Apache Shiro 学习记录2

　　写完上篇随笔以后(链接).....我也想自己尝试一下写一个Strategy.....Shiro自带了3个Strategy,教程(链接)里作者也给了2个.....我想写个都不一样的策略.....看来看去....决定写个LastSuccessfulStrategy好了...顾名思义就是返回最后一个Realm验证成功的AuthenticationInfo的信息...

package com.github.zhangkaitao.shiro.chapter2.authenticator.strategy;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.pam.AbstractAuthenticationStrategy;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.util.CollectionUtils;

public class LastSuccessfulStrategy extends AbstractAuthenticationStrategy {
    @Override
    protected AuthenticationInfo merge(AuthenticationInfo info,
            AuthenticationInfo aggregate) {
        // TODO Auto-generated method stub
        if (info != null && !CollectionUtils.isEmpty(info.getPrincipals()))
            return info;
        else
            return aggregate;
    }

    @Override
    public AuthenticationInfo afterAttempt(Realm realm,
            AuthenticationToken token, AuthenticationInfo singleRealmInfo,
            AuthenticationInfo aggregateInfo, Throwable t)
            throws AuthenticationException {
        // TODO Auto-generated method stub
        return merge(singleRealmInfo, aggregateInfo);
    }
    
    @Override
    public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
        //we know if one or more were able to succesfully authenticate if the aggregated account object does not
        //contain null or empty data:
        if (aggregate == null || CollectionUtils.isEmpty(aggregate.getPrincipals())) {
            throw new AuthenticationException("Authentication token of type [" + token.getClass() + "] " +
                    "could not be authenticated by any configured realms.  Please ensure that at least one realm can " +
                    "authenticate these tokens.");
        }

        return aggregate;
    }
}

我的想法是这样的...只要Realm返回的info不为空,就把它作为aggregate储存起来...否则直接返回aggregate....所以我override了merge方法...并在afterAttemp里调用它....

然后所有Realm都处理完毕以后..如果aggregate是null...说明所有Realm都验证失败了...那么应该抛出异常....这里逻辑我就直接抄AtLeastOneSuccessfulStrategy类的代码了...

测试代码直接修改教程的就行了

    @Test
    public void testHelloworld2() {
        // 1、获取SecurityManager工厂，此处使用Ini配置文件初始化SecurityManager
        Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory(
                "classpath:shiro2.ini");

        // 2、得到SecurityManager实例 并绑定给SecurityUtils
        org.apache.shiro.mgt.SecurityManager securityManager = factory
                .getInstance();
        SecurityUtils.setSecurityManager(securityManager);

        // 3、得到Subject及创建用户名/密码身份验证Token（即用户身份/凭证）
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123");

        try {
            // 4、登录，即身份验证
            subject.login(token);
        }
        catch (AuthenticationException e) {
            // 5、身份验证失败
        }

        Assert.assertEquals(true, subject.isAuthenticated()); // 断言用户已经登录
        System.out.println(subject.getPrincipal());

        // 6、退出
        subject.logout();
    }

shiro2.ini也修改自教程

[main]
#指定securityManager的authenticator实现
authenticator=org.apache.shiro.authc.pam.ModularRealmAuthenticator
securityManager.authenticator=$authenticator

#指定securityManager.authenticator的authenticationStrategy
lastSuccessfulStrategy=org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
securityManager.authenticator.authenticationStrategy=$lastSuccessfulStrategy

myRealm1=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm1
myRealm2=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm2
myRealm3=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm3
securityManager.realms=$myRealm1,$myRealm3,$myRealm2

3个Realm我就不贴了...和教程是一样的....

这样我自己的LastSuccessfulStrategy策略就完成啦O(∩_∩)O哈！