Examples of org.apache.shiro.authz.SimpleAuthorizationInfo

• org.apache.shiro.authz.SimpleAuthorizationInfo
  Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internalattributes. @see org.apache.shiro.realm.AuthorizingRealm @since 0.9 @author Jeremy Haile @author Les Hazlewood

  {
    Long userId = (Long)principals.fromRealm(getName()).iterator().next();
    User user = userDAO.getUser(userId);
    if (user != null)
    {
      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
      for (Role role : user.getRoles())
      {
        info.addRole(role.getName());
        info.addStringPermissions(role.getPermissions());
      }
      return info;
    }
    else
    {

public class OtherRealm extends AuthorizingRealm {
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    String username = (String)getAvailablePrincipal(principals);
    if ("marry".equals(username)) {
      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
      info.setRoles(Tools.set("role3"));
      info.setStringPermissions(Tools.set("permission3"));
      return info;
    }
    return null;
  }

  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    String username = (String)getAvailablePrincipal(principals);
    if ("root".equals(username)) {
      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
      info.setRoles(Tools.set("role1", "role2"));
      info.setStringPermissions(Tools.set("permission1", "permission2"));
      return info;
    } else if ("john".equals(username)) {
      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
      info.setRoles(Tools.set("role2"));
      info.setStringPermissions(Tools.set("permission2"));
      return info;
    }
    return null;
  }

      PrincipalCollection principalCollection) {
    String accountName = (String) principalCollection.fromRealm(getName())
        .iterator().next();
    Account account = accountService.getFullAccount(accountName);
    if (account != null) {
      SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
      for (Role role : account.getRoleList()) {
        authorizationInfo.addRole(role.getName());
        authorizationInfo.addStringPermissions(role
            .getOperationTitleList());
      }
      return authorizationInfo;
    } else {
      return null;

  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    Principal principal = (Principal) getAvailablePrincipal(principals);
    User user = getSystemService().getUserByLoginName(principal.getLoginName());
    if (user != null) {
      UserUtils.putCache("user", user);
      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
      List<Menu> list = UserUtils.getMenuList();
      for (Menu menu : list){
        if (StringUtils.isNotBlank(menu.getPermission())){
          // 添加基于Permission的权限信息
          for (String permission : StringUtils.split(menu.getPermission(),",")){
            info.addStringPermission(permission);
          }
        }
      }
      // 更新登录IP和时间
      getSystemService().updateUserLoginInfo(user.getId());

  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    User user = (User) getAvailablePrincipal(principals);

    Set<String> roles = permission.getRolesByUser(user.getUsername());
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(roles);

    for (String role : roles) {
      Set<String> permissions = permission.getPermissionsByRole(role);
      simpleAuthorizationInfo.addStringPermissions(permissions);
    }

    return simpleAuthorizationInfo;
  }