alm及相关对象

alm及相关对象

关注
发信
关注(28)粉丝(399)

2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)

原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398

根据下载的pdf学习。

第六章 Realm及相关对象(二)

1.AuthenticationToken

由上篇可知,AuthenticationToken出现在UserRealm的方法doGetAuthenticationInfo()中。这个方法是用来验证的,token是验证时所用的参数。

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token){}
AuthenticationToken是一个接口:
public interface AuthenticationToken extends Serializable {

    Object getPrincipal(); //身份

    Object getCredentials(); //凭据

}
常见的拓展接口和实现类有:
2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)-LMLPHP
UsernamePasswordToken的示意代码如下:
所以要实现其他登录方式,比如是telephone/password时,就可以仿照UsernamePasswordToken,实现自己的token。在方法getCredentials()里返回telephone即可。
public class UsernamePasswordToken implements HostAuthenticationToken,RememberMeAuthenticationToken{

    private java.lang.String username;

    private char[] password;

    private boolean rememberMe;

    private String host;

    ...

    public java.lang.Object getPrincipal() {

        return username;

    }

    public java.lang.Object getCredentials() {

        return password;

    }

} 
2.AuthenticationInfo
由上篇可知,AuthenticationInfo出现在UserRealm的方法doGetAuthenticationInfo()中。是验证方法的返回值。
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {//认证

    ...

    //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现

    SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(

           user.getUsername(), //用户名

           user.getPassword(), //密码

           ByteSource.Util.bytes(user.getCredentialsSalt()),//salt=username+salt

           getName()  //realm name

    );

    return authenticationInfo;

}
AuthenticationInfo是一个接口:
public interface AuthenticationInfo extends Serializable {

    PrincipalCollection getPrincipals();

    Object getCredentials();

}
常见的拓展接口和实现类有:
2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)-LMLPHP
SimpleAuthenticationInfo的示意代码如下:
 public class SimpleAuthenticationInfo implements MergableAuthenticationInfo, SaltedAuthenticationInfo {

     protected PrincipalCollection principals;//身份

     protected Object credentials;//凭据

     protected ByteSource credentialsSalt;

     public SimpleAuthenticationInfo(PrincipalCollection principals, Object credentials) {

         this.principals = new SimplePrincipalCollection(principals);

         this.credentials = credentials;

     }

     public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {

         this.principals = new SimplePrincipalCollection(principal, realmName);

         this.credentials = credentials;

     }

     public SimpleAuthenticationInfo(Object principal, Object hashedCredentials, ByteSource credentialsSalt, String realmName) {

         this.principals = new SimplePrincipalCollection(principal, realmName);

         this.credentials = hashedCredentials;

         this.credentialsSalt = credentialsSalt;

     }

     ....

 }
3.PrincipalCollection
由上篇可知,PrincipalCollection出现在UserRealm的方法doGetAuthorizationInfo()中。这个方法是用来授权的,PrincipalCollection是授权时所用的参数。
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

     String userTenant = (String) principals.getPrimaryPrincipal();

    ...

}
PrincipalCollection是一个接口:
要注意一个问题,因为可以在shiro中配置多个Realm,所以身份信息principal就可以有多个。因此采用PrincipalCollection进行聚合。
在大多数实现中,AuthenticationInfo会进行merge,比如SimpleAuthenticationInfo 会合并多个 Principal为一个 PrincipalCollection。
但是由于内部是Map实现的,所以方法getPrimaryPrincipal()可以看做是返回任意principal。因为map中没有顺序之分的。如果只有一个,那就是返回这一个。
1 public interface PrincipalCollection extends Iterable, Serializable {

2      ...

3      Object getPrimaryPrincipal();

4 }
常见的拓展接口和实现类有:
2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)-LMLPHP
 4.AuthorizationInfo(授权信息)
由上篇可知,AuthenticationInfo出现在UserRealm的,授权方法doGetAuthorizationInfo()中。是该授权方法的返回值。
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

   ....

       authorizationInfo.addStringPermission(permissionString);

   ....

   return authorizationInfo;

}
AuthorizationInfo是一个接口:
public interface AuthorizationInfo extends Serializable {

    Collection<String> getRoles();

    Collection<String> getStringPermissions();

    Collection<Permission> getObjectPermissions();

}
常见的拓展接口和实现类有:
2017.2.7 开涛shiro教程-第六章-Realm及相关对象(二)-LMLPHP
SimpleAuthorizationInfo的示意代码如下:(getter和setter均省略)
public class SimpleAuthorizationInfo implements AuthorizationInfo {

    protected Set<String> roles;

    protected Set<String> stringPermissions;

    protected Set<Permission> objectPermissions;

    public SimpleAuthorizationInfo() {

    }

    public SimpleAuthorizationInfo(Set<String> roles) {

        this.roles = roles;

    }

    public void addRole(String role) {...}

    public void addRoles(Collection<String> roles) {...}

    public void addStringPermission(String permission) {...}

    public void addStringPermissions(Collection<String> permissions) {...}

    public void addObjectPermission(Permission permission) {...}

    public void addObjectPermissions(Collection<Permission> permissions) {...}

}
05-11 15:25
Powered by LMLPHP ©2024 alm及相关对象 0.063197