吃透Shiro源码6----AuthorizingRealm

其他 2020-02-18 22:15:01 阅读次数: 0

文章目录

技术手法

(1)AuthorizingRealm设计思路

AuthorizingRealm这个类的大致设计思路与AuthenticationRealm一致。暂时学到的最核心的方法就是通过 凭证对象PrincipalCollection对象获取缓存中的AuthorizationInfo对象。其核心思想就是如何缓存。此方法暂时没有判断角色与权限对应关系,这个以后再说。

public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {

        LOGGER.debug("使用PrincipalCollection来获取AuthorizationInfo");
        if (principals == null) {
            return null;
        }

        AuthorizationInfo info = null;
		//获取可用的缓存,详见下面
        Cache<Object, AuthorizationInfo> cache = getAvailableAuthorizationCache();
        if (cache != null) {
            //此方法就是返回principals本身
            Object key = getAuthorizationCacheKey(principals);
            //取值,Shiro默认可以认为key为null
            info = cache.get(key);
            if (info == null) {
                LOGGER.debug("缓存中没取到AuthenticationInfo信息");
            } else {
                LOGGER.debug("从缓存中取出AuthorizationInfo");
            }
        }

        if (info == null) {
            //由用户重写
            info = doGetAuthorizationInfo();
            if (cache != null && info != null) {
                //就是principals这个家伙
                Object key = getAuthorizationCacheKey(principals);
                LOGGER.debug("将principal与AuthorizationInfo进行缓存");
                //key可以为空
                cache.put(key, info);
            }
        }

        return info;
    }

核心步骤(1):getAvailableAuthorizationCache(PrincipalCollection)。先尝试拿到内部缓存对象。如果没有内部缓存,则查看缓存是否开启,并使用懒加载。使用CacheManager对象创建一个Cache并将其赋值给this.authorizationCache。

 /**
     * 核心,获取可用的内部的授权缓存
     *
     * @return 授权缓存Cache对象
     */
    private Cache<Object, AuthorizationInfo> getAvailableAuthorizationCache() {

        Cache<Object, AuthorizationInfo> cache = this.authorizationCache;
        if (cache == null && isAuthorizationCachingEnable()) {
            //懒加载,创建缓存
            cache = getAuthorizationCacheLazy();
        }
        return cache;

    }

private Cache<Object, AuthorizationInfo> getAuthorizationCacheLazy() {

        Cache<Object, AuthorizationInfo> cache = this.authorizationCache;
        if (cache == null && isAuthorizationCachingEnable()) {
            CacheManager cacheManager = super.getCacheManager();
            if (cacheManager != null) {
                String cacheName = getAuthorizationCacheName();
                LOGGER.debug("使用CacheManager创建名字为{}的授权缓存", cacheName);
                this.authorizationCache = cacheManager.getCache(cacheName);
            }else{
                LOGGER.debug("暂未设置CacheManager,因此获取不到授权缓存");
            }
        } 
        return this.authorizationCache;
    }

重点研究类

import com.wise.security.authc.AuthenticationInfo;
import com.wise.security.authc.AuthenticationToken;
import com.wise.security.authc.credential.CredentialsMatcher;
import com.wise.security.authz.AuthorizationInfo;
import com.wise.security.authz.permission.*;
import com.wise.security.cache.Cache;
import com.wise.security.cache.CacheManager;
import com.wise.security.subject.PrincipalCollection;
import com.wise.security.util.Initializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.concurrent.atomic.AtomicInteger;

public class AuthorizingRealm extends AuthenticatingRealm
        implements Initializable, PermissionResolverAware, RolePermissionResolverAware {

    private static final Logger LOGGER = LoggerFactory.getLogger(AuthorizingRealm.class);
    private static final AtomicInteger INSTACE_COUNT = new AtomicInteger();
    private static final String DEFAULT_AUTHOR_CACHE_SUFFIX = ".authorizationCache";

    private boolean authorizationCachingEnabled;
    private Cache<Object, AuthorizationInfo> authorizationCache;
    private String authorizationCacheName;

    /**
     * 能把权限字符串解析成权限对象
     */
    private PermissionResolver permissionResolver;

    /**
     * 把角色字符串解析成权限对象列表
     */
    private RolePermissionResolver rolePermissionResolver;

    //------------------------------------构造函数  Start-------------------------------------------

    public AuthorizingRealm() {
        this(null, null);
    }

    public AuthorizingRealm(CacheManager cacheManager) {
        this(cacheManager, null);
    }

    public AuthorizingRealm(CredentialsMatcher credentialsMatcher) {
        this(null, credentialsMatcher);
    }

    public AuthorizingRealm(CacheManager cacheManager, CredentialsMatcher credentialsMatcher) {
        //new SimpleCredentialsMatcher()
        super();
        if (cacheManager != null) {
            setCacheManager(cacheManager);
        }
        if (credentialsMatcher != null) {
            setCredentialsMatcher(credentialsMatcher);
        }
        this.authorizationCachingEnabled = true;

        //默认提供了一个PermissionResolver
        this.permissionResolver = new WildcardPermissionResolver();

        int instanceNumber = INSTACE_COUNT.getAndIncrement();
        //包名+类名 +
        this.authorizationCacheName = getClass().getName() + DEFAULT_AUTHOR_CACHE_SUFFIX;
        if (instanceNumber > 0) {
            // com.jay.AuthorizingRealm.authorizationCache.15
            this.authorizationCacheName = this.authorizationCacheName + "." + instanceNumber;
        }
    }

    //------------------------------------构造函数  End-------------------------------------------

    //------------------------------------get And set  Start-------------------------------------------


    @Override
    public void setName(String name) {
        super.setName(name);
        //覆盖默认的构造函数处理出来的名字。
        if (this.authorizationCacheName != null && this.authorizationCacheName.startsWith(getClass().getName())) {
            this.authorizationCacheName = name + DEFAULT_AUTHOR_CACHE_SUFFIX;
        }
    }

    public boolean isAuthorizationCachingEnable() {
        //CachingRealm需要开启缓存
        return authorizationCachingEnabled && super.isCachingEnabled();
    }

    public void setAuthorizationCachingEnable(boolean authorizationCachingEnabled) {
        this.authorizationCachingEnabled = authorizationCachingEnabled;
    }

    public Cache<Object, AuthorizationInfo> getAuthorizationCache() {
        return authorizationCache;
    }

    public void setAuthorizationCache(Cache<Object, AuthorizationInfo> authorizationCache) {
        this.authorizationCache = authorizationCache;
    }

    public String getAuthorizationCacheName() {
        return authorizationCacheName;
    }

    public void setAuthorizationCacheName(String authorizationCacheName) {
        this.authorizationCacheName = authorizationCacheName;
    }

    public PermissionResolver getPermissionResolver() {
        return permissionResolver;
    }

    public RolePermissionResolver getRolePermissionResolver() {
        return rolePermissionResolver;
    }

    @Override
    public void setRolePermissionResolver(RolePermissionResolver rolePermissionResolver) {
        this.rolePermissionResolver = rolePermissionResolver;
    }

    @Override
    public void setPermissionResolver(PermissionResolver permissionResolver) {
        this.permissionResolver = permissionResolver;
    }

    //------------------------------------get And set  End-------------------------------------------

    @Override
    protected void onInit() {
        super.onInit();
        //创建这么多次缓存干啥?确保内部缓存初始化
        getAvailableAuthorizationCache();
    }

    @Override
    protected void afterCacheManagerSet() {
        super.afterCacheManagerSet();
        //创建这么多次缓存干啥?确保内部缓存初始化
        getAvailableAuthorizationCache();
    }

    /**
     * 核心:使用PrincipalCollection来获取权限Info对象
     * 如果缓存有,则返回
     * 如果缓存没有,则让用户实现
     *
     * @param principals
     * @return
     */
    public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {

        LOGGER.debug("使用PrincipalCollection来获取AuthorizationInfo");
        if (principals == null) {
            return null;
        }

        AuthorizationInfo info = null;

        Cache<Object, AuthorizationInfo> cache = getAvailableAuthorizationCache();
        if (cache != null) {
            Object key = getAuthorizationCacheKey(principals);
            info = cache.get(key);
            if (info == null) {
                LOGGER.debug("缓存中没取到AuthenticationInfo信息");
            } else {
                LOGGER.debug("从缓存中取出AuthorizationInfo");
            }
        }

        if (info == null) {
            //由用户重写
            info = doGetAuthorizationInfo();
            if (cache != null && info != null) {
                //就是principals这个家伙
                Object key = getAuthorizationCacheKey(principals);
                LOGGER.debug("将principal与AuthorizationInfo进行缓存");
                cache.put(key, info);
            }
        }

        return info;
    }

    protected void clearCachedAuthorizationInfo(PrincipalCollection principals) {

        if (principals == null) {
            return;

            Cache<Object, AuthorizationInfo> cache = getAvailableAuthorizationCache();

            if (cache != null) {
                Object key = getAuthorizationCacheKey(principals);
                cache.remove(key);
            }
        }


        /**
         * 获取授权缓存的Key
         * 授权缓存存放形势为:Principal -- AuthorizationInfo
         *
         * @param principals
         * @return
         */

    protected Object getAuthorizationCacheKey(PrincipalCollection principals) {
        return principals;
    }

    /**
     * 核心,获取可用的内部的授权缓存
     *
     * @return 授权缓存Cache对象
     */
    private Cache<Object, AuthorizationInfo> getAvailableAuthorizationCache() {

        Cache<Object, AuthorizationInfo> cache = this.authorizationCache;
        if (cache == null && isAuthorizationCachingEnable()) {
            //懒加载,创建缓存
            cache = getAuthorizationCacheLazy();
        }
        return cache;

    }

    private Cache<Object, AuthorizationInfo> getAuthorizationCacheLazy() {

        Cache<Object, AuthorizationInfo> cache = this.authorizationCache;
        if (cache == null && isAuthorizationCachingEnable()) {
            CacheManager cacheManager = super.getCacheManager();
            if (cacheManager != null) {
                String cacheName = getAuthorizationCacheName();
                LOGGER.debug("使用CacheManager创建名字为{}的授权缓存", cacheName);
                this.authorizationCache = cacheManager.getCache(cacheName);
            }else{
                LOGGER.debug("暂未设置CacheManager,因此获取不到授权缓存");
            }
        } 
        return this.authorizationCache;
    }


    @Override
    protected abstract AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) ;

    private abstract  AuthorizationInfo doGetAuthorizationInfo() ;
}
小大宇
发布了315 篇原创文章 · 获赞 243 · 访问量 26万+
他的留言板 关注

猜你喜欢

转载自blog.csdn.net/yanluandai1985/article/details/103669018
今日推荐
基于大语言模型的开源知识库问答系统 MaxKB GitHub Star 数量突破 5,000 个!
美国拟限制 AI 大模型出口中国和俄罗斯
苹果将与 OpenAI 达成协议,将 ChatGPT 应用于 iPhone
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
报告:Django 仍然是 74% 开发者的首选
《2024 年一季度互联网投融资运行情况》研究报告
15 年前上了“FFmpeg 耻辱柱”,今天他还得谢谢咱——腾讯QQPlayer一雪前耻?
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
周排行
BPM为企业带来的实际利益
好程序员web前端分享css常用属性缩写
Java文件下载(excel)
css样式的动态添加及显示和隐藏等零碎用法
axios全局配置以及拦截器
使用Logstash来实时同步MySQL和log日志数据到ES
C++获取当前时间(年月日、时分秒、毫秒)
Odoo产品分析 (四) -- 工具板块(11) -- 网站即时聊天(1)
Java环境配置正确,但是java、javac、java -version均返回“不是内部或外部命令,也不是可运行的程序或批处理文件”?
01 官网下载各种CentOS教程(超详细版)
每日归档
更多
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022