Shulou(Shulou.com)06/03 Report--

Due to the function expansion on the existing app, another part of the user is required to log in, which is not in the same table as the original user. The original shiro configuration and a single realm can not satisfy users in multiple tables (of course, you can also look up in two tables in the same realm, and look up one table if you can't find it, which is too stupid), so I tried the following extension. Implement different realm to get users from different tables.

First, introduce how to configure a user.

1 、 shiro.xml

2 、

Package com.su;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.DisabledAccountException;import org.apache.shiro.authc.SimpleAuthenticationInfo;import org.apache.shiro.authc.UnknownAccountException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.util.ByteSource;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.beans.factory.annotation.Qualifier;import net.zkbc.jcaptcha.util.JCaptchaUtils Import net.zkbc.shiro.authc.IncorrectCaptchaException;import net.zkbc.shiro.authc.UsernameCaptchaToken;import net.zkbc.shiro.authc.UsernamePasswordCaptchaToken;import net.zkbc.shiro.entity.ShiroUser;import net.zkbc.shiro.service.ShiroCaptchaService;import net.zkbc.shiro.service.ShiroUserService;import redis.clients.jedis.Jedis;public class ShiroCaptchaDbRealm extends ShiroDbRealm {@ Autowired (required = false) private ShiroCaptchaService captchaService; @ Autowired @ Qualifier private ShiroUserService shiroUserService @ SuppressWarnings ("resource") @ Override protected AuthenticationInfo doGetAuthenticationInfo (AuthenticationToken authcToken) throws AuthenticationException {String loginName = ((UsernamePasswordToken) authcToken) .getUsername (); if (authcToken instanceof UsernameCaptchaToken) {Jedis jedis = new Jedis () String captcha = jedis.get (loginName); / / TODO gets the verification code related byte [] salt_byte = null; return new SimpleAuthenticationInfo (loginName, captcha, ByteSource.Util.bytes (salt_byte), getName ());} ShiroUser loginUser = shiroUserService.findUserByLoginName (loginName) If (loginUser = = null) {throw new UnknownAccountException ();} if (loginUser.isDisabled ()) {throw new DisabledAccountException ();} ByteSource salt = ByteSource.Util.bytes (shiroUserService.getSaltBytes (loginUser)) Return new SimpleAuthenticationInfo (loginName, loginUser.getPassword (), salt, getName ());}}

3. Access with postman: http://localhost:10001/app/weicheLogin parameter: {"custNum": "413185410"}

@ RequestMapping (value = Urls.WCLOGIN, method = RequestMethod.POST) @ ResponseBody public WcCustomerIsExistResponse wcLogin (@ Valid @ RequestBody WcCustomerIsExistRequest request, BindingResult result, Locale locale) {WcCustomerIsExistResponse response = new WcCustomerIsExistResponse (); if (result.hasErrors ()) {Validators.addParameterErrors (response, result, messageSource, locale); return response } try {mobileService.bindSubject (request.getSessionId ()); response = messageMMSService.wcCustomerIsExist (request, response); mobileService.serviceForNoAuthcForm (request.getCustNum (), request, response) } catch (RemoteConnectFailureException e) {LOG.error (e.getMessage (), e); response = mockMessageMMSService.wcCustomerIsExist (request, response);} catch (ParameterException e) {Validators.addParameterErrors (response, e.getMessage (), messageSource, locale) } catch (Exception e) {LOG.error (e.getMessage (), e); response.error ();} return response;}

4 、

@ Override public RESPONSE serviceForNoAuthcForm (String loginName, REQUEST request, RESPONSE response) {try {String sessionId = loginNoPassword (loginName) .toString (); request.setSessionId (sessionId); response.setSessionId (sessionId) } catch (UnknownAccountException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_AUTH);} catch (DisabledAccountException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_DISABLED) } catch (IncorrectCredentialsException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_AUTH);} catch (ExcessiveAttemptsException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_ATTEMPTS) } catch (Exception e) {LOG.error (e.getMessage (), e); response.error ();} return response } private Serializable loginNoPassword (String loginName) {HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes ()) .getRequest (); UsernameNoPasswordCaptchaToken token=new UsernameNoPasswordCaptchaToken (loginName,null,null); Subject subject = SecurityUtils.getSubject (); try {subject.login (token) } catch (InvalidSessionException e) {subject.logout (); / / subject.login (token);} Session session = subject.getSession (); Serializable sessionId = session.getId () LOG.debug ("Session with id [{}] startTimestamp: {}", sessionId, session.getStartTimestamp (). GetTime ()); try {Thread.sleep (100);} catch (Exception ignored) {} session.touch () LOG.debug ("Session with id [{}] lastAccessTime: {}", sessionId, session.getLastAccessTime (). GetTime ()); processConcurrentSessions (); return sessionId;}

5 、

Import org.apache.shiro.authc.UsernamePasswordToken;public class UsernameNoPasswordCaptchaToken extends UsernamePasswordToken {private static final long serialVersionUID = 1L; private String username; public UsernameNoPasswordCaptchaToken (String username,String password,String host) {super (username,password,host); this.username = username;} public String getUsername () {return username } public void setUsername (String username) {this.username = username;}}

2. Multiple realm

1 、

2 、

Import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.DisabledAccountException;import org.apache.shiro.authc.SimpleAuthenticationInfo;import org.apache.shiro.authc.UnknownAccountException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.subject.PrincipalCollection;import org.apache.shiro.util.ByteSource Import org.springframework.beans.factory.annotation.Autowired;import org.springframework.beans.factory.annotation.Qualifier;public class QggRealm extends AuthorizingRealm {@ Autowired @ Qualifier ("qggUserService") private ShiroUserService shiroUserService; @ Override protected AuthorizationInfo doGetAuthorizationInfo (PrincipalCollection principals) {/ / TODO Auto-generated method stub return null } @ Override protected AuthenticationInfo doGetAuthenticationInfo (AuthenticationToken authcToken) throws AuthenticationException {String loginName = ((CustomizedToken) authcToken) .getUsername (); ShiroUser loginUser = shiroUserService.findUserByLoginName (loginName); if (loginUser = = null) {throw new UnknownAccountException () } if (loginUser.isDisabled ()) {throw new DisabledAccountException ();} ByteSource salt = ByteSource.Util.bytes (shiroUserService.getSaltBytes (loginUser)); return new SimpleAuthenticationInfo (loginName, loginUser.getPassword (), salt, getName ());}}

2 、

Public class WeicheRealm extends AuthorizingRealm {@ Autowired @ Qualifier ("weicheUserService") private ShiroUserService shiroUserService; @ Override protected AuthorizationInfo doGetAuthorizationInfo (PrincipalCollection principals) {/ / TODO Auto-generated method stub return null } @ Override protected AuthenticationInfo doGetAuthenticationInfo (AuthenticationToken authcToken) throws AuthenticationException {String loginName = ((CustomizedToken) authcToken) .getUsername (); ShiroUser loginUser = shiroUserService.findUserByLoginName (loginName); if (loginUser = = null) {throw new UnknownAccountException () } if (loginUser.isDisabled ()) {throw new DisabledAccountException ();} ByteSource salt = ByteSource.Util.bytes (shiroUserService.getSaltBytes (loginUser)); return new SimpleAuthenticationInfo (loginName, loginUser.getPassword (), salt, getName ());}}

3. The input parameter WcCustomerIsExistRequest class includes login name custNum and login type loginType (Qgg and Weiche).

Access with postman: http://localhost:10001/app/mutilRealmLogin parameters: {"custNum": "413185410", "loginType": "Weiche"}

/ / @ RequestMapping (value = Urls.MUTILREALMLOGIN, method = RequestMethod.POST) @ ResponseBody public WcCustomerIsExistResponse mutiRealmLogin (@ Valid @ RequestBody WcCustomerIsExistRequest request, BindingResult result, Locale locale) {WcCustomerIsExistResponse response = new WcCustomerIsExistResponse (); if (result.hasErrors ()) {Validators.addParameterErrors (response, result, messageSource, locale); return response } try {mobileService.bindSubject (request.getSessionId ()); mobileService.serviceForMultiRealmAuthcForm (request.getCustNum (), request.getLoginType (), request, response);} catch (RemoteConnectFailureException e) {response = mockMessageMMSService.wcCustomerIsExist (request, response) } catch (ParameterException e) {Validators.addParameterErrors (response, e.getMessage (), messageSource, locale);} catch (Exception e) {response.error ();} return response;}

4 、

@ Override public RESPONSE serviceForMultiRealmAuthcForm (String loginName, String loginType, REQUEST request, RESPONSE response) {try {String sessionId = loginMultiRealm (loginName,loginType) .toString (); request.setSessionId (sessionId); response.setSessionId (sessionId) } catch (UnknownAccountException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_AUTH);} catch (DisabledAccountException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_DISABLED) } catch (IncorrectCredentialsException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_AUTH);} catch (ExcessiveAttemptsException e) {LOG.debug (e.getMessage (), e); response.error (MessageError.ERROR_ATTEMPTS) } catch (Exception e) {LOG.error (e.getMessage (), e); response.error ();} return response;}

5 、

Private Serializable loginMultiRealm (String loginName,String loginType) {HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes ()) .getRequest (); CustomizedToken token=new CustomizedToken (loginName,null,loginType); Subject subject = SecurityUtils.getSubject (); try {subject.login (token) } catch (InvalidSessionException e) {subject.logout (); / / subject.login (token);} Session session = subject.getSession (); Serializable sessionId = session.getId () LOG.debug ("Session with id [{}] startTimestamp: {}", sessionId, session.getStartTimestamp (). GetTime ()); try {Thread.sleep (100);} catch (Exception ignored) {} session.touch () LOG.debug ("Session with id [{}] lastAccessTime: {}", sessionId, session.getLastAccessTime (). GetTime ()); processConcurrentSessions (); return sessionId;}

6 、

Import org.apache.shiro.authc.UsernamePasswordToken;public class CustomizedToken extends UsernamePasswordToken {/ / login type to determine which user logs in to private String loginType; public CustomizedToken (final String username, final String password,String loginType) {super (username,password); this.loginType = loginType;} public String getLoginType () {return loginType;} public void setLoginType (String loginType) {this.loginType = loginType;}}

7. Important: this class chooses which realm to use

Import java.util.ArrayList;import java.util.Collection;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.pam.ModularRealmAuthenticator;import org.apache.shiro.realm.Realm / * * @ author Alan_Xiang * Custom Authenticator * Note: when you need to define a Realm that handles authentication by ordinary users and administrators, the full class name of the corresponding Realm should contain the string "User" or "Admin". * and they cannot include each other, for example, the string "Admin" should not be included in the full class name of Realm that handles normal user authentication. * / public class CustomizedModularRealmAuthenticator extends ModularRealmAuthenticator {@ Override protected AuthenticationInfo doAuthenticate (AuthenticationToken authenticationToken) throws AuthenticationException {/ / determine whether getRealms () returns empty assertRealmsConfigured (); / / convert back to custom CustomizedToken CustomizedToken customizedToken = (CustomizedToken) authenticationToken; / / login type String loginType = customizedToken.getLoginType (); / / all Realm Collection realms = getRealms () / / all Realm Collection typeRealms = new ArrayList () corresponding to login type; for (Realm realm: realms) {if (realm.getName (). Contains (loginType)) typeRealms.add (realm);} / / determine whether it is single Realm or multiple Realm if (typeRealms.size () = = 1) return doSingleRealmAuthentication (typeRealms.iterator (). Next (), customizedToken) Else return doMultiRealmAuthentication (typeRealms, customizedToken);}}

Reference: https://blog.csdn.net/xiangwanpeng/article/details/54802509

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.