java source code of MyShiroRealm

SpringBootBucket-master
- springboot-thymeleaf
  - src
    - main
      - resources
        application.yml
        public
        favicon.ico
        static
        fonts
        fontawesome-webfont.woff2
        fontawesome-webfont.woff
        glyphicons-halflings-regular.woff
        glyphicons-halflings-regular.eot
        fontawesome-webfont.eot
        glyphicons-halflings-regular.woff2
        glyphicons-halflings-regular.ttf
        FontAwesome.otf
        fontawesome-webfont.ttf
        glyphicons-halflings-regular.svg
        js
        bootstrap.min.js
        jquery.min.js
        css
        bootstrap.min.css
        font-awesome.min.css
        templates
        index.html
        banner.txt
      - java
        com
        xncoding
        pos
        Application.java
        controller
        IndexController.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-aop
  - src
    - main
      - resources
        application.yml
        logback-spring.xml
        banner.txt
      - java
        com
        xncoding
        aop
        AfterStartRunner.java
        aspect
        UserAccessAspect.java
        UserAccess.java
        LogAspect.java
        controller
        UserController.java
        Application.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-websocket
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        jwt
        commons
        JacksonUtil.java
        config
        WebSocketConfig.java
        WebSocketStompConfig.java
        interceptor
        WebSocketInterceptor.java
        model
        WsParam.java
        WsResponse.java
        RequestMessage.java
        ResponseMessage.java
        handler
        SocketHandler.java
        Application.java
        controller
        WsController.java
    - test
      - java
        com
        xncoding
        jwt
        socket
        client
        html
        index1.html
        bootstrap.css
        js
        stomp.js
        sockjs.min.js
        index.html
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-multisource
  - src
    - main
      - resources
        sql
        schema.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        common
        dao
        entity
        User.java
        repository
        UserMapper.java
        mutidatesource
        DSEnum.java
        DynamicDataSource.java
        DataSourceContextHolder.java
        aop
        MultiSourceExAop.java
        annotion
        DataSource.java
        config
        properties
        DruidProperties.java
        MutiDataSourceProperties.java
        MybatisPlusConfig.java
        service
        UserService.java
        Application.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-cxf
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        webservice
        client
        ObjectFactory.java
        CommonService_Service.java
        GetUserResponse.java
        SayHello.java
        package-info.java
        GetUser.java
        SayHelloResponse.java
        CommonService.java
        User.java
        util
        JacksonUtil.java
        config
        CxfConfig.java
        service
        impl
        CommonServiceImpl.java
        ICommonService.java
        model
        User.java
        Application.java
    - test
      - java
        com
        xncoding
        webservice
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-schedule
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        config
        ScheduleConfig.java
        jobs
        HeartbeatJob.java
        Application.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-mybatis
  - src
    - main
      - resources
        sql
        schema.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        common
        dao
        entity
        User.java
        repository
        UserMapper.java
        config
        properties
        DruidProperties.java
        MybatisPlusConfig.java
        service
        UserService.java
        Application.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-rabbitmq-rpc
  - springboot-rabbitmq-rpc-client
    - src
      - main
        resources
        application.yml
        banner.txt
        java
        com
        xncoding
        pos
        util
        StringUtil.java
        config
        RabbitConfig.java
        service
        SenderService.java
        model
        User.java
        Application.java
      - test
        java
        com
        xncoding
        service
        SenderServiceTest.java
    - pom.xml
    - LICENSE
    - README.md
  - springboot-rabbitmq-rpc-server
    - src
      - main
        resources
        application.yml
        banner.txt
        java
        com
        xncoding
        pos
        util
        JacksonUtil.java
        config
        ExecutorConfig.java
        RabbitConfig.java
        server
        AsyncTask.java
        AsyncRPCServer.java
        model
        User.java
        Application.java
    - pom.xml
    - LICENSE
    - README.md
- LICENSE
- springboot-starter
  - src
    - main
      - resources
        META-INF
        spring.factories
        banner.txt
      - java
        com
        xncoding
        starter
        config
        ExampleServiceProperties.java
        ExampleAutoConfigure.java
        service
        ExampleService.java
        Application.java
  - pom.xml
  - LICENSE
  - README.md
  - .gitignore
- springboot-batch
  - src
    - main
      - resources
        sql
        schema-drop-oracle10g.sql
        schema-oracle10g.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        trans
        start
        StartRunner.java
        dao
        entity
        User.java
        repository
        UserMapper.java
        config
        properties
        DruidProperties.java
        CommonProperties.java
        MybatisPlusConfig.java
        service
        CsvService.java
        Application.java
        modules
        canton
        Canton.java
        CantonConfig.java
        MyBatchConfig.java
        common
        anno
        TableName.java
        vo
        BscTollItem.java
        BscOfficeExeItem.java
        BscTollSpecialShare.java
        BscExeOffice.java
        BscCanton.java
        DateUtil.java
        zapp
        AppConfig.java
        App.java
        MyBeanWrapperFieldSetMapper.java
        MyBeanValidator.java
        MyJobListener.java
        zlog
        LogConfig.java
        Log.java
        vtoll
        BudgetVtoll.java
        BudgetVtollConfig.java
    - test
      - java
        com
        xncoding
        service
        BatchServiceTest.java
        SimpleTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - temp.txt
  - README.md
  - .gitignore
- springboot-redis
  - src
    - main
      - resources
        sql
        t_user.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        dao
        entity
        User.java
        repository
        UserMapper.java
        config
        DruidProperties.java
        RedisConfig.java
        MybatisPlusConfig.java
        service
        UserService.java
        Application.java
    - test
      - java
        com
        xncoding
        service
        UserServiceTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-resttemplate
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        config
        properties
        HttpClientProperties.java
        RestTemplateConfig.java
        HttpClientConfig.java
        model
        BaseResponse.java
        LoginParam.java
        UnbindParam.java
        Application.java
        controller
        LoginController.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-rabbitmq
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        mq
        Receiver.java
        config
        RabbitConfig.java
        service
        SenderService.java
        AfterStartRunner.java
        Application.java
    - test
      - java
        com
        xncoding
        service
        SenderServiceTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-cache
  - src
    - main
      - resources
        sql
        t_user.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        trans
        dao
        entity
        User.java
        repository
        UserMapper.java
        config
        DruidProperties.java
        RedisCacheConfig.java
        MybatisPlusConfig.java
        service
        UserService.java
        Application.java
    - test
      - java
        com
        xncoding
        service
        UserServiceTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-echarts
  - src
    - main
      - resources
        application.yml
        public
        favicon.ico
        static
        js
        moment.min.js
        echarts-load.js
        jquery-1.10.1.min.js
        socket.io.js
        css
        bootstrap.css
        templates
        index.html
        banner.txt
      - java
        com
        xncoding
        Application.java
        echarts
        api
        PublicController.java
        model
        EchartsData.java
        BaseResponse.java
        jmh
        Label.java
        AxisPointer.java
        Serie.java
        SaveAsImage.java
        XAxis.java
        Grid.java
        Tooltip.java
        YAxis.java
        Title.java
        Toolbox.java
        Option.java
        Feature.java
        Normal.java
        YAxisLabel.java
        Legend.java
        PicRequest.java
        common
        ServerRunner.java
        util
        CommonUtil.java
        ExportPngUtil.java
        constants
        MsgType.java
        config
        properties
        MyProperties.java
        NettySocketConfig.java
        service
        ApiService.java
        handler
        MessageEventHandler.java
        controller
        IndexController.java
        benchmark
        common
        ResultExporter.java
        sum
        calc
        impl
        MultithreadCalculator.java
        SinglethreadCalculator.java
        Calculator.java
        SecondBenchmark.java
        first
        FirstBenchmark.java
        json
        util
        GsonUtil.java
        JsonLibUtil.java
        FastJsonUtil.java
        JacksonUtil.java
        JsonSerializeBenchmark.java
        model
        Person.java
        FullName.java
        JsonDeserializeBenchmark.java
        string
        StringBuilderBenchmark.java
    - test
      - java
        com
        xncoding
        echarts
        common
        util
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-mongodb
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        dao
        entity
        Customer.java
        repository
        CustomerRepository.java
        service
        CustomerService.java
        Application.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-socketio
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        jwt
        common
        JsonConverter.java
        ServerRunner.java
        config
        properties
        MyProperties.java
        NettySocketConfig.java
        model
        ChatMessage.java
        LoginRequest.java
        handler
        MessageEventHandler.java
        Application.java
    - test
      - java
        com
        xncoding
        jwt
        socket
        client
        html
        bootstrap.css
        js
        moment.min.js
        socket.io
        socket.io.js
        jquery-1.10.1.min.js
        index.html
        SocketClient.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-swagger2
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        jwt
        api
        LoginController.java
        ExceptionController.java
        PublicController.java
        NotifyController.java
        model
        JoinBindResponse.java
        BaseResponse.java
        LoginParam.java
        VersionParam.java
        BindParam.java
        UnbindParam.java
        PosParam.java
        VersionResult.java
        ReportParam.java
        config
        Swagger2Config.java
        Application.java
    - test
      - resources
        keystore.jks
      - java
        com
        xncoding
        jwt
        Swagger2MarkupTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- README.md
- springboot-async
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        config
        AsyncConfig.java
        async
        AsyncException.java
        AsyncTask.java
        AsyncExceptionHandler.java
        Application.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-jwt
  - src
    - main
      - resources
        ehcache.xml
        application.yml
        banner.txt
      - java
        com
        xncoding
        jwt
        dao
        domain
        RolePermission.java
        Role.java
        Permission.java
        ManagerRole.java
        Manager.java
        api
        LoginController.java
        ExceptionController.java
        PublicController.java
        model
        BaseResponse.java
        LoginParam.java
        common
        util
        JWTUtil.java
        config
        ShiroConfig.java
        service
        ManagerInfoService.java
        exception
        ForbiddenUserException.java
        UnauthorizedException.java
        shiro
        JWTToken.java
        JWTFilter.java
        ShiroKit.java
        MyShiroRealm.java
        model
        ManagerInfo.java
        SysRole.java
        Application.java
    - test
      - java
        com
        xncoding
        jwt
        SimpleTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- .gitignore
- springboot-hibernate
  - src
    - main
      - resources
        sql
        schema.sql
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        dao
        entity
        Article.java
        repository
        impl
        ArticleDAO.java
        IArticleDAO.java
        config
        properties
        DruidProperties.java
        DataSourceConfig.java
        service
        ArticleService.java
        Application.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-shiro
  - src
    - main
      - resources
        sql
        schema.sql
        ehcache.xml
        application.yml
        public
        favicon.ico
        static
        img
        error
        error_bg.jpg
        js
        bootstrap.min.js
        jquery.min.js
        css
        login.css
        style.css
        404.css
        bootstrap.min.css
        patterns
        templates
        error
        404.html
        500.html
        shiro_403.html
        index.html
        modules
        common
        welcome.html
        login.html
        banner.txt
      - java
        com
        xncoding
        pos
        dao
        entity
        ManagerInfo.java
        SysRole.java
        repository
        ManagerInfoDao.java
        mapping
        ManagerInfoDao.xml
        common
        dao
        entity
        RolePermission.java
        Role.java
        Permission.java
        ManagerRole.java
        Manager.java
        repository
        RoleMapper.java
        PermissionMapper.java
        ManagerRoleMapper.java
        ManagerMapper.java
        RolePermissionMapper.java
        config
        properties
        MyProperties.java
        DruidProperties.java
        ShiroConfig.java
        MybatisPlusConfig.java
        service
        ManagerInfoService.java
        exception
        ForbiddenUserException.java
        shiro
        KaptchaFilter.java
        IncorrectCaptchaException.java
        MyExceptionResolver.java
        CaptchaUsernamePasswordToken.java
        ShiroKit.java
        RoleFilter.java
        MyShiroRealm.java
        model
        BaseResponse.java
        Application.java
        controller
        LoginController.java
    - test
      - java
        com
        xncoding
        pos
        SimpleTest.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-transaction
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        trans
        dao
        entity
        User.java
        repository
        UserMapper.java
        config
        DruidProperties.java
        MybatisPlusConfig.java
        service
        UserService.java
        exception
        MyException.java
        Application.java
        controller
        UserController.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore
- springboot-restful
  - src
    - main
      - resources
        application.yml
        banner.txt
      - java
        com
        xncoding
        pos
        util
        JacksonUtil.java
        model
        BaseResponse.java
        User.java
        Application.java
        controller
        UserController.java
    - test
      - java
        com
        xncoding
        pos
        ApplicationTests.java
  - pom.xml
  - LICENSE
  - run.sh
  - README.md
  - .gitignore

package com.xncoding.pos.shiro;

import com.xncoding.pos.common.dao.entity.Permission;
import com.xncoding.pos.service.ManagerInfoService;
import com.xncoding.pos.dao.entity.ManagerInfo;
import com.xncoding.pos.dao.entity.SysRole;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * Description  : 身份校验核心类
 */

public class MyShiroRealm extends AuthorizingRealm {

    private static final Logger _logger = LoggerFactory.getLogger(MyShiroRealm.class);

    @Autowired
    ManagerInfoService managerInfoService;

    /**
     * 认证信息.(身份验证)
     * Authentication 是用来验证用户身份
     *
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
            throws AuthenticationException {

        _logger.info("MyShiroRealm.doGetAuthenticationInfo()");

        //获取用户的输入的账号.
        String username = (String) token.getPrincipal();
        //_logger.info("用户的账号:"+username);

        //通过username从数据库中查找 ManagerInfo对象
        //实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
        ManagerInfo managerInfo = managerInfoService.findByUsername(username);

        if (managerInfo == null) {
            return null;
        }

        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                managerInfo, //用户
                managerInfo.getPassword(), //密码
                ByteSource.Util.bytes(managerInfo.getCredentialsSalt()),//salt=username+salt
                getName()  //realm name
        );

        //明文: 若存在，将此用户存放到登录认证info中，无需自己做密码对比，Shiro会为我们进行密码对比校验
//        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
//                managerInfo, //用户名
//                managerInfo.getPassword(), //密码
//                getName()  //realm name
//        );
        return authenticationInfo;
    }

    /**
     * 此方法调用hasRole,hasPermission的时候才会进行回调.
     * <p>
     * 权限信息.(授权):
     * 1、如果用户正常退出，缓存自动清空；
     * 2、如果用户非正常退出，缓存自动清空；
     * 3、如果我们修改了用户的权限，而用户不退出系统，修改的权限无法立即生效。
     * （需要手动编程进行实现；放在service进行调用）
     * 在权限修改后调用realm中的方法，realm已经由spring管理，所以从spring中获取realm实例，调用clearCached方法；
     * :Authorization 是授权访问控制，用于对用户进行的操作授权，证明该用户是否允许进行当前操作，如访问某个链接，某个资源文件等。
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        /*
         * 当没有使用缓存的时候，不断刷新页面的话，这个代码会不断执行，
         * 当其实没有必要每次都重新设置权限信息，所以我们需要放到缓存中进行管理；
         * 当放到缓存中时，这样的话，doGetAuthorizationInfo就只会执行一次了，
         * 缓存过期之后会再次执行。
         */
        _logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        ManagerInfo managerInfo = (ManagerInfo) principals.getPrimaryPrincipal();

        //设置相应角色的权限信息
        for (SysRole role : managerInfo.getRoles()) {
            //设置角色
            authorizationInfo.addRole(role.getRole());
            for (Permission p : role.getPermissions()) {
                //设置权限
                authorizationInfo.addStringPermission(p.getPermission());
            }
        }

        return authorizationInfo;
    }

    /**
     * 设置认证加密方式
     */
    @Override
    public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
        HashedCredentialsMatcher md5CredentialsMatcher = new HashedCredentialsMatcher();
        md5CredentialsMatcher.setHashAlgorithmName(ShiroKit.HASH_ALGORITHM_NAME);
        md5CredentialsMatcher.setHashIterations(ShiroKit.HASH_ITERATIONS);
        super.setCredentialsMatcher(md5CredentialsMatcher);
    }

}