Shiro----1.自定义realm登录登出
|
ShiroTest
|
MyRealm
|
shiro-realm.ini
|
|
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.junit.Test;
/**
* @Auther:
* @Date: 2019/4/25
* @Description: cn.sunlight
* @version: 1.0
*/
public class ShiroTest{
@Test
public void testshiro(){
//1.创建SecurityManager工厂类对象:价值配置文件,创建工厂类对象
//SecurityManager对应的包是org.apache.shiro.mgt.SecurityManager;
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro-realm.ini");
//2.通过工厂类对象创建SecurityManager对象
SecurityManager securityManager = factory.getInstance();
//3.将SecurityManager绑定到当前运行环境中,让系统随时随地都可以访问SecurityManager对象
SecurityUtils.setSecurityManager(securityManager);
//4.创建当前登录的主体。注意:此时主体没有经过认证
Subject subject = SecurityUtils.getSubject();
//5.手机主题的身份/凭证,即账号密码
//参数1:将要登录的用户名, 参数2:登录用户的密码
UsernamePasswordToken token = new UsernamePasswordToken("zhangsan","666");
try {
subject.login(token);
} catch (Exception e) {
}
//7.判断是否登录成功
System.out.println("验证登录是否成功:"+subject.isAuthenticated());
//8.判断登出是否成功
subject.logout();
System.out.println("验证登出是否成功:"+subject.isAuthenticated());
}
}
|
package cn.sunlight;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
/**
* @Auther:
* @Date: 2019/4/26
* @Description: cn.sunlight
* @version: 1.0
*/
public class MyRealm extends AuthorizingRealm{
public String getName() {
return "MyRealm";
}
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//参数token:表示登录时包装的UsernamePasswordToken
//通过用户名到数据库中查用户信息,封装成一个AuthenticationInfo对象返回账户与密码;
//获取token中的用户名
String username = (String) token.getPrincipal();
//通过用户名查询数据库,将改用户对应数据查询返回:账户与密码
if (!"zhangsan".equals(username)) {
return null;
}
String passord = "666";
//info对象表示realm登录对比信息:参数1:用户信息(真实登录对象USER对象) 参数2:密码 参数3:当前Realm名字
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,passord,getName());
return info;
}
}
|
#自定义realm,myrealmm=路径
myRealm= cn.sunlight.MyRealm
#制定securityManagerd的realm实现
securityManager.realms=$myRealm
|
浙公网安备 33010602011771号