如何使用 JPA 创建 apache shiro 授权？

Question

我将 shiro auth 从原生 SQL 更改为 JPA，我有一些问题。 例如this link 和this link

但我有错误。

[2015-12-03 08:58:33,087] Artifact ear:ear exploded: Artifact is being deployed, please wait...
[2015-12-03 08:59:06,931] Artifact ear:ear exploded: Error during artifact deployment. See server log for details.
[2015-12-03 08:59:06,932] Artifact ear:ear exploded: java.io.IOException: com.sun.enterprise.admin.remote.RemoteFailureException: Error occurred during deployment: Exception while loading the app : java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: java.lang.NoClassDefFoundError: org/apache/commons/collections/FastHashMap. Please see server.log for more details.

我不明白它是如何工作的。我创建 JpaAuthorizingRealm 类：

public class JpaAuthorizingRealm extends AuthorizingRealm {

    public static final String REALM_NAME = "MY_REALM";
    public static final int HASH_ITERATIONS = 200;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) {
        Long userId = (Long) principals.fromRealm(getName()).iterator().next();
        User user = ShiroDao.me().userById(userId);
        if (user != null) {
            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
            for (Role role : user.getRoles()) {
                info.addRole(role.getRoleName());
                for (Permission permition : user.getPermissions()) {
                    info.addStringPermission(permition.getPermission());
                }
            }
            return info;
        } else {
            return null;
        }
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken authToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authToken;
        User user = ShiroDao.me().userByname(token.getUsername());
        if (user != null) {
            return new SimpleAuthenticationInfo(user.getId(), user.getPassword(), getName());
        } else {
            return null;
        }
    }

    @Override
    @Inject
    public void setCredentialsMatcher(final CredentialsMatcher credentialsMatcher) {
        super.setCredentialsMatcher(credentialsMatcher);
    }

}

并模拟用户、角色和权限。在我注册的ini文件中：

[main]
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager

# realms to be used
adRealm = myPackeg.CustomActiveDirectoryRealm
adRealm.url = ldap://myIP

noPassWordCredentialMatcher=myPackeg.CustomNoPassMatcher

userRealm=myPackeg.JpaAuthorizingRealm
userRealm.permissionsLookupEnabled=true
userRealm.credentialsMatcher=$noPassWordCredentialMatcher

authc.loginUrl = /login.xhtml
user.loginUrl = /login.xhtml
authc.successUrl  = /index.xhtml?faces-redirect=true
roles.unauthorizedUrl = /error/ErrorInsufficientPrivileges.xhtml?faces-redirect=true

securityManager.realms= $adRealm, $customSecurityRealm
authcStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy

;multipleroles = myPackeg.MultipleRolesAuthorizationFilter
multipleroles = myPackeg.MultipleRolesAuthorizationFilter

[roles]

[urls]
/javax.faces.resource/** = anon
/error/ = anon
/login.xhtml = authc
/logout = logout
#/admin/ChangePassword.xhtml= authc, roles[user]
/admin/**= authc, roles[administrator]
/reports/qcforcc_report.xhtml= authc, roles[user]
/reports/**= authc, roles[administrator]
/** = authc, roles[user]
#/** = user, multipleroles["administrator", "user"]

如果我将JpaAuthorizingRealm extends AuthorizingRealm 更改为JpaAuthorizingRealm extends JdbcRealm，则不会显示错误。

也许有人知道如何使用 JPA 创建 shiro 身份验证？

Answer 1

这似乎更像是一个链接错误，而不是 Shiro 的问题。该错误意味着您的代码（或 Shiro 库中的代码）无法从 commons-collections 中找到 FastHashMap 类。

这很可能是因为在您的类路径（您的应用程序、应用服务器等）中有多个版本的 commons-collections。问题可能是旧版本的 commons-collections 优先于新版本，并且旧版本不包含 FastHashMap。

Answer 2

我已经用 jpa 实现了 shiro，你可以在 https://github.com/nmojir/rest-basic-auth 找到源代码。