<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <!-- NewPage --> <html lang="zh"> <head> <!-- Generated by javadoc (1.8.0_131) on Fri May 28 08:39:45 GMT+08:00 2021 --> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ShiroRealm</title> <meta name="date" content="2021-05-28"> <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style"> <script type="text/javascript" src="../../../../../script.js"></script> </head> <body> <script type="text/javascript"><!-- try { if (location.href.indexOf('is-external=true') == -1) { parent.document.title="ShiroRealm"; } } catch(err) { } //--> var methods = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10}; var tabs = {65535:["t0","所有方法"],2:["t2","实例方法"],8:["t4","具体方法"]}; var altColor = "altColor"; var rowColor = "rowColor"; var tableTab = "tableTab"; var activeTableTab = "activeTableTab"; </script> <noscript> <div>您的浏览器已禁用 JavaScript。</div> </noscript> <!-- ========= START OF TOP NAVBAR ======= --> <div class="topNav"><a name="navbar.top"> <!-- --> </a> <div class="skipNav"><a href="#skip.navbar.top" title="跳过导航链接">跳过导航链接</a></div> <a name="navbar.top.firstrow"> <!-- --> </a> <ul class="navList" title="导航"> <li><a href="../../../../../overview-summary.html">概览</a></li> <li><a href="package-summary.html">程序包</a></li> <li class="navBarCell1Rev">类</li> <li><a href="package-tree.html">树</a></li> <li><a href="../../../../../deprecated-list.html">已过时</a></li> <li><a href="../../../../../index-files/index-1.html">索引</a></li> <li><a href="../../../../../help-doc.html">帮助</a></li> </ul> </div> <div class="subNav"> <ul class="navList"> <li><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroConfig.html" title="org.chinandc.idcds.config.shiro中的类"><span class="typeNameLink">上一个类</span></a></li> <li>下一个类</li> </ul> <ul class="navList"> <li><a href="../../../../../index.html?org/chinandc/idcds/config/shiro/ShiroRealm.html" target="_top">框架</a></li> <li><a href="ShiroRealm.html" target="_top">无框架</a></li> </ul> <ul class="navList" id="allclasses_navbar_top"> <li><a href="../../../../../allclasses-noframe.html">所有类</a></li> </ul> <div> <script type="text/javascript"><!-- allClassesLink = document.getElementById("allclasses_navbar_top"); if(window==top) { allClassesLink.style.display = "block"; } else { allClassesLink.style.display = "none"; } //--> </script> </div> <div> <ul class="subNavList"> <li>概要: </li> <li>嵌套 | </li> <li>字段 | </li> <li><a href="#constructor.summary">构造器</a> | </li> <li><a href="#method.summary">方法</a></li> </ul> <ul class="subNavList"> <li>详细资料: </li> <li>字段 | </li> <li><a href="#constructor.detail">构造器</a> | </li> <li><a href="#method.detail">方法</a></li> </ul> </div> <a name="skip.navbar.top"> <!-- --> </a></div> <!-- ========= END OF TOP NAVBAR ========= --> <!-- ======== START OF CLASS DATA ======== --> <div class="header"> <div class="subTitle">org.chinandc.idcds.config.shiro</div> <h2 title="类 ShiroRealm" class="title">类 ShiroRealm</h2> </div> <div class="contentContainer"> <ul class="inheritance"> <li>java.lang.Object</li> <li> <ul class="inheritance"> <li>org.apache.shiro.realm.CachingRealm</li> <li> <ul class="inheritance"> <li>org.apache.shiro.realm.AuthenticatingRealm</li> <li> <ul class="inheritance"> <li>org.apache.shiro.realm.AuthorizingRealm</li> <li> <ul class="inheritance"> <li>org.chinandc.idcds.config.shiro.ShiroRealm</li> </ul> </li> </ul> </li> </ul> </li> </ul> </li> </ul> <div class="description"> <ul class="blockList"> <li class="blockList"> <dl> <dt>所有已实现的接口:</dt> <dd>org.apache.shiro.authc.LogoutAware, org.apache.shiro.authz.Authorizer, org.apache.shiro.authz.permission.PermissionResolverAware, org.apache.shiro.authz.permission.RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, org.apache.shiro.realm.Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable</dd> </dl> <hr> <br> <pre>@Component public class <span class="typeNameLabel">ShiroRealm</span> extends org.apache.shiro.realm.AuthorizingRealm</pre> </li> </ul> </div> <div class="summary"> <ul class="blockList"> <li class="blockList"> <!-- ======== CONSTRUCTOR SUMMARY ======== --> <ul class="blockList"> <li class="blockList"><a name="constructor.summary"> <!-- --> </a> <h3>构造器概要</h3> <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="构造器概要表, 列表构造器和解释"> <caption><span>构造器</span><span class="tabEnd"> </span></caption> <tr> <th class="colOne" scope="col">构造器和说明</th> </tr> <tr class="altColor"> <td class="colOne"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#ShiroRealm--">ShiroRealm</a></span>()</code> </td> </tr> </table> </li> </ul> <!-- ========== METHOD SUMMARY =========== --> <ul class="blockList"> <li class="blockList"><a name="method.summary"> <!-- --> </a> <h3>方法概要</h3> <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="方法概要表, 列表方法和解释"> <caption><span id="t0" class="activeTableTab"><span>所有方法</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">实例方法</a></span><span class="tabEnd"> </span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">具体方法</a></span><span class="tabEnd"> </span></span></caption> <tr> <th class="colFirst" scope="col">限定符和类型</th> <th class="colLast" scope="col">方法和说明</th> </tr> <tr id="i0" class="altColor"> <td class="colFirst"><code><a href="../../../../../org/chinandc/idcds/common/system/vo/LoginUser.html" title="org.chinandc.idcds.common.system.vo中的类">LoginUser</a></code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#checkUserTokenIsEffect-java.lang.String-">checkUserTokenIsEffect</a></span>(java.lang.String token)</code> <div class="block">校验token的有效性</div> </td> </tr> <tr id="i1" class="rowColor"> <td class="colFirst"><code>void</code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#clearCache-org.apache.shiro.subject.PrincipalCollection-">clearCache</a></span>(org.apache.shiro.subject.PrincipalCollection principals)</code> <div class="block">清除当前用户的权限认证缓存</div> </td> </tr> <tr id="i2" class="altColor"> <td class="colFirst"><code>protected org.apache.shiro.authc.AuthenticationInfo</code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#doGetAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-">doGetAuthenticationInfo</a></span>(org.apache.shiro.authc.AuthenticationToken auth)</code> <div class="block">用户信息认证是在用户进行登录的时候进行验证(不存redis) 也就是说验证用户输入的账号和密码是否正确,错误抛出异常</div> </td> </tr> <tr id="i3" class="rowColor"> <td class="colFirst"><code>protected org.apache.shiro.authz.AuthorizationInfo</code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">doGetAuthorizationInfo</a></span>(org.apache.shiro.subject.PrincipalCollection principals)</code> <div class="block">权限信息认证(包括角色以及权限)是用户访问controller的时候才进行验证(redis存储的此处权限信息) 触发检测用户权限时才会调用此方法,例如checkRole,checkPermission</div> </td> </tr> <tr id="i4" class="altColor"> <td class="colFirst"><code>boolean</code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#jwtTokenRefresh-java.lang.String-java.lang.String-java.lang.String-">jwtTokenRefresh</a></span>(java.lang.String token, java.lang.String userName, java.lang.String passWord)</code> <div class="block">JWTToken刷新生命周期 (实现: 用户在线操作不掉线功能) 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样),缓存有效期设置为Jwt有效时间的2倍 2、当该用户再次请求时,通过JWTFilter层层校验之后会进入到doGetAuthenticationInfo进行身份验证 3、当该用户这次请求jwt生成的token值已经超时,但该token对应cache中的k还是存在,则表示该用户一直在操作只是JWT的token失效了,程序会给token对应的k映射的v值重新生成JWTToken并覆盖v值,该缓存生命周期重新计算 4、当该用户这次请求jwt在生成的token值已经超时,并在cache中不存在对应的k,则表示该用户账户空闲超时,返回用户信息已失效,请重新登录。</div> </td> </tr> <tr id="i5" class="rowColor"> <td class="colFirst"><code>boolean</code></td> <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroRealm.html#supports-org.apache.shiro.authc.AuthenticationToken-">supports</a></span>(org.apache.shiro.authc.AuthenticationToken token)</code> <div class="block">必须重写此方法,不然Shiro会报错</div> </td> </tr> </table> <ul class="blockList"> <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.AuthorizingRealm"> <!-- --> </a> <h3>从类继承的方法 org.apache.shiro.realm.AuthorizingRealm</h3> <code>afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver</code></li> </ul> <ul class="blockList"> <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.AuthenticatingRealm"> <!-- --> </a> <h3>从类继承的方法 org.apache.shiro.realm.AuthenticatingRealm</h3> <code>assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher</code></li> </ul> <ul class="blockList"> <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.realm.CachingRealm"> <!-- --> </a> <h3>从类继承的方法 org.apache.shiro.realm.CachingRealm</h3> <code>getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled</code></li> </ul> <ul class="blockList"> <li class="blockList"><a name="methods.inherited.from.class.java.lang.Object"> <!-- --> </a> <h3>从类继承的方法 java.lang.Object</h3> <code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li> </ul> <ul class="blockList"> <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.util.Initializable"> <!-- --> </a> <h3>从接口继承的方法 org.apache.shiro.util.Initializable</h3> <code>init</code></li> </ul> </li> </ul> </li> </ul> </div> <div class="details"> <ul class="blockList"> <li class="blockList"> <!-- ========= CONSTRUCTOR DETAIL ======== --> <ul class="blockList"> <li class="blockList"><a name="constructor.detail"> <!-- --> </a> <h3>构造器详细资料</h3> <a name="ShiroRealm--"> <!-- --> </a> <ul class="blockListLast"> <li class="blockList"> <h4>ShiroRealm</h4> <pre>public ShiroRealm()</pre> </li> </ul> </li> </ul> <!-- ============ METHOD DETAIL ========== --> <ul class="blockList"> <li class="blockList"><a name="method.detail"> <!-- --> </a> <h3>方法详细资料</h3> <a name="supports-org.apache.shiro.authc.AuthenticationToken-"> <!-- --> </a> <ul class="blockList"> <li class="blockList"> <h4>supports</h4> <pre>public boolean supports(org.apache.shiro.authc.AuthenticationToken token)</pre> <div class="block">必须重写此方法,不然Shiro会报错</div> <dl> <dt><span class="overrideSpecifyLabel">指定者:</span></dt> <dd><code>supports</code> 在接口中 <code>org.apache.shiro.realm.Realm</code></dd> <dt><span class="overrideSpecifyLabel">覆盖:</span></dt> <dd><code>supports</code> 在类中 <code>org.apache.shiro.realm.AuthenticatingRealm</code></dd> </dl> </li> </ul> <a name="doGetAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-"> <!-- --> </a> <ul class="blockList"> <li class="blockList"> <h4>doGetAuthorizationInfo</h4> <pre>protected org.apache.shiro.authz.AuthorizationInfo doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals)</pre> <div class="block">权限信息认证(包括角色以及权限)是用户访问controller的时候才进行验证(redis存储的此处权限信息) 触发检测用户权限时才会调用此方法,例如checkRole,checkPermission</div> <dl> <dt><span class="overrideSpecifyLabel">指定者:</span></dt> <dd><code>doGetAuthorizationInfo</code> 在类中 <code>org.apache.shiro.realm.AuthorizingRealm</code></dd> <dt><span class="paramLabel">参数:</span></dt> <dd><code>principals</code> - 身份信息</dd> <dt><span class="returnLabel">返回:</span></dt> <dd>AuthorizationInfo 权限信息</dd> </dl> </li> </ul> <a name="doGetAuthenticationInfo-org.apache.shiro.authc.AuthenticationToken-"> <!-- --> </a> <ul class="blockList"> <li class="blockList"> <h4>doGetAuthenticationInfo</h4> <pre>protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken auth) throws org.apache.shiro.authc.AuthenticationException</pre> <div class="block">用户信息认证是在用户进行登录的时候进行验证(不存redis) 也就是说验证用户输入的账号和密码是否正确,错误抛出异常</div> <dl> <dt><span class="overrideSpecifyLabel">指定者:</span></dt> <dd><code>doGetAuthenticationInfo</code> 在类中 <code>org.apache.shiro.realm.AuthenticatingRealm</code></dd> <dt><span class="paramLabel">参数:</span></dt> <dd><code>auth</code> - 用户登录的账号密码信息</dd> <dt><span class="returnLabel">返回:</span></dt> <dd>返回封装了用户信息的 AuthenticationInfo 实例</dd> <dt><span class="throwsLabel">抛出:</span></dt> <dd><code>org.apache.shiro.authc.AuthenticationException</code></dd> </dl> </li> </ul> <a name="checkUserTokenIsEffect-java.lang.String-"> <!-- --> </a> <ul class="blockList"> <li class="blockList"> <h4>checkUserTokenIsEffect</h4> <pre>public <a href="../../../../../org/chinandc/idcds/common/system/vo/LoginUser.html" title="org.chinandc.idcds.common.system.vo中的类">LoginUser</a> checkUserTokenIsEffect(java.lang.String token) throws org.apache.shiro.authc.AuthenticationException</pre> <div class="block">校验token的有效性</div> <dl> <dt><span class="paramLabel">参数:</span></dt> <dd><code>token</code> - </dd> <dt><span class="throwsLabel">抛出:</span></dt> <dd><code>org.apache.shiro.authc.AuthenticationException</code></dd> </dl> </li> </ul> <a name="jwtTokenRefresh-java.lang.String-java.lang.String-java.lang.String-"> <!-- --> </a> <ul class="blockList"> <li class="blockList"> <h4>jwtTokenRefresh</h4> <pre>public boolean jwtTokenRefresh(java.lang.String token, java.lang.String userName, java.lang.String passWord)</pre> <div class="block">JWTToken刷新生命周期 (实现: 用户在线操作不掉线功能) 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样),缓存有效期设置为Jwt有效时间的2倍 2、当该用户再次请求时,通过JWTFilter层层校验之后会进入到doGetAuthenticationInfo进行身份验证 3、当该用户这次请求jwt生成的token值已经超时,但该token对应cache中的k还是存在,则表示该用户一直在操作只是JWT的token失效了,程序会给token对应的k映射的v值重新生成JWTToken并覆盖v值,该缓存生命周期重新计算 4、当该用户这次请求jwt在生成的token值已经超时,并在cache中不存在对应的k,则表示该用户账户空闲超时,返回用户信息已失效,请重新登录。 注意: 前端请求Header中设置Authorization保持不变,校验有效性以缓存中的token为准。 用户过期时间 = Jwt有效时间 * 2。</div> <dl> <dt><span class="paramLabel">参数:</span></dt> <dd><code>userName</code> - </dd> <dd><code>passWord</code> - </dd> <dt><span class="returnLabel">返回:</span></dt> </dl> </li> </ul> <a name="clearCache-org.apache.shiro.subject.PrincipalCollection-"> <!-- --> </a> <ul class="blockListLast"> <li class="blockList"> <h4>clearCache</h4> <pre>public void clearCache(org.apache.shiro.subject.PrincipalCollection principals)</pre> <div class="block">清除当前用户的权限认证缓存</div> <dl> <dt><span class="overrideSpecifyLabel">覆盖:</span></dt> <dd><code>clearCache</code> 在类中 <code>org.apache.shiro.realm.CachingRealm</code></dd> <dt><span class="paramLabel">参数:</span></dt> <dd><code>principals</code> - 权限信息</dd> </dl> </li> </ul> </li> </ul> </li> </ul> </div> </div> <!-- ========= END OF CLASS DATA ========= --> <!-- ======= START OF BOTTOM NAVBAR ====== --> <div class="bottomNav"><a name="navbar.bottom"> <!-- --> </a> <div class="skipNav"><a href="#skip.navbar.bottom" title="跳过导航链接">跳过导航链接</a></div> <a name="navbar.bottom.firstrow"> <!-- --> </a> <ul class="navList" title="导航"> <li><a href="../../../../../overview-summary.html">概览</a></li> <li><a href="package-summary.html">程序包</a></li> <li class="navBarCell1Rev">类</li> <li><a href="package-tree.html">树</a></li> <li><a href="../../../../../deprecated-list.html">已过时</a></li> <li><a href="../../../../../index-files/index-1.html">索引</a></li> <li><a href="../../../../../help-doc.html">帮助</a></li> </ul> </div> <div class="subNav"> <ul class="navList"> <li><a href="../../../../../org/chinandc/idcds/config/shiro/ShiroConfig.html" title="org.chinandc.idcds.config.shiro中的类"><span class="typeNameLink">上一个类</span></a></li> <li>下一个类</li> </ul> <ul class="navList"> <li><a href="../../../../../index.html?org/chinandc/idcds/config/shiro/ShiroRealm.html" target="_top">框架</a></li> <li><a href="ShiroRealm.html" target="_top">无框架</a></li> </ul> <ul class="navList" id="allclasses_navbar_bottom"> <li><a href="../../../../../allclasses-noframe.html">所有类</a></li> </ul> <div> <script type="text/javascript"><!-- allClassesLink = document.getElementById("allclasses_navbar_bottom"); if(window==top) { allClassesLink.style.display = "block"; } else { allClassesLink.style.display = "none"; } //--> </script> </div> <div> <ul class="subNavList"> <li>概要: </li> <li>嵌套 | </li> <li>字段 | </li> <li><a href="#constructor.summary">构造器</a> | </li> <li><a href="#method.summary">方法</a></li> </ul> <ul class="subNavList"> <li>详细资料: </li> <li>字段 | </li> <li><a href="#constructor.detail">构造器</a> | </li> <li><a href="#method.detail">方法</a></li> </ul> </div> <a name="skip.navbar.bottom"> <!-- --> </a></div> <!-- ======== END OF BOTTOM NAVBAR ======= --> </body> </html>