shiro认证授权连接数据库

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/qq_38087648/article/details/80080726

认证

String userCode = (String)token.getPrincipal();
        //第二步:根据用户输入的userCode从数据库查询
        UserExample userExample = new UserExample();
        user user = null;
        List<Role> roleList = null;
        List<Permission> permissions = null;
        try {
            user = loginserviceimpl.getUser(userCode);
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        //模拟从数据库查询密码
        //如果查询不到返回null
        //数据库中用户账号是zhangsan
        if(user==null) {
            return null;
        }
        String password = user.getUpass();
        //如果查询到返回认证信息AuthenticationInfo
        int userid = user.getId();
        try {
             roleList = loginserviceimpl.getRole(userid);
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        for(int i=0;i<roleList.size();i++) {
            try {
                permissions = loginserviceimpl.getpermissionList(roleList.get(i).getRoleid());
                roleList.get(i).setPermissionList(permissions);
            } catch (Exception e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }
        userExample.setUser(user);
        userExample.setRoleList(roleList);
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user, password,this.getName());
        return simpleAuthenticationInfo;

授权

@Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        // TODO Auto-generated method stub
        //从principals获取主身份信息
        //将getPrimaryPrincipal方法返回值转为真实身份信息(在上边的doGetAuthecticationInfo认证通过填充到SimpleAuthenticationInfo)
        user user = (user) principals.getPrimaryPrincipal();
        //根据信息获取权限信息
        //连接数据库。。。
        //模拟从数据库获取到数据
        List<Permission> permissionsList = null;
        try {
            permissionsList = loginserviceimpl.getPermission(user.getId());
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        List<String> permissions = new ArrayList<String>();
        //...
        for(Permission syspermission:permissionsList) {
            permissions.add(syspermission.getPername());
        }
        //查询到权限数据，返回
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //将上边查询到授权信息填充到simpleAuthorizationInfo对象中
        simpleAuthorizationInfo.addStringPermissions(permissions);      
        return simpleAuthorizationInfo;
    }
}