Shiro logon authentication and permission control, shiro logon permission Control
1. Implement class inheritance AuthorizingRealm
1. Implementation Method doGetAuthenticationInfo: Fill the defined user entity class with map and realmPrincipals;
2. Implementation Method doGetAuthorizationInfo: Fill in roles and Permissions;
2. Create a subject
The SecurityUtils getSubject method is provided. securityManager. createSubject and SubjectContext are used to confirm that securityManager, session, and PrincipalCollection exist in the map. Finally, defawebwebsubjectfactory creates webDelegatingSubject and saves it to the session.
Iii. logon Verification
Log on to create a logstore. Run the securityManager login command in the DelegatingSubject login method.
4. log out
The DelegatingSubject logout method executes securityManager logout, deletes the subject in the session, and stops the session.
V. About ModularRealmAuthenticator
ModularRealmAuthenticator class setRealms at project startup (defined in step 1,I am not sure why Injection occurs when the project is started.), DoSingleRealmAuthentication method calls doGetAuthorizationInfo of realm