Shiro认证过程

创建SecurityManager---》主体提交认证---》SecurityManager认证---》Authenticsto认证---》Realm验证

Shiro授权过程

创建SecurityManager---》主体授权---》ecurityManager授权---》Authorizer授权---》Realm获取角色权限数据

1.pom.xml

<?xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0"

         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

    <parent>

        <artifactId>ylht-shiro</artifactId>

        <groupId>com.ylht</groupId>

        <version>1.0-SNAPSHOT</version>

    </parent>

    <modelVersion>4.0.0</modelVersion>

    <artifactId>shiro-test</artifactId>

    <dependencies>

        <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core -->

        <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-core</artifactId>

            <version>1.4.0</version>

        </dependency>

        <!-- https://mvnrepository.com/artifact/junit/junit -->

        <dependency>

            <groupId>junit</groupId>

            <artifactId>junit</artifactId>

            <version>4.7</version>

            <scope>test</scope>

        </dependency>

        <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->

        <dependency>

            <groupId>mysql</groupId>

            <artifactId>mysql-connector-java</artifactId>

            <version>5.1.45</version>

        </dependency>

        <!-- https://mvnrepository.com/artifact/com.alibaba/druid -->

        <dependency>

            <groupId>com.alibaba</groupId>

            <artifactId>druid</artifactId>

            <version>1.1.6</version>

        </dependency>

    </dependencies>

</project>

2.自定义realm(自定义realm可以的编写可以参考源码)

package com.ylht.shiro.realm;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.AuthorizingRealm;

import org.apache.shiro.subject.PrincipalCollection;

import org.apache.shiro.util.ByteSource;

import java.util.HashMap;

import java.util.HashSet;

import java.util.Map;

import java.util.Set;

public class CustomerRealm extends AuthorizingRealm {

    {

        super.setName("customRealm");

    }

    //该方法用来授权

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        //1.从认证信息中获取用户名

        String username = (String) principalCollection.getPrimaryPrincipal();

        //2.从数据库或者缓存中获取用户角色数据

        Set<String> roles = getRolesByUserName(username);

        //3.从数据库或者缓存中获取用户权限数据

        Set<String> permissions = getPermissionsByUserName(username);

        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        simpleAuthorizationInfo.setRoles(roles);

        simpleAuthorizationInfo.setStringPermissions(permissions);

        return simpleAuthorizationInfo;

    }

    //该方法用来认证

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        //1.从认证信息中获取用户名

        String username = (String) authenticationToken.getPrincipal();

        //2.通过用户名到数据库中获取凭证

        String password = getPwdByUserName(username);

        if (null == password) {

            return null;

        }

        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(

                username, password, "customRealm");

        simpleAuthenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("zzz"));

        return simpleAuthenticationInfo;

    }

    //模拟数据库

    private String getPwdByUserName(String username) {

        Map<String, String> userMap = new HashMap<String, String>(16);

        userMap.put("kk", "bdd170a94d02707687abc802b2618e19");

        return userMap.get(username);

    }

    //模拟数据库

    private Set<String> getRolesByUserName(String username) {

        Set<String> sets = new HashSet<String>();

        sets.add("admin");

        sets.add("user");

        return sets;

    }

    //模拟数据库

    private Set<String> getPermissionsByUserName(String username) {

        Set<String> sets = new HashSet<String>();

        sets.add("user:select");

        sets.add("user:update");

        return sets;

    }

}

3.测试类(加密方式,盐等)

package com.ylht.shiro.test;

import com.ylht.shiro.realm.CustomerRealm;

import org.apache.shiro.SecurityUtils;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;

import org.apache.shiro.authz.AuthorizationException;

import org.apache.shiro.crypto.hash.Md5Hash;

import org.apache.shiro.mgt.DefaultSecurityManager;

import org.apache.shiro.subject.Subject;

import org.junit.Test;

public class CustomRealmTest {

    @Test

    public void testCustomRealm() {

        //创建JdbcRealm对象

        CustomerRealm customerRealm = new CustomerRealm();

        //设置JdbcRealm属性

        //1.创建SecurityManager对象

        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        //securityManager对象设置realm

        securityManager.setRealm(customerRealm);

        //shiro加密

        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();

        //加密方式

        matcher.setHashAlgorithmName("md5");

        //加密次数

        matcher.setHashIterations(2);

        //customerRealm设置matcher

        customerRealm.setCredentialsMatcher(matcher);

        //2.主题提交认证

        SecurityUtils.setSecurityManager(securityManager);

        Subject subject = SecurityUtils.getSubject();

        //token

        UsernamePasswordToken token = new UsernamePasswordToken("kk", "123456", false);

        //认证

        subject.login(token);

        boolean flag = subject.isAuthenticated();

        if (flag) {

            System.out.println("用户认证通过");

        } else {

            System.out.println("用户认证失败");

        }

        //角色验证

        try {

            subject.checkRole("admin");

            System.out.println("角色验证通过");

        } catch (AuthorizationException e) {

            System.out.println("角色验证失败");

            e.printStackTrace();

        }

        //角色权限验证

        try {

            subject.checkPermission("user:select");

            System.out.println("角色权限验证通过");

        } catch (AuthorizationException e) {

            System.out.println("角色权限验证失败");

            e.printStackTrace();

        }

    }

    public static void main(String[] args) {

        //Md5Hash md5Hash = new Md5Hash("123456","zzz");

        Md5Hash md5Hash = new Md5Hash("123456");

        System.out.println(md5Hash);

        Md5Hash md5Hash1 = new Md5Hash(md5Hash);

        System.out.println(md5Hash1.toString());

    }

}

最新文章

  1. Visulalization Voronoi in OpenSceneGraph
  2. 软件工程(FZU2015)赛季得分榜,第10回合(alpha冲刺)
  3. AAS代码运行-第11章-1
  4. NVIDIA CuDNN 安装说明
  5. 关于 CAS 不能登录的问题
  6. JAVA题 矩形
  7. 【avalon源码】scpCompile
  8. Python使用re实现计算器
  9. 关于system(”pause“);的作用和意义
  10. docs
  11. git笔记之解决eclipse不能提交jar等文件的问题
  12. asp.net mvc 上传附件验证
  13. centos7下创建数据库和用户
  14. ##4.Glance 镜像服务-- openstack pike
  15. node版本管理工具nvm安装以及使用
  16. 【Algorithm | 链表】单链表“环”、“环的起点”、“环的长度”问题
  17. Jmeter(三十四)Jmeter-Question之“Cookie获取”
  18. [UE4]蓝图继承方法:重写父类方法时,增加父类方法调用
  19. yield, async
  20. POI Excel表格合并,边框设置

热门文章

  1. Intel Chipsets
  2. Raspberry Pi For Windows
  3. centos 7.xx 安装LAMP环境
  4. python -- day 11 考试题
  5. SLG, 菱形格子的算法.(递归版
  6. ElasticSearch远程随意代码运行漏洞(CVE-2014-3120)分析
  7. Tomcat启动报:invalid LOC header (bad signature)的问题
  8. “There&#39;s no Qt version assigned to this project for platform ” - visual studio plugin for Qt
  9. 开发工具、Object类(java基础知识十一)
  10. Android自定义控件实现带有清除按钮的EditText