您的位置:首页 > 其它

2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)

2018-01-04 16:37 645 查看
原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398

根据下载的pdf学习。

第六章 Realm及相关对象(二)

1.AuthenticationToken

由上篇可知,AuthenticationToken出现在UserRealm的方法doGetAuthenticationInfo()中。这个方法是用来验证的,token是验证时所用的参数。



protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token){}



AuthenticationToken是一个接口:





public interface AuthenticationToken extends Serializable {
Object getPrincipal(); //身份
Object getCredentials(); //凭据
}


View Code

常见的拓展接口和实现类有:



UsernamePasswordToken的示意代码如下:

所以要实现其他登录方式,比如是telephone/password时,就可以仿照UsernamePasswordToken,实现自己的token。在方法getCredentials()里返回telephone即可。





public class UsernamePasswordToken implements HostAuthenticationToken,RememberMeAuthenticationToken{
private java.lang.String username;
private char[] password;
private boolean rememberMe;
private String host;

...
public java.lang.Object getPrincipal() {
return username;
}

public java.lang.Object getCredentials() {
return password;
}
}


View Code

2.AuthenticationInfo

由上篇可知,AuthenticationInfo出现在UserRealm的方法doGetAuthenticationInfo()中。是验证方法的返回值。

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {//认证
...
//交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
user.getUsername(), //用户名
user.getPassword(), //密码
ByteSource.Util.bytes(user.getCredentialsSalt()),//salt=username+salt
getName()  //realm name
);
return authenticationInfo;
}


AuthenticationInfo是一个接口:





public interface AuthenticationInfo extends Serializable {
PrincipalCollection getPrincipals();
Object getCredentials();
}


View Code

常见的拓展接口和实现类有:



SimpleAuthenticationInfo的示意代码如下:





1 public class SimpleAuthenticationInfo implements MergableAuthenticationInfo, SaltedAuthenticationInfo {
2
3     protected PrincipalCollection principals;//身份
4     protected Object credentials;//凭据
5     protected ByteSource credentialsSalt;
6
7     public SimpleAuthenticationInfo(PrincipalCollection principals, Object credentials) {
8         this.principals = new SimplePrincipalCollection(principals);
9         this.credentials = credentials;
10     }
11
12     public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {
13         this.principals = new SimplePrincipalCollection(principal, realmName);
14         this.credentials = credentials;
15     }
16
17     public SimpleAuthenticationInfo(Object principal, Object hashedCredentials, ByteSource credentialsSalt, String realmName) {
18         this.principals = new SimplePrincipalCollection(principal, realmName);
19         this.credentials = hashedCredentials;
20         this.credentialsSalt = credentialsSalt;
21     }
22
23     ....
24
25 }


View Code

3.PrincipalCollection

由上篇可知,PrincipalCollection出现在UserRealm的方法doGetAuthorizationInfo()中。这个方法是用来授权的,PrincipalCollection是授权时所用的参数。

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userTenant = (String) principals.getPrimaryPrincipal();
...
}


PrincipalCollection是一个接口:

要注意一个问题,因为可以在shiro中配置多个Realm,所以身份信息principal就可以有多个。因此采用PrincipalCollection进行聚合。

在大多数实现中,AuthenticationInfo会进行merge,比如SimpleAuthenticationInfo 会合并多个 Principal为一个 PrincipalCollection。

但是由于内部是Map实现的,所以方法getPrimaryPrincipal()可以看做是返回任意principal。因为map中没有顺序之分的。如果只有一个,那就是返回这一个。





1 public interface PrincipalCollection extends Iterable, Serializable {
2      ...
3      Object getPrimaryPrincipal();
4 }


View Code

常见的拓展接口和实现类有:



 4.AuthorizationInfo(授权信息)

由上篇可知,AuthenticationInfo出现在UserRealm的,授权方法doGetAuthorizationInfo()中。是该授权方法的返回值。

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
....
authorizationInfo.addStringPermission(permissionString);
....
return authorizationInfo;
}


AuthorizationInfo是一个接口:

public interface AuthorizationInfo extends Serializable {
Collection<String> getRoles();
Collection<String> getStringPermissions();
Collection<Permission> getObjectPermissions();
}


常见的拓展接口和实现类有:



SimpleAuthorizationInfo的示意代码如下:(getter和setter均省略)





public class SimpleAuthorizationInfo implements AuthorizationInfo {
protected Set<String> roles;
protected Set<String> stringPermissions;
protected Set<Permission> objectPermissions;

public SimpleAuthorizationInfo() {
}

public SimpleAuthorizationInfo(Set<String> roles) {
this.roles = roles;
}

public void addRole(String role) {...}
public void addRoles(Collection<String> roles) {...}

public void addStringPermission(String permission) {...}
public void addStringPermissions(Collection<String> permissions) {...}

public void addObjectPermission(Permission permission) {...}
public void addObjectPermissions(Collection<Permission> permissions) {...}

}


View Code
                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航