shiro reaml

package com.sojson.core.shiro.token;

import java.util.Date;
import java.util.Set;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.sojson.common.model.UUser;
import com.sojson.core.shiro.token.manager.TokenManager;
import com.sojson.permission.service.PermissionService;
import com.sojson.permission.service.RoleService;
import com.sojson.user.service.UUserService;


/**
*
* Development company: SOJSON Online Tools<p>
* All rights reserved : © www.sojson.com<p>
* Blog address: http://www.sojson.com/blog/ <p>
* <p>
*
* shiro authentication + authorization rewrite
*
* <p>
*
* distinguish responsibility Person Date Description<br/>
* Created by Zhou Baicheng on June 2, 2016<br/>
*
* @author zhou-baicheng
* @email [email protected]
* @version 1.0, June 2, 2016 <br/>
*
*/
public class SampleRealm extends AuthorizingRealm {

@Autowired
UUserService userService;
@Autowired
PermissionService permissionService;
@Autowired
RoleService roleService;

public SampleRealm() {
super();
}
/**
* Authentication information, mainly for user login,
*/
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {

ShiroToken token = (ShiroToken) authcToken;
UUser user = userService.login(token.getUsername(),token.getPswd());
if(null == user){
throw new AccountException("The account or password is incorrect!");
/**
* If the user's status is disabled. Then throw <code>DisabledAccountException</code>
*/
}else if(UUser._0.equals(user.getStatus())){
throw new DisabledAccountException("The account has been disabled from logging in!");
}else{
// Update login time last login time
user.setLastLoginTime(new Date());
userService.updateByPrimaryKeySelective(user);
}
return new SimpleAuthenticationInfo(user,user.getPswd(), getName());
    }

/**
     *Authorization
     */ 
    @ Override 
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { 
   
    Long userId = TokenManager.getUserId();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//Query the role (role) according to the user ID and put it into Authorization.
Set<String> roles = roleService.findRoleByUserId(userId);
info.setRoles(roles);
//Query permissions (permission) according to user ID and put them into Authorization.
Set<String> permissions = permissionService.findPermissionByUserId(userId);
info.setStringPermissions(permissions);
        return info; 
    } 
    /**
     * Clear the current user permission information
     */
public void clearCachedAuthorizationInfo() {
PrincipalCollection principalCollection = SecurityUtils.getSubject().getPrincipals();
SimplePrincipalCollection principals = new SimplePrincipalCollection(
principalCollection, getName());
super.clearCachedAuthorizationInfo(principals);
}
/**
* 指定principalCollection 清楚
*/
public void clearCachedAuthorizationInfo(PrincipalCollection principalCollection) {
SimplePrincipalCollection principals = new SimplePrincipalCollection(
principalCollection, getName());
super.clearCachedAuthorizationInfo(principals);
}
}