Home  >  Q&A  >  body text

Is it possible to implement MongoDB as a Shiro realm?

My requirement is to read user and permission information from the database to complete authentication and authorization. Shiro provides JdbcRealm implementation, but there is no MongoDB realm implementation.
Could you please:

  1. Is MongoDB implemented as a Shiro realm?

  2. If possible, how to write the specific configuration? (Google found a specific implementation code, but the relevant configuration files are missing)

大家讲道理大家讲道理2736 days ago564

reply all(1)I'll reply

  • 怪我咯

    怪我咯2017-05-17 10:00:54

    Thank you for the invitation, you just need to implement your own Realm, for example:

    public class MyRealm extends AuthorizingRealm {
    
      // 认证
      @Override
      protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    
        // TODO 从数据库中获取用户信息, 从Mongo中查出来的
        return null;
      }
    
      // 授权
      @Override
      protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    
        // TODO 从数据库中获取授权信息, 从Mongo中查出来的
        return null;
      }
    }

    Then add your own Realm设置到RealmSecurityManager, for example:

    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(new MyRealm());

    Then just add this SecurityManager设置到ShiroFilter, for example:

    ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
    shiroFilterFactory.setSecurityManager(securityManager);

    reply
    0
  • Cancelreply