doGetAuthorizationInfo没有生效，chain.js配置了process

realm

public abstract class AbstractNutRealm extends AuthorizingRealm {

    private UserService userService;
    private RoleService roleService;

    protected UserService getUserService() {
        if (Lang.isEmpty(userService)) {
            Ioc ioc = Mvcs.getIoc();
            userService = ioc.get(UserService.class);
        }
        return userService;
    }

    protected RoleService getRoleService() {
        if (Lang.isEmpty(roleService)) {
            Ioc ioc = Mvcs.getIoc();
            roleService = ioc.get(RoleService.class);
        }
        return roleService;
    }

    /**
     * 更新用户授权信息缓存.
     */
    public void clearCachedAuthorizationInfo(String principal) {
        SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
        clearCachedAuthorizationInfo(principals);
    }

    /**
     * 清除所有用户授权信息缓存.
     */
    public void clearAllCachedAuthorizationInfo() {
        Cache<Object, AuthorizationInfo> cache = getAuthorizationCache();
        if (cache != null) {
            for (Object key : cache.keys()) {
                cache.remove(key);
            }
        }
    }

    /**
     * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        User user = (User) principals.getPrimaryPrincipal();
        if (!Lang.isEmpty(user)) {
            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
            //info.addRoles(getUserService().getRoleCodeList(user));
            for (Role role : user.getRoles()) {
                if (!role.isDisabled())
                    info.addStringPermissions(getRoleService().getPermissionNameList(role));
            }
            return info;
        } else {
            return null;
        }
    }
}

chain.js有配置，就是死活不进这个方法。

public class NutzDaoRealm extends AbstractNutRealm {
    private static final Log log = Logs.get();

    public NutzDaoRealm() {
        setAuthenticationTokenClass(UsernamePasswordToken.class);
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    	CaptchaToken authcToken = (CaptchaToken) token;

    	String captcha = authcToken.getCaptcha();
        String loginname = authcToken.getUsername();
        Subject subject = SecurityUtils.getSubject();

        if (Strings.isBlank(loginname)) {
            throw Lang.makeThrow(AuthenticationException.class, "Account name is empty");
        }
        User user = getUserService().fetch(Cnd.where("loginname", "=", loginname));
        if (Lang.isEmpty(user)) {
            throw Lang.makeThrow(UnknownAccountException.class, "Account [ %s ] not found", loginname);
        }
       //int errCount = NumberUtils.toInt(Strings.sNull(SecurityUtils.getSubject().getSession(true).getAttribute("errCount")));
		// 输错三次显示验证码窗口
		if (Strings.isBlank(captcha)) {
			throw Lang.makeThrow(EmptyCaptchaException.class,
					"Captcha is empty");
		}
		
		String _captcha = Strings.sBlank(SecurityUtils.getSubject()
				.getSession(true).getAttribute(Constants.KAPTCHA_SESSION_KEY));
		if (!authcToken.getCaptcha().equalsIgnoreCase(_captcha)) {
			throw Lang.makeThrow(IncorrectCaptchaException.class,
					"Captcha is error");
		}
        if (user.isDisabled()) {
            throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", loginname);
        }
        subject.getSession(true).setAttribute("errCount", 0);
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), getName());
        info.setCredentialsSalt(ByteSource.Util.bytes(user.getSalt()));
        return info;
    }

}

wendal

1楼•2454天前

login的token类型与realm的token类型要对应

请先登陆