shiro自定义realm

[main]
myAuthorRealm=cn.shiro.mytest.realm.MyAuthorRealm
securityManager.realms=$myAuthorRealm

/**
 * 自定义realm
 * 在这个类中处理身份认证及权限判断
 * @author Administrator
 *
 */
public class MyAuthorRealm extends AuthorizingRealm {

    /**
     * 完成授权
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
        //从登录界面传递过来 username = "zhangwanfu"
        String username = (String)pc.getPrimaryPrincipal();
        //查询数据库得到授权
        String permission = "add,delete,update,select";
        String[] pers = permission.split(",");
        SimpleAuthorizationInfo simpleAuthorizationInfo
             = new SimpleAuthorizationInfo();
        //将4条字符串添加到授权集合
        for(String pr:pers){
            simpleAuthorizationInfo.addStringPermission(pr);
        }
        
        return simpleAuthorizationInfo;
    }

    /**
     * 完成身份认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            AuthenticationToken token) throws AuthenticationException {
        
        //从登录传过来的username  zhangwanfu
        String username = (String)token.getPrincipal();
        //查询数据库得到zhangwanfu的密码
        String password = "123456";
        SimpleAuthenticationInfo simpleAuthenticationInfo
             = new SimpleAuthenticationInfo(username, password, "MyAuthorRealm");
        return simpleAuthenticationInfo;
    }

}