基础依赖:

shiro-core,junit(因为在单元测试中)

test.class

public class AuthenticationTest {

    SimpleAccountRealm realm = new SimpleAccountRealm();

    @Before

    public void addUser(){

        realm.addAccount("mark","123456");

    }

    @Test

    public void testAuthentication(){

        //1.构建securityManager环境

        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        securityManager.setRealm(realm);

        //2.主体提交认证请求

        SecurityUtils.setSecurityManager(securityManager);

        Subject subject = SecurityUtils.getSubject();

        //获取主体之后,就提交认证

        UsernamePasswordToken token = new UsernamePasswordToken("mark","123456");

     //退出认证
        subject.login(token);

        System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());

     
//退出
subject.logout();
System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());
} }
//控制台
    是否认证成功isAuthenticated:true
//如果用户名不正确,报  
org.apache.shiro.authc.UnknownAccountException: Realm 
//如果密码不正确,报
org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token

授权检测         subject.checkRole("father");

SimpleAccountRealm realm = new SimpleAccountRealm();

    @Before

    public void addUser(){

        realm.addAccount("mark","123456","father");

    }

    @Test

    public void testAuthentication(){

        //1.构建securityManager环境

        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        securityManager.setRealm(realm);

        //2.主体提交认证请求

        SecurityUtils.setSecurityManager(securityManager);

        Subject subject = SecurityUtils.getSubject();

        //获取主体之后,就提交认证

        UsernamePasswordToken token = new UsernamePasswordToken("mark","123456");

        subject.login(token);

        //打印认证是否成功

        System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());

        //授权

        subject.checkRole("father");

        //退出

        subject.logout();

        System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());

    }

}

如果授权角色改为mother   ,则报错             org.apache.shiro.authz.UnauthorizedException: Subject does not have role [mother]

自定义IniRealm

public class IniRealmTest {

    IniRealm iniRealm=new IniRealm("classpath:user.ini");

    @Test

    public void testIniRealm(){

        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();

        defaultSecurityManager.setRealm(iniRealm);

        SecurityUtils.setSecurityManager(defaultSecurityManager);

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("admin", "admin");

        subject.login(token);

        System.out.println("自定义认证:"+subject.isAuthenticated());

        //subject.logout();

        //验证权限名字

        subject.checkRole("admin");

        //验证,权限名是否拥有该权限

        subject.checkPermission("user:delete");

        //验证,权限名是否拥有多种相应权限

        subject.checkPermissions("user:delete","user:update");

    }

}

user.ini配置文件

其位置:

[users]

#用户名,密码,权限名字

admin=admin,admin

[roles]

#权限名=(拥有)删除用户的权限

admin=user:delete,user:update

JdbcRealm

首先要添加:mysql、druid依赖

代码:

public class JdbcRealmTest {

    /*

        JdbcRealm需要访问数据

     */

    DruidDataSource dataSource=new DruidDataSource();

    {

        dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test");

        dataSource.setUsername("root");

        dataSource.setPassword("");

    }

    @Test

    public void testJdbcRealm(){

        JdbcRealm jdbcRealm=new JdbcRealm();

        jdbcRealm.setDataSource(dataSource);

        //1.构建securityManager环境

        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();

        defaultSecurityManager.setRealm(jdbcRealm);

        SecurityUtils.setSecurityManager(defaultSecurityManager);

        //2.获取主体  进行认证

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("admin","admin");

        subject.login(token);

        subject.isAuthenticated();

    }

}

数据库shiro-test,表users

SQL语句,在JdbcRealm.class默认写好

 深入,查询用户拥有的角色以及该角色拥有的权限

public class JdbcRealmTest {

    /*

        JdbcRealm需要访问数据

     */

    DruidDataSource dataSource=new DruidDataSource();

    {

        dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=utf-8&useSSL=false");

        dataSource.setUsername("root");

        dataSource.setPassword("");

    }

    @Test

    public void testJdbcRealm(){

        JdbcRealm jdbcRealm=new JdbcRealm();

        jdbcRealm.setDataSource(dataSource);

        //jdbc设置权限开关

        jdbcRealm.setPermissionsLookupEnabled(true);

        //1.构建securityManager环境

        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();

        defaultSecurityManager.setRealm(jdbcRealm);

        SecurityUtils.setSecurityManager(defaultSecurityManager);

        //2.获取主体  进行认证

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("admin","admin");

        subject.login(token);

        subject.isAuthenticated();

        subject.checkRole("admin");

        subject.checkRoles("admin","user");

        subject.checkPermission("user:select");

    }

}

注意:查询的表需要sql语句的表一致,不然报错

注意查询权限数据需jdbcrealm需开启权限开关

代码:  jdbcRealm.setPermissionsLookupEnabled(true);

哈哈哈,如果表名不一致,当然也可以啊,那就要手写SQL语句(也不难,抄袭而已)

SQL语句:

     //认证

        String sql_pwd="select password from test_user where username= ?";

        jdbcRealm.setAuthenticationQuery(sql_pwd);

        //认证 角色

        String sql_role="select role_name from test_user_roles where username=?";

        jdbcRealm.setUserRolesQuery(sql_role);

        //认证  权限

        String sql_per="select permission from test_roles_permissions where role_name=?";

        jdbcRealm.setPermissionsQuery(sql_per);

测试类

public class JdbcRealmSQL {

    //连接数据库

    DruidDataSource dataSource=new DruidDataSource();

    {

        dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=utf-8&useSSL=false");

        dataSource.setUsername("root");

        dataSource.setPassword("");

    }

    @Test

    public void testSql(){

        //自定义JdbcRealm

        JdbcRealm jdbcRealm = new JdbcRealm();

        jdbcRealm.setDataSource(dataSource);

        //开启权限设置开关

        jdbcRealm.setPermissionsLookupEnabled(true);

        /*

            下面是自定义sql语句,查询的是以test_开头的表

         模板语句

         "select password from users where username = ?";

         "select password, password_salt from users where username = ?";

         "select role_name from user_roles where username = ?";

         "select permission from roles_permissions where role_name = ?";

         */

        //认证

        String sql_pwd="select password from test_user where username= ?";

        jdbcRealm.setAuthenticationQuery(sql_pwd);

        //认证 角色

        String sql_role="select role_name from test_user_roles where username=?";

        jdbcRealm.setUserRolesQuery(sql_role);

        //认证  权限

        String sql_per="select permission from test_roles_permissions where role_name=?";

        jdbcRealm.setPermissionsQuery(sql_per);

        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();

        defaultSecurityManager.setRealm(jdbcRealm);

        SecurityUtils.setSecurityManager(defaultSecurityManager);

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","123456");

        //认证  登录

        subject.login(token);

        //认证 角色

        subject.checkRole("admin");

        subject.checkRoles("admin","user");

        //认证  权限

        subject.checkPermission("user:delete");

    }

}

最新文章

  1. [原创]Matlab2016b打包为C++的lib文件
  2. 使用css3的动画模拟太阳系行星公转
  3. [转载] 自定义百度网盘分享密码 (Javascript)
  4. JS变量和函数的一些理解
  5. python_如何建立包
  6. checkbox全选功能
  7. IOS中nil/Nil/NULL的区别
  8. 大体了解Lua的语法
  9. PHP内置函数
  10. 01:Hello, World!
  11. cocos2d-x anchorPoint
  12. HDU 4635 Strongly connected(强连通分量缩点+数学思想)
  13. STM8单片机启动流程彻底探究--基于IAR开发环境
  14. coursera_poj_魔兽世界终结版
  15. 浅谈JavaScript的面向对象程序设计(一)
  16. 用UltraISO制作CentOS U盘安装盘
  17. java写word转pdf
  18. cmd的变量总结
  19. grep -v、-e、-E
  20. 深入理解Java虚拟机读书笔记8----Java内存模型与线程

热门文章

  1. httpClinent工具类
  2. Flutter移动电商实战 --(11)首页_屏幕适配方案和制作
  3. 小D课堂 - 新版本微服务springcloud+Docker教程_5-04 feign结合hystrix断路器开发实战下
  4. Scrapy+redis实现分布式爬虫
  5. unieap 导出文档错误
  6. .Net Core WebApi上传图片的两种方式
  7. 《精通并发与Netty》学习笔记(02 - 服务端程序编写)
  8. 华三F100系列防火墙 、华为USG6300系列防火 GRE 隧道配置
  9. Javadoc文档生成工具-自定义版
  10. mysql数据库之索引与慢查询优化