shiro登錄實現的過程
單元測試:【登錄人:spj@qq.com,密碼pass】
public void testLogin(){
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("spj@qq.com","pass");
subject.login(token);
Assert.assertTrue(subject.isAuthenticated());
System.out.println("login");
}
調用securityManager.loginer
Subject subject = securityManager.login(this, token);
使用securityManager的時候必須在配置文件 中加入securityManager的配置
<!-- 相當于調用SecurityUtils.setSecurityManager(securityManager) --> <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/> <property name="arguments" ref="securityManager"/> </bean>
根據當前登錄的token來獲取info
info = authenticate(token);--》info = doAuthenticate(token);
執行doAuthenticate獲取realms【讀取配置文件,并且判斷是否未單實例】
assertRealmsConfigured();
Collection<Realm> realms = getRealms();
if (realms.size() == 1) {
return doSingleRealmAuthentication(realms.iterator().next(), authenticationToken);
} else {
return doMultiRealmAuthentication(realms, authenticationToken);
}
獲取reaml中的info
protected AuthenticationInfo doSingleRealmAuthentication(Realm realm, AuthenticationToken token) {
if (!realm.supports(token)) {
String msg = "Realm [" + realm + "] does not support authentication token [" +
token + "]. Please ensure that the appropriate Realm implementation is " +
"configured correctly or that the realm accepts AuthenticationTokens of this type.";
throw new UnsupportedTokenException(msg);
}
AuthenticationInfo info = realm.getAuthenticationInfo(token);
if (info == null) {
String msg = "Realm [" + realm + "] was unable to find account data for the " +
"submitted AuthenticationToken [" + token + "].";
throw new UnknownAccountException(msg);
}
return info;
}
最后執行登錄時候token和從realm中獲取到info的判斷
onSuccessfulLogin(token, info, loggedIn);
來自:http://my.oschina.net/u/1996443/blog/363984
本文由用戶 jopen 自行上傳分享,僅供網友學習交流。所有權歸原作者,若您的權利被侵害,請聯系管理員。
轉載本站原創文章,請注明出處,并保留原始鏈接、圖片水印。
本站是一個以用戶分享為主的開源技術平臺,歡迎各類分享!