Permalink
Browse files

add: 为shiro插件添加realm抽象类

  • Loading branch information...
1 parent f32e2b3 commit ed10d6b749367e07549f9bbf64c3dbecbb5d1976 @wendal wendal committed Jan 11, 2017
@@ -62,7 +62,7 @@ Nutz集成Shiro的插件
继承AbstractRealm,实现一个Realm
--------------------------------------
-这部分是跟具体项目的Pojo类紧密结合的,所以没有给出默认实现.
+这部分是跟具体项目的Pojo类紧密结合的,所以没有给出默认实现. 严重建议继承AbstractSimpleAuthorizingRealm
请参考[NutzCN论坛的源码](https://github.com/wendal/nutz-book-project)中的net.wendal.nutzbook.shiro.realm.SimpleAuthorizingRealm类
@@ -73,13 +73,15 @@ Nutz集成Shiro的插件
其中的net.wendal.nutzbook.shiro.realm.NutDaoRealm是nutzbook中的NutDaoRealm实现.
+```ini
[main]
- nutzdao_realm = net.wendal.nutzbook.shiro.realm.NutDaoRealm
+ nutzdao_realm = net.wendal.nutzbook.shiro.realm.SimpleAuthorizingRealm
authc = org.nutz.integration.shiro.SimpleAuthenticationFilter
authc.loginUrl = /user/login
[urls]
/user/logout = logout
+```
web.xml中添加ShiroFilter配置
----------------------------
@@ -148,8 +150,10 @@ ShiroSessionProvider用法
在MainModule中的配置
+```java
@SessionBy(ShiroSessionProvider.class)
-
+```
+
这个功能是可选,也是推荐的,配合ehcache/redis,可以实现session持久化
配置该SessionProvider后, nutz.mvc作用域内的req.getHttpSession均返回shiro的Session.
@@ -159,10 +163,12 @@ UU32SessionIdGenerator 用法
在shiro.ini内添加:
+```java
# use R.UU32()
sessionIdGenerator = org.nutz.integration.shiro.UU32SessionIdGenerator
securityManager.sessionManager.sessionDAO.sessionIdGenerator = $sessionIdGenerator
-
+```
+
Session缓存与持久化
---------------------------
@@ -215,7 +221,7 @@ securityManager.cacheManager = $cacheManager
### 在linux上shiro初始化很久
-tomcat, 在env.sh添加如下
+tomcat, 在setenv.sh添加如下
```
JAVA_OPTS=-Djava.security.egd=file:/dev/urandom ...其他配置
@@ -0,0 +1,58 @@
+package org.nutz.integration.shiro;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.cache.CacheManager;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.nutz.dao.Dao;
+import org.nutz.mvc.Mvcs;
+
+public abstract class AbstractSimpleAuthorizingRealm extends AuthorizingRealm {
+
+ protected Dao _dao;
+
+ protected abstract AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals);
+
+ protected abstract AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException;
+
+ /**
+ * 覆盖父类的验证,直接pass
+ */
+ protected void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {
+ }
+
+ public AbstractSimpleAuthorizingRealm() {
+ this(null, null);
+ }
+
+ public AbstractSimpleAuthorizingRealm(CacheManager cacheManager, CredentialsMatcher matcher) {
+ super(cacheManager, matcher);
+ // 设置token类型是关键!!!
+ setAuthenticationTokenClass(SimpleShiroToken.class);
+ }
+
+ public AbstractSimpleAuthorizingRealm(CacheManager cacheManager) {
+ this(cacheManager, null);
+ }
+
+ public AbstractSimpleAuthorizingRealm(CredentialsMatcher matcher) {
+ this(null, matcher);
+ }
+
+ public Dao dao() {
+ if (_dao == null) {
+ _dao = Mvcs.ctx().getDefaultIoc().get(Dao.class, "dao");
+ return _dao;
+ }
+ return _dao;
+ }
+
+ public void setDao(Dao dao) {
+ this._dao = dao;
+ }
+
+}

0 comments on commit ed10d6b

Please sign in to comment.