MySecurityRealm.java

package org.dayatang.security.shiro;

import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.dayatang.security.domain.Permission;
import org.dayatang.security.domain.Role;
import org.dayatang.security.domain.User;

import javax.inject.Inject;

/**
 * Created by yyang on 14/11/11.
 */
public class MySecurityRealm extends AuthorizingRealm {

    @Inject
    public MySecurityRealm(CredentialsMatcher credentialsMatcher) {
        setName("MySecurityRealm");
        setAuthenticationTokenClass(UsernamePasswordToken.class);
        setCredentialsMatcher(credentialsMatcher);
    }
   

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        if (principals == null)
            throw new AuthorizationException("PrincipalCollection was null, which should not happen");

        if (principals.isEmpty())
            return null;

        if (principals.fromRealm(getName()).size() <= 0)
            return null;

        User user = (User) principals.fromRealm(getName()).iterator().next();
//        if (username == null)
//            return null;
//        User user = securityApplication.getUserByUsername(username);
        if (user == null)
            return null;
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        for (Role role : user.getAllRoles()) {
            info.addRole(role.getName());
        }
        for (Permission permission : user.getAllPermissions()) {
            info.addStringPermission(permission.getName());
        }
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
        if (!User.authenticate(usernamePasswordToken.getUsername(),
                new String(usernamePasswordToken.getPassword()))) {
            return null;
        }
        User user = User.getByName(usernamePasswordToken.getUsername());
        return new SimpleAuthenticationInfo(user, user.getPassword(), getName());
    }
}