Shiro gets login data
Basic Information
-
principals/identity
principals: Identity, that is, the identification attributes of the subject, such as user name, email address, etc., only need to be unique. -
credentials/proof
credentials: proof/credentials, that is, security values that only the subject knows, such as passwords/digital certificates, etc.
The most common combination of principals and credentials is username/password.
use
- The core of storing registrant data
is SimpleAuthenticationInfo
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
xxx
return new SimpleAuthenticationInfo(user, accessToken, getName());
}
The constructor has three parameters
public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {
this.principals = new SimplePrincipalCollection(principal, realmName);
this.credentials = credentials;
}
- principal: you can put the user name and the like, but in practice it is more to store a user object
- credentials: Put passwords, tokens and other unique login signs
- realmName: name
Specific examples are as follows:
@Component
public class OAuth2Realm extends AuthorizingRealm {
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof OAuth2Token;
}
/**
* 授权(验证权限时调用)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
xxx
return info;
}
/**
* 认证(登录时调用)
*/
@Transactional(rollbackFor = Throwable.class)
@Override
// cas server认证成功,返回给前端token后,前端会再调用一次登录接口(/sys/user/ping),把拿到的token传进来
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
xxx
return new SimpleAuthenticationInfo(user, accessToken, getName());
}
private URI getServiceValidateUri(String accessToken) {
xxx
}
}
- Get registrant data
(具体的用户类)SecurityUtils.getSubject().getPrincipal();