shiro （五） spring结合 -- Realm

package com.miv.shiro.common;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.LockedAccountException;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authc.UnknownAccountException;

import org.apache.shiro.authz.AuthorizationException;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.AuthorizingRealm;

import org.apache.shiro.subject.PrincipalCollection;

import com.miv.core.constant.DatabaseConstants;

import com.miv.entity.Role;

import com.miv.entity.User;

import com.miv.shiro.login.service.LoginService;

import com.miv.shiro.role.service.RolesService;

/**

 * shiro与工程接口类

 * 

 * @author 赵治宇

 * @version

 */

public class WebRealm extends AuthorizingRealm {

    private LoginService loginService;

    private RolesService rolesService;

    public WebRealm() {

        setName("WebRealm");

    }

    public void setLoginService(LoginService loginService) {

        this.loginService = loginService;

    }

    public void setRolesService(RolesService rolesService) {

        this.rolesService = rolesService;

    }

    /**

     * 授权方法

     * 

     * @return

     */

    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthorizationException {

        String userName = (String) principals.fromRealm(getName()).iterator().next();

        User user = new User();

        user.setLoginName(userName);

        try {

            user = loginService.findUserByUsername(user);

        } catch (Exception e) {

            // TODO Auto-generated catch block

            e.printStackTrace();

        }

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

        /*

         * List<Roles> roleList = rolesService.getCurrentRoleList(user); if (user != null) {

         * 

         * for (Roles role : roleList) { info.addRole(role.getRoleName()); } }

         */

        Role role = rolesService.findRoleById(user);

        if (role == null) {

            throw new AuthorizationException();

        }

        info.addRole(role.getRoleCode());

        return info;

    }

    /**

     * 认证方法

     * 

     * @return

     */

    @Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {

        MIVshiroToken token = (MIVshiroToken) authcToken;

        User user = new User();

        user.setLoginName(token.getUsername());

        user.setPassword(String.valueOf(token.getPassword()));

        Role role = new Role();

        role.setId(token.getROLE_CODE() + 0L);

        user.setRole(role);

        try {

            user = loginService.findUserByUsernameAndPassword(user);

        } catch (Exception e) {

            throw new AuthenticationException();

        }

        if (user != null) {

            boolean flag = token.getROLE_CODE().equals(DatabaseConstants.ROLE_CODE_AGENCY)

                    || token.getROLE_CODE().equals(DatabaseConstants.ROLE_CODE_CALL_CENTER)

                    || token.getROLE_CODE().equals(DatabaseConstants.ROLE_CODE_ADMIN)

                    || token.getROLE_CODE().equals(DatabaseConstants.ROLE_CODE_USER);

            if (user.getStatus() == DatabaseConstants.STATUS_2.intValue() && flag) {

                throw new LockedAccountException();

            } else {

                return new SimpleAuthenticationInfo(user.getLoginName(), user.getPassword(), getName());

            }

        } else {

            throw new UnknownAccountException();

        }

    }

}