NutzCN Logo
问答 nutzboot整合shiro 登录成功后realm中无用户数据
发布于 13天前 作者 qq_7aad0313 78 次浏览 复制 上一个帖子 下一个帖子
标签:

自定义realm如下

@IocBean(name = "shiroRealm")
public class SimpleAuthorizingRealm extends AuthorizingRealm {

    @Inject
    private Dao dao;

    //权限
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        return null;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String loginname = (String) token.getPrincipal();
        Cnd cnd = Cnd.NEW();
        cnd.and("loginname","=",loginname);
        Sys_user sys_user = dao.fetch(Sys_user.class,cnd);
        if(null == sys_user){
            throw Lang.makeThrow(UnknownAccountException.class,"Account [ %s ] not found", loginname);
        }
        if(sys_user.isDisabled()){
            throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", loginname);
        }
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(sys_user,sys_user.getPassword(),getName());
        return simpleAuthenticationInfo;
    }

    //密码加密
    public SimpleAuthorizingRealm(CacheManager cacheManager, CredentialsMatcher matcher) {
        super(cacheManager, matcher);
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        hashedCredentialsMatcher.setHashIterations(1);
        // 这一行决定hex还是base64
        hashedCredentialsMatcher.setStoredCredentialsHexEncoded(true);
        // 设置token类型是关键!!!
        setCredentialsMatcher(hashedCredentialsMatcher);
        setAuthenticationTokenClass(UsernamePasswordToken.class);
    }

    public SimpleAuthorizingRealm() {
        this(null, null);
    }

    public SimpleAuthorizingRealm(CacheManager cacheManager) {
        this(cacheManager, null);
    }

    public SimpleAuthorizingRealm(CredentialsMatcher matcher) {
        this(null, matcher);
    }
}

application.properties如下(按照nutzWk写的)

#shiro.ini.path=shiro.ini
shiro.objects=shiroRealm
#end
shiro.ini.urls:
/SysUser/** = anon
/platform/** = anon
#end
6 回复

啥用户数据?realm有啥用户数据?

nutzwk 可不是这样写的,也不是这样配置的

是我表述不清楚 简单来说就是 用户这边登录成功之后 使用User user = (User) SecurityUtils.getSubject().getPrincipal();获取的信息是null

把nutzbook看一看,里面的代码肯定work

添加回复
请先登陆
回到顶部