Cacher is the code snippet organizer for pro developers

<-- shiro-web.jar shiro-core.jar shiro-spring.jar -->
<bean id="basicRealm" class="com.finshope.realm.BasicRealm" />
	<bean id="securityManager"
		class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
		<property name="realm" ref="basicRealm"></property>
	</bean>

	<bean id="shiroFilter"
		class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
		<property name="securityManager" ref="securityManager"></property>
		<property name="loginUrl" value="/login"></property>
		<property name="unauthorizedUrl" value="refuse.html"></property>
		<property name="filterChainDefinitions">
			<value>
				/css/** = anon
				/refuse.html = anon
				/logout = logout
				/** = authc
			</value>
		</property>
	</bean>

<filter>
		<filter-name>shiroFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
		<init-param>
			<param-name>targetFilterLifecycle</param-name>
			<param-value>true</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>shiroFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

import javax.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class LoginController {

	@RequestMapping("/login")
	public ModelAndView login(HttpServletRequest request) {
		ModelAndView mv = new ModelAndView();
		
		mv.addObject("msg", request.getAttribute("shiroLoginFailure"));
		
		mv.setViewName("/login.jsp");
		return mv;
	}
}

public class BasicRealm extends AuthorizingRealm {

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		Object primaryPrincipal = principals.getPrimaryPrincipal();
//		System.out.println("principals: " + principals);
//		System.out.println("primaryPrincipal: " + primaryPrincipal);
//		System.out.println("reamlNames: " + principals.getRealmNames());
		SimpleAuthorizationInfo ai = new SimpleAuthorizationInfo();
		Collection<String> permissions = new ArrayList<>();
		if (primaryPrincipal.equals("a")) {
			permissions.add("user:insert");
			permissions.add("user:update");
			ai.addRole("role1");
			ai.addRole("role2");
		} else if (primaryPrincipal.equals("b")) {
			permissions.add("user:insert");
			ai.addRole("role1");
		}
		ai.addStringPermissions(permissions);

		return ai;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		Object principal = token.getPrincipal();
		if (!principal.equals("a") && !principal.equals("b"))
			return null;
		Object credentials;
		if (principal.equals("a"))
			credentials = "aaa";
		else
			credentials = "bbb";
		AuthenticationInfo ai = new SimpleAuthenticationInfo(principal, credentials, super.getName());
		return ai;
	}

}