[main]
myAuthorRealm=cn.shiro.mytest.realm.MyAuthorRealm
securityManager.realms=$myAuthorRealm
/** * 自定义realm * 在这个类中处理身份认证及权限判断 * @author Administrator * */ public class MyAuthorRealm extends AuthorizingRealm { /** * 完成授权 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) { //从登录界面传递过来 username = "zhangwanfu" String username = (String)pc.getPrimaryPrincipal(); //查询数据库得到授权 String permission = "add,delete,update,select"; String[] pers = permission.split(","); SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); //将4条字符串添加到授权集合 for(String pr:pers){ simpleAuthorizationInfo.addStringPermission(pr); } return simpleAuthorizationInfo; } /** * 完成身份认证 */ @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token) throws AuthenticationException { //从登录传过来的username zhangwanfu String username = (String)token.getPrincipal(); //查询数据库得到zhangwanfu的密码 String password = "123456"; SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username, password, "MyAuthorRealm"); return simpleAuthenticationInfo; } }