package com.springshirodemo.dao;
import java.util.List;
import com.springshirodemo.demo.User;
/**
* Created by zhengjunhang on 2018/5/3.
*/
public interface UserDao {
User getUserByUserName(String userName); //Get user entity by username
List<String> queryRolesByUserName(String userName); //Get role set by username
List<String> queryPermissionByUserName(String userName); //Get permission set by username
}
3. Data access layer interface implementation
package com.springshirodemo.dao.impl;
import org.apache.shiro.util.CollectionUtils;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.stereotype.Component;
import com.springshirodemo.dao.UserDao;
import com.springshirodemo.demo.User;
import javax.annotation.Resource;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
@Component
public class userDaoImpl implements UserDao {
@Resource
private JdbcTemplate jdbcTemplate;
public User getUserByUserName(String username) {
// TODO Auto-generated method stub
String sql = "select username,password from users where username = ?";
List<User> list = jdbcTemplate.query(sql, new String[]{username},new RowMapper<User>(){
public User mapRow(ResultSet rs, int rowNum) throws SQLException {
// TODO Auto-generated method stub
User user = new User();
user.setPassword(rs.getString("password"));
user.setUsername(rs.getString("Username"));
return user;
}
});
if(CollectionUtils.isEmpty(list)) {
return null;
}
return list.get(0);
}
@Override
public List<String> queryRolesByUserName(String userName) {
String sql = "select role_name from spring_user_roles where username = ?";
return jdbcTemplate.query(sql, new String[]{userName}, new RowMapper<String>() {
public String mapRow(ResultSet resultSet, int i) throws SQLException {
return resultSet.getString("role_name");
}
});
}
@Override
public List<String> queryPermissionByUserName(String userName) {
String sql = "select permission from spring_roles_permissions where role_name = (select role_name from spring_user_roles where username = ?)";
return jdbcTemplate.query(sql, new String[]{userName}, new RowMapper<String>() {
public String mapRow(ResultSet resultSet, int i) throws SQLException {
return resultSet.getString("permission");
}
});
}
}
4. Customize realm
package com.springshirodemo.Realm;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.annotation.Resource;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import com.springshirodemo.dao.UserDao;
import com.springshirodemo.demo.User;
public class CustomRealm extends AuthorizingRealm{
@Resource
private UserDao userDao;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
// TODO Auto-generated method stub
String userName = (String) principalCollection.getPrimaryPrincipal();
// Get character data from database or cache
Set <String> roles = getRolesByUserName (userName);
Set<String> Permissions = getPermissionsByUserName(userName);
SimpleAuthorizationInfo AuthorizationInfo = new SimpleAuthorizationInfo();
AuthorizationInfo.setRoles(roles);
AuthorizationInfo.setStringPermissions(Permissions);
return AuthorizationInfo;
}
private Set<String> getPermissionsByUserName(String userName) {
// TODO Auto-generated method stub
List<String> list = userDao.queryPermissionByUserName(userName);
Set<String> sets = new HashSet<String>(list);
return sets;
}
private Set <String> getRolesByUserName (String userName) {
// TODO Auto-generated method stub
System.out.println("Get authorization data from database");
List<String> list = userDao.queryRolesByUserName(userName);
Set<String> sets = new HashSet<String>(list);
return sets;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// TODO Auto-generated method stub
String username = (String) token.getPrincipal();
String password = getDateuser(username);
if(password == null) {
return null;
}
SimpleAuthenticationInfo authenticationinfo = new SimpleAuthenticationInfo(username,password,"CustomRealm");
authenticationinfo.setCredentialsSalt (ByteSource.Util.bytes ("mark"));
return authenticationinfo;
}
private String getDateuser(String username) {
// TODO Auto-generated method stub
User user = userDao.getUserByUserName(username);
return user.getPassword();
}
public static void main(String[] args) {
Md5Hash md5 = new Md5Hash("123456","mark",2);
System.out.println(md5);
}
}