import java.lang.reflect.Method; import java.util.Map; import javax.annotation.Resource; import org.springframework.aop.AfterReturningAdvice; import person.wjt.base.auth.model.User; import person.wjt.base.auth.model.UserType; import person.wjt.base.auth.runtime.AuthService; import com.trunkbow.audit.base.dao.ManagerDao; import com.trunkbow.audit.base.model.Manager; public class ManagerLogin implements AfterReturningAdvice{ @Resource private ManagerDao managerDao; @SuppressWarnings("unchecked") @Override public void afterReturning(Object returnValue, Method method, Object[] args, Object target) throws Throwable { if (null==returnValue) { return; } Map<String, Object> returnMap=(Map<String, Object>)returnValue; User user=(User) returnMap.get(AuthService.CURRENT_USER); if (UserType.MANAGER.equals(user.getType())) { Manager manager=managerDao.getById(user.getId()); returnMap.put(AuthService.CURRENT_USER, manager); } } }
2.service接口
/** * 权限执行时Service * @author wangjintao * */ public interface AuthService { /** * 当前用户,当前登陆的用户 */ public final static String CURRENT_USER="_current_user_"; /** * 当前用户所属的组 */ public final static String CURRENT_GROUPS="_current_groups_"; /** * 当前用户可用的组 */ public final static String CURRENT_AVAILABLE_GROUPS="_current_available_groups_"; /** * 当前用户所属组的id */ public final static String CURRENT_GROUP_IDS="_current_group_ids_"; /** * 当前用户所属组的code */ public final static String CURRENT_GROUP_CODES="_current_group_codes_"; /** * 当前用户拥有的功能 */ public final static String CURRENT_PERMS="_current_perms_"; /** * 当前用户可用的权限 */ public final static String CURRENT_AVAILABLE_PERMS="_current_available_perms_"; /** * 当前用户拥有的功能id */ public final static String CURRENT_PERM_IDS="_current_perm_ids_"; /** * 当前用户拥有的功能code */ public final static String CURRENT_PERM_CODES="_current_perm_codes_"; /** * 登陆方法 * @param username 用户名 * @param password 密码 * @return 需要记在session中的键值对,ru */ public Map<String,Object> login(String username,String password); /** * 登出 */ public void logout();
3.service实现
import org.apache.log4j.Logger; import java.util.HashMap; import java.util.Map; import javax.annotation.Resource; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.ExcessiveAttemptsException; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.LockedAccountException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import person.wjt.base.auth.dao.UserDao; import person.wjt.base.auth.model.User; import person.wjt.base.auth.runtime.AuthService; /** * 基于shiro的AuthService实现 * @author wangjintao * */ public class ShiroAuthService implements AuthService{ /** * Logger for this class */ private static final Logger logger = Logger .getLogger(ShiroAuthService.class); @Resource private UserDao userDao; @Override public Map<String, Object> login(String username, String password) { if (logger.isDebugEnabled()) { logger.debug("login(String, String) - start"); } Subject subject= SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(username, password); try{ subject.login(token); }catch ( UnknownAccountException uae ) { logger.warn("login(String, String)", uae); } catch ( IncorrectCredentialsException ice ) { logger.warn("login(String, String)", ice); } catch ( LockedAccountException lae ) { logger.warn("login(String, String)", lae); } catch ( ExcessiveAttemptsException eae ) { logger.warn("login(String, String)", eae); } catch ( AuthenticationException ae ) { logger.warn("login(String, String)", ae); } if (subject.isAuthenticated()) { Map<String, Object> loginResult=new HashMap<String, Object>(); loginResult.put(CURRENT_USER,subject.getPrincipals().oneByType(User.class)); return loginResult; } if (logger.isDebugEnabled()) { logger.debug("login(String, String) - end"); } return null; } @Override public void logout() { Subject subject= SecurityUtils.getSubject(); if (null!=subject&&subject.isAuthenticated()) { subject.logout(); } } }
2.配置
<bean id="authServiceImpl" class="person.wjt.base.auth.runtime.shiro.ShiroAuthService" /> <bean id="managerLoginAdvisor" class="org.springframework.aop.support.NameMatchMethodPointcutAdvisor"> <property name="advice" ref="managerLogin" /> <property name="mappedNames"> <array value-type="java.lang.String"> <value>login</value> </array> </property> </bean> <bean id="authService" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces" value="person.wjt.base.auth.runtime.AuthService" /> <property name="target" ref="authServiceImpl" /> <property name="interceptorNames"> <list> <value>managerLoginAdvisor</value> </list> </property> </bean>