编写自定义Shiro领域

我正在构建自己的AuthorizingRealm子类,并且难以将其连接到我的SecurityManager

我的境界的本质:

public class MyRealm extends AuthorizingRealm { 
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { 
        try { 
            // My custom logic here 

        } catch(Throwable t) { 
            System.out.println(t.getMessage()); 
        } 
        SimpleAuthenticationInfo authn = new SimpleAuthenticationInfo(new MyUser(), "somePassword");
        return authn;
    } 

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { 
        try { 
            // My custom logic here 
        } catch(Throwable t) { 
            System.out.println(t.getMessage()); 
        }
        return new SimpleAuthorizationInfo();
    } 
}

然后在我的'shiro.ini'中:

# ======================= 
# Shiro INI configuration 
# ======================= 
[main] 
myRealm = com.me.myapp.security.MyRealm 

然后在我的Driver类/主要方法(我用于测试):

public class Driver { 
    public static void main(String[] args) { 
        Driver d = new Driver(); 
        d.test(); 
    } 

    public void test() { 
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); 
        SecurityManager securityManager = factory.getInstance(); 
        SecurityUtils.setSecurityManager(securityManager); 

        UsernamePasswordToken token = new UsernamePasswordToken("", ""); 
        token.setRememberMe(true); 

        System.out.println("Shiro props:"); 
        System.out.println(securityManager.getProperties()); 

        Subject currentUser = SecurityUtils.getSubject() 

        try { 
            currentUser.login(token) 

            println "I think this worked!" 
        } catch (UnknownAccountException uae) { 
            println "Exception: ${uae}" 
        } catch (IncorrectCredentialsException ice) { 
            println "Exception: ${ice}" 
        } catch (LockedAccountException lae) { 
            println "Exception: ${lae}" 
        } catch (ExcessiveAttemptsException eae) { 
            println "Exception: ${eae}" 
        } catch (AuthenticationException ae) { 
            println "Exception: ${ae}" 
        } 
    } 
} 

当我运行这个时,我得到:

Shiro props: 
[class:class org.apache.shiro.mgt.DefaultSecurityManager, cacheManager:null, subjectFactory:org.apache.shiro.mgt.DefaultSubjectFactory@6a2b8b42, authorizer:org.apache.shiro.authz.ModularRealmAuthorizer@50c3d082, realms:[com.me.myapp.security.MyRealm@67ae303a], subjectDAO:org.apache.shiro.mgt.DefaultSubjectDAO@5ce06503, rememberMeManager:null, authenticator:org.apache.shiro.authc.pam.ModularRealmAuthenticator@1007d798, sessionManager:org.apache.shiro.session.mgt.DefaultSessionManager@72db4460] 
Exception: org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - , rememberMe=true].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException). 

所以它看起来像它读取我的shiro.ini,因为它提取了正确的领域,但MyRealm除了存储应该验证身份的虚拟用户之外不会执行任何操作,而不管提供的用户名/密码如何。 任何想法,我要去哪里错误?


你可以看看github上的Stormpath Shiro插件的源代码:插件在这里和示例应用程序在这里使用插件。

我们已经实施了我们的一个AuthorizingRealm (类似于您需要的)。 你可能有兴趣看看:

  • https://github.com/stormpath/stormpath-shiro/blob/master/core/src/main/java/com/stormpath/shiro/realm/ApplicationRealm.java
  • https://github.com/stormpath/stormpath-shiro-web-sample/blob/master/src/main/webapp/WEB-INF/shiro.ini
  • 顺便说一句,在你的shiro.ini你需要添加这个: securityManager.realm = $myRealm


    将此添加到您的shiro.ini: securityManager.realms = $myRealm
    然后在你的Driver类中

    UsernamePasswordToken token = new UsernamePasswordToken("", "somePassword"); 
    

    而不是空的passowrd。

    我认为这工作!


    我自己并没有这样做,但这里有几件事你可以尝试:

  • 如果您不需要授权逻辑,请考虑将AuthenticatingRealm而不是AuthorizingRealm进行子类化

  • 在doGetAuthenticationInfo方法中,请考虑使用以下代码:

    SimpleAuthenticationInfo authn = new SimpleAuthenticationInfo(token.getPrincipal(),token.getCredentials(),“myRealm”);

  • 链接地址: http://www.djcxy.com/p/23569.html

    上一篇: Writing custom Shiro realm

    下一篇: Location and value for consecutive values above threshold