www.pudn.com > SecurityFilter.rar > SSOAuthenticator.java
package dev.trade.cs.securityfilter; import java.security.*; import com.newland.security.usermgr.baseobj.*; import dev.trade.common.securityfilter.authenticator.*; import dev.trade.cs.util.*; /** *Title:
* *Description: SSO(单点登录)验证器
* *Copyright: Copyright (c) 2006
* *Company:
* * @author not ZhengYanNan * @version 1.0 */ public class SSOAuthenticator extends AbstractAuthenticator{ public static final String SSO_AUTH = "SSO"; public static final String SSO_SESSION_ID = "ssoSessionId"; public static final String SSO_SESSION_PWD = "ssoSessionPwd"; public SSOAuthenticator(){ super(SSO_AUTH, SSO_SESSION_ID, SSO_SESSION_PWD); } /** * 验证用户有效性,登录时调用,可用于处理用户信息的初始化 * @param username a username * @param password a plain text password, as entered by the user * @return a Principal object representing the user if successful, false otherwise */ public Principal authenticate(String username, String password){ UserInfo userInfo = SecurityUtil.isLoginUser(username); if (userInfo!=null) { SSOPrincipal p = new SSOPrincipal(userInfo); return p; } else { return null; } } /** * 测试用户的权限 * @param username The name of the user * @param role name of a role to test for membership * @return true if the user is in the role, false otherwise */ public boolean isUserInRole(Principal principal, String funId){ SSOPrincipal p = (SSOPrincipal)principal; String fId = ""; String opt = ""; String[] fids = funId.split("#"); if(fids.length > 1){ fId = fids[0]; opt = fids[1]; if("VISIBLE".equalsIgnoreCase(opt)){ opt = SecurityUtil.OPERATION_VISIBLE; } else if("WRITE".equalsIgnoreCase(opt)){ opt = SecurityUtil.OPERATION_WRITE; } else{ opt = SecurityUtil.OPERATION_READ; } } else{ fId = funId; opt = SecurityUtil.OPERATION_READ; } return SecurityUtil.checkFuncPermission(p.getUserId(),fId,opt); } }