我如何在Shiro註冊AuthenticationListener

Question

登錄，註銷 - 一切正常，但我不知道如何註冊AuthenticationListener來記錄我的用戶。

我與吉斯工作，我用我自己的DBSaltAwareRealm（公共類DBSaltAwareRealm擴展AuthorizingRealm）

THX

Answer 1

好吧，我找到了另一種解決方案：

1.初始化您Guice-模塊照例：

public class ConfigServeletWithGuice extends GuiceServletContextListener { 
    ... 

    @Override 
    protected Injector getInjector() { 
     final Injector injector = Guice.createInjector(new ServeletModule(), new BusinessLogicModule(), 
       new AuthenticationModule(_ctx), new ShiroAopModule(), ShiroWebModule.guiceFilterModule()); 

     final SecurityManager securityManager = injector.getInstance(SecurityManager.class); 
     SecurityUtils.setSecurityManager(securityManager); 

     logger.debug("Creation of Injector - done!"); 

     return injector; 
    } 
} 

2.克雷亞忒自己的安全管理器：

public class MyWebSecurityManager extends DefaultWebSecurityManager { 
    @SuppressWarnings("unused") 
    private static Logger logger = LoggerFactory.getLogger(MyWebSecurityManager.class.getSimpleName()); 

    @Inject 
    private AuthenticationListener authenticationListener; 

    public MyWebSecurityManager() { 
     super(); 
    } 

    @SuppressWarnings({"UnusedDeclaration"}) 
    public MyWebSecurityManager(Realm singleRealm) { 
     this(); 
     setRealm(singleRealm); 
    } 

    @SuppressWarnings({"UnusedDeclaration"}) 
    public MyWebSecurityManager(Collection realms) { 
     this(); 
     setRealms(realms); 
    } 

    @Override 
    protected void onSuccessfulLogin(final AuthenticationToken token, final AuthenticationInfo info, final Subject subject) { 
     super.onSuccessfulLogin(token, info, subject); 

     logger.debug("onSuccessfulLogin"); 
     authenticationListener.onSuccess(token, info); 
    } 

    @Override 
    protected void onFailedLogin(final AuthenticationToken token, final AuthenticationException ae, final Subject subject) { 
     super.onFailedLogin(token, ae, subject); 

     logger.debug("onFailedLogin"); 
     authenticationListener.onFailure(token,ae); 
    } 

    @Override 
    protected void beforeLogout(final Subject subject) { 
     super.beforeLogout(subject); 

     logger.debug("beforeLogout"); 
     authenticationListener.onLogout(subject.getPrincipals()); 
    } 
} 

3.最後，綁定自己的安全管理器：

public class AuthenticationModule extends ShiroWebModule { 
    static Logger logger = LoggerFactory.getLogger(AuthenticationModule.class.getSimpleName()); 

    public AuthenticationModule(final ServletContext sc) { 
     super(sc); 
    } 

    @SuppressWarnings("unchecked") 
    @Override 
    protected void configureShiroWeb() { 
     logger.debug("Start to configure ShiroWeb..."); 

     bind(AuthenticationListener.class).to(AuthenticationListenerImpl.class); 
     ... 
     logger.debug("configuration ShiroWeb - done!"); 
    } 

    @Override 
    // !!!!!! Here it comes: 
    protected void bindWebSecurityManager(final AnnotatedBindingBuilder bind) { 
     try { 
      bind.toConstructor(MyWebSecurityManager.class.getConstructor(Collection.class)).asEagerSingleton(); 
     } catch (NoSuchMethodException e) { 
      throw new ConfigurationException("This really shouldn't happen. Either something has changed in Shiro, or there's a bug in ShiroModule.", e); 
     } 
    } 
} 

現在，重新啓動你應該會看到你的日誌消息後！

Answer 2

下面我將如何修改樣本 - 吉斯的SampleShiroServletModule在四郎項目：

public class SampleShiroServletModule extends ShiroWebModule { 

    @Override 
protected void configureShiroWeb() { 
    .... 

    final Multibinder<AuthenticationListener> listenerMultibinder = Multibinder.newSetBinder(binder(), AuthenticationListener.class); 
    listenerMultibinder.addBinding().to(MyAuthenticationListener.class); 

} 

@Override 
protected void bindWebSecurityManager(final AnnotatedBindingBuilder<? super WebSecurityManager> bind) { 
    bind.to(DefaultWebSecurityManager.class); 
} 

@Provides 
DefaultWebSecurityManager provideDefaultSecurityManager(final Collection<Realm> realms, final Set<AuthenticationListener> authenticationListeners) { 
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realms); 
    ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); 
    authenticator.setAuthenticationListeners(authenticationListeners); 
    securityManager.setAuthenticator(authenticator); 
    return securityManager; 
} 

}