想看多realm认证的请看
https://blog.csdn.net/u013294097/article/details/90053299
想看多realm认证的请看
https://blog.csdn.net/u013294097/article/details/90053299
多Realm分别授权需要重写
import org.apache.shiro.authz.ModularRealmAuthorizer;的三个方法:
public boolean isPermitted(PrincipalCollection principals, String permission);
public boolean isPermitted(PrincipalCollection principals, Permission permission);
public boolean hasRole(PrincipalCollection principals, String roleIdentifier);思路:
多Realm的每个Realm都设置一个名字,这样子,在鉴权的时候拿到名字,确定使用哪个Realm进行授权
1.为Realm设置名字代码:
public class AdminRealm extends AuthorizingRealm {
@Reference
private IAdminAuthService adminAuthService;
private static final String ADMIN_LOGIN_TYPE = LoginType.ADMIN.getName();
{
super.setName("admin");//设置realm的名字,非常重要
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
return null;
}
}2.复写import org.apache.shiro.authz.ModularRealmAuthorizer;方法,实现三个接口
import com.cyjz.util.CommUtil;
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.authz.ModularRealmAuthorizer;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.PrincipalCollection;
import java.util.Set;
public class CustomizedModularRealmAuthorizer extends ModularRealmAuthorizer {
@Override
public boolean isPermitted(PrincipalCollection principals, String permission) {
assertRealmsConfigured();
Set<String> realmNames = principals.getRealmNames();
//获取realm的名字
String realmName = realmNames.iterator().next();
for (Realm realm : getRealms()) {
if (!(realm instanceof Authorizer)) continue;
//匹配名字
if(realmName.equals("admin"))) {
if (realm instanceof AdminRealm) {
return ((AdminRealm) realm).isPermitted(principals, permission);
}
}
if(realmName.equals("user")) {
if (realm instanceof UserRealm) {
return ((UserRealm) realm).isPermitted(principals, permission);
}
}
}
return false;
}
@Override
public boolean isPermitted(PrincipalCollection principals, Permission permission) {
assertRealmsConfigured();
Set<String> realmNames = principals.getRealmNames();
//获取realm的名字
String realmName = realmNames.iterator().next();
for (Realm realm : getRealms()) {
if (!(realm instanceof Authorizer)) continue;
//匹配名字
if(realmName.equals("admin"))) {
if (realm instanceof AdminRealm) {
return ((AdminRealm) realm).isPermitted(principals, permission);
}
}
//匹配名字
if(realmName.equals("user"))) {
if (realm instanceof UserRealm) {
return ((UserRealm) realm).isPermitted(principals, permission);
}
}
}
return false; }
@Override
public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
assertRealmsConfigured();
Set<String> realmNames = principals.getRealmNames();
//获取realm的名字
String realmName = realmNames.iterator().next();
for (Realm realm : getRealms()) {
if (!(realm instanceof Authorizer)) continue;
//匹配名字
if(realmName.equals("admin"))) {
if (realm instanceof AdminRealm) {
return ((AdminRealm) realm).hasRole(principals, roleIdentifier);
}
}
//匹配名字
if(realmName.equals("admin"))) {
if (realm instanceof UserRealm) {
return ((UserRealm) realm).hasRole(principals, roleIdentifier);
}
}
}
return false;
}
}我这里使用的是springboot,需要在shiroconfig里面的securityManager添加进这个自定义的CustomizedModularRealmAuthorizer
@Bean
public DefaultWebSecurityManager securityManager(UserRealm customRealm, AdminRealm adminRealm, DefaultWebSessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
List<Realm> realms = new ArrayList<>();
realms.add(customRealm);
realms.add(adminRealm);
securityManager.setRealms(realms);
securityManager.setSessionManager(sessionManager);
securityManager.setCacheManager(new RedisCacheManager());
//====================多realm授权核心代码===================
CustomizedModularRealmAuthorizer authorizer = new CustomizedModularRealmAuthorizer();
authorizer.setRealms(realms);
securityManager.setAuthorizer(authorizer);
//====================多realm授权核心代码===================
return securityManager;
}更多内容请访问:IT源点
注意:本文归作者所有,未经作者允许,不得转载
