id;
	}
	public void setId(String id) {
		this.id = id;
	}
	public String getName() {
		return name;
	}
	public void setName(String name) {
		this.name = name;
	}
	public String getRemark() {
		return remark;
	}
	public void setRemark(String remark) {
		this.remark = remark;
	}
	public List<Permission> getPermissions() {
		return permissions;
	}
	public void setPermissions(List<Permission> permissions) {
		this.permissions = permissions;
	}
    
}

permission.class

package entities.permission;

import entities.common.BaseEntities;
/**
 * 权限VO
 * @author 
 *
 */
public class Permission extends BaseEntities {
	private static final long serialVersionUID = -9065412662525813726L;
	//权限ID
	private String id;
	//角色ID
	private String roleId;
	//角色名称
	private String name;
	//角色描述
	private String remark;
	public String getId() {
		return id;
	}
	public void setId(String id) {
		this.id = id;
	}
	public String getRoleId() {
		return roleId;
	}
	public void setRoleId(String roleId) {
		this.roleId = roleId;
	}
	public String getName() {
		return name;
	}
	public void setName(String name) {
		this.name = name;
	}
	public String getRemark() {
		return remark;
	}
	public void setRemark(String remark) {
		this.remark = remark;
	}
	

}

表结构:

user 表

role表

permission 表

调用权限验证的方法:

        //判断是否有权限
		   Subject currentUser = SecurityUtils.getSubject();
		//当你调用currentUser.isPermitted("aaa") 或者currentUser.hasRole("admin")
        //或者注解JSP标签方法时候  就会进入权限验证方法, 验证方法里面                   
//info.addRole(role.getName());info.addStringPermissions(permissions); 
 这两个方法加的数据就是你的判断依据
			if(!currentUser.isPermitted("admin")){
				
			}else{
				
			}
		}

 

分类:

技术点:

相关文章: