Apache Shiro 学习记录2

　　写完上篇随笔以后(链接).....我也想自己尝试一下写一个Strategy.....Shiro自带了3个Strategy,教程(链接)里作者也给了2个.....我想写个都不一样的策略.....看来看去....决定写个LastSuccessfulStrategy好了...顾名思义就是返回最后一个Realm验证成功的AuthenticationInfo的信息...

 package com.github.zhangkaitao.shiro.chapter2.authenticator.strategy;

 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.pam.AbstractAuthenticationStrategy;
 import org.apache.shiro.realm.Realm;
 import org.apache.shiro.util.CollectionUtils;

 public class LastSuccessfulStrategy extends AbstractAuthenticationStrategy {
     @Override
     protected AuthenticationInfo merge(AuthenticationInfo info,
             AuthenticationInfo aggregate) {
         // TODO Auto-generated method stub
         if (info != null && !CollectionUtils.isEmpty(info.getPrincipals()))
             return info;
         else
             return aggregate;
     }

     @Override
     public AuthenticationInfo afterAttempt(Realm realm,
             AuthenticationToken token, AuthenticationInfo singleRealmInfo,
             AuthenticationInfo aggregateInfo, Throwable t)
             throws AuthenticationException {
         // TODO Auto-generated method stub
         return merge(singleRealmInfo, aggregateInfo);
     }

     @Override
     public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
         //we know if one or more were able to succesfully authenticate if the aggregated account object does not
         //contain null or empty data:
         if (aggregate == null || CollectionUtils.isEmpty(aggregate.getPrincipals())) {
             throw new AuthenticationException("Authentication token of type [" + token.getClass() + "] " +
                     "could not be authenticated by any configured realms.  Please ensure that at least one realm can " +
                     "authenticate these tokens.");
         }

         return aggregate;
     }
 }

我的想法是这样的...只要Realm返回的info不为空,就把它作为aggregate储存起来...否则直接返回aggregate....所以我override了merge方法...并在afterAttemp里调用它....

然后所有Realm都处理完毕以后..如果aggregate是null...说明所有Realm都验证失败了...那么应该抛出异常....这里逻辑我就直接抄AtLeastOneSuccessfulStrategy类的代码了...

测试代码直接修改教程的就行了

     @Test
     public void testHelloworld2() {
         // 1、获取SecurityManager工厂，此处使用Ini配置文件初始化SecurityManager
         Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory(
                 "classpath:shiro2.ini");

         // 2、得到SecurityManager实例 并绑定给SecurityUtils
         org.apache.shiro.mgt.SecurityManager securityManager = factory
                 .getInstance();
         SecurityUtils.setSecurityManager(securityManager);

         // 3、得到Subject及创建用户名/密码身份验证Token（即用户身份/凭证）
         Subject subject = SecurityUtils.getSubject();
         UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123");

         try {
             // 4、登录，即身份验证
             subject.login(token);
         }
         catch (AuthenticationException e) {
             // 5、身份验证失败
         }

         Assert.assertEquals(true, subject.isAuthenticated()); // 断言用户已经登录
         System.out.println(subject.getPrincipal());

         // 6、退出
         subject.logout();
     }

shiro2.ini也修改自教程

 [main]
 #指定securityManager的authenticator实现
 authenticator=org.apache.shiro.authc.pam.ModularRealmAuthenticator
 securityManager.authenticator=$authenticator

 #指定securityManager.authenticator的authenticationStrategy
 lastSuccessfulStrategy=org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
 securityManager.authenticator.authenticationStrategy=$lastSuccessfulStrategy

 myRealm1=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm1
 myRealm2=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm2
 myRealm3=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm3
 securityManager.realms=$myRealm1,$myRealm3,$myRealm2

3个Realm我就不贴了...和教程是一样的....

这样我自己的LastSuccessfulStrategy策略就完成啦O(∩_∩)O哈！