My requirement is to read user and permission information from the database to complete authentication and authorization. Shiro provides JdbcRealm implementation, but there is no MongoDB realm implementation.
Could you please:
Is MongoDB implemented as a Shiro realm?
If possible, how to write the specific configuration? (Google found a specific implementation code, but the relevant configuration files are missing)
怪我咯2017-05-17 10:00:54
Thank you for the invitation, you just need to implement your own Realm, for example:
public class MyRealm extends AuthorizingRealm {
// 认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// TODO 从数据库中获取用户信息, 从Mongo中查出来的
return null;
}
// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// TODO 从数据库中获取授权信息, 从Mongo中查出来的
return null;
}
}
Then add your own Realm
设置到RealmSecurityManager
, for example:
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(new MyRealm());
Then just add this SecurityManager
设置到ShiroFilter
, for example:
ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
shiroFilterFactory.setSecurityManager(securityManager);