81,095
社区成员
发帖
与我相关
我的任务
分享
[users]
zhang=123,admin
[roles]
admin=user:*
public class MyRealm extends AuthorizingRealm {
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// 先不管认证
return new SimpleAuthenticationInfo("zhang", "123", this.getName());
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// 先不管授权
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
return authorizationInfo;
}
}
@WebListener
public class MyServletContextListener implements ServletContextListener {
public void contextDestroyed(ServletContextEvent arg0) {
System.out.println("destroyed");
}
public void contextInitialized(ServletContextEvent arg0) {
System.out.println("initialized");
// Cookie
SimpleCookie sessionIdCookie = new SimpleCookie();
sessionIdCookie.setName("sid");
// SessionManager
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionIdCookieEnabled(true);
sessionManager.setSessionIdCookie(sessionIdCookie);
// SecurityManager
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setSessionManager(sessionManager);
securityManager.setRealm(new MyRealm());
SecurityUtils.setSecurityManager(securityManager);
}
}
@WebServlet(name = "myServlet", urlPatterns = "/login")
public class MyServlet extends HttpServlet{
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Subject subject = SecurityUtils.getSubject();
System.out.println("Session ID:"+subject.getSession().getId().toString());
}
}