My requirement is to read user and permission information from the database to complete authentication and authorization. Shiro provides JdbcRealm implementation, but there is no MongoDB realm implementation.
Could you please:
Is MongoDB implemented as a Shiro realm?
If possible, how to write the specific configuration? (Google found a specific implementation code, but the relevant configuration files are missing)
怪我咯2017-05-17 10:00:54
Thank you for the invitation, you just need to implement your own Realm, for example:
public class MyRealm extends AuthorizingRealm {
// 认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// TODO 从数据库中获取用户信息, 从Mongo中查出来的
return null;
}
// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// TODO 从数据库中获取授权信息, 从Mongo中查出来的
return null;
}
}Then add your own Realm设置到RealmSecurityManager, for example:
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(new MyRealm());Then just add this SecurityManager设置到ShiroFilter, for example:
ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
shiroFilterFactory.setSecurityManager(securityManager);