shiro学习(一)
基础依赖:
shiro-core,junit(因为在单元测试中)
test.class
public class AuthenticationTest { SimpleAccountRealm realm = new SimpleAccountRealm(); @Before public void addUser(){ realm.addAccount("mark","123456"); } @Test public void testAuthentication(){ //1.构建securityManager环境 DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setRealm(realm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(securityManager); Subject subject = SecurityUtils.getSubject(); //获取主体之后,就提交认证 UsernamePasswordToken token = new UsernamePasswordToken("mark","123456"); //退出认证
subject.login(token); System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());
//退出
subject.logout();
System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated());
} }
//控制台
是否认证成功isAuthenticated:true
//如果用户名不正确,报
org.apache.shiro.authc.UnknownAccountException: Realm
//如果密码不正确,报
org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token
授权检测 subject.checkRole("father");
SimpleAccountRealm realm = new SimpleAccountRealm(); @Before public void addUser(){ realm.addAccount("mark","123456","father"); } @Test public void testAuthentication(){ //1.构建securityManager环境 DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setRealm(realm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(securityManager); Subject subject = SecurityUtils.getSubject(); //获取主体之后,就提交认证 UsernamePasswordToken token = new UsernamePasswordToken("mark","123456"); subject.login(token); //打印认证是否成功 System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated()); //授权 subject.checkRole("father"); //退出 subject.logout(); System.out.println("是否认证成功isAuthenticated:" + subject.isAuthenticated()); } }
如果授权角色改为mother ,则报错 org.apache.shiro.authz.UnauthorizedException: Subject does not have role [mother]
自定义IniRealm
public class IniRealmTest { IniRealm iniRealm=new IniRealm("classpath:user.ini"); @Test public void testIniRealm(){ DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(iniRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("admin", "admin"); subject.login(token); System.out.println("自定义认证:"+subject.isAuthenticated()); //subject.logout(); //验证权限名字 subject.checkRole("admin"); //验证,权限名是否拥有该权限 subject.checkPermission("user:delete"); //验证,权限名是否拥有多种相应权限 subject.checkPermissions("user:delete","user:update"); } }
user.ini配置文件
其位置:
[users] #用户名,密码,权限名字 admin=admin,admin [roles] #权限名=(拥有)删除用户的权限 admin=user:delete,user:update
JdbcRealm
首先要添加:mysql、druid依赖
代码:
public class JdbcRealmTest { /* JdbcRealm需要访问数据 */ DruidDataSource dataSource=new DruidDataSource(); { dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test"); dataSource.setUsername("root"); dataSource.setPassword(""); } @Test public void testJdbcRealm(){ JdbcRealm jdbcRealm=new JdbcRealm(); jdbcRealm.setDataSource(dataSource); //1.构建securityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); //2.获取主体 进行认证 Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("admin","admin"); subject.login(token); subject.isAuthenticated(); } }
数据库shiro-test,表users
SQL语句,在JdbcRealm.class默认写好
深入,查询用户拥有的角色以及该角色拥有的权限
public class JdbcRealmTest { /* JdbcRealm需要访问数据 */ DruidDataSource dataSource=new DruidDataSource(); { dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=utf-8&useSSL=false"); dataSource.setUsername("root"); dataSource.setPassword(""); } @Test public void testJdbcRealm(){ JdbcRealm jdbcRealm=new JdbcRealm(); jdbcRealm.setDataSource(dataSource); //jdbc设置权限开关 jdbcRealm.setPermissionsLookupEnabled(true); //1.构建securityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); //2.获取主体 进行认证 Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("admin","admin"); subject.login(token); subject.isAuthenticated(); subject.checkRole("admin"); subject.checkRoles("admin","user"); subject.checkPermission("user:select"); } }
注意:查询的表需要sql语句的表一致,不然报错
注意查询权限数据需jdbcrealm需开启权限开关
代码: jdbcRealm.setPermissionsLookupEnabled(true);
哈哈哈,如果表名不一致,当然也可以啊,那就要手写SQL语句(也不难,抄袭而已)
SQL语句:
//认证 String sql_pwd="select password from test_user where username= ?"; jdbcRealm.setAuthenticationQuery(sql_pwd); //认证 角色 String sql_role="select role_name from test_user_roles where username=?"; jdbcRealm.setUserRolesQuery(sql_role); //认证 权限 String sql_per="select permission from test_roles_permissions where role_name=?"; jdbcRealm.setPermissionsQuery(sql_per);
测试类
public class JdbcRealmSQL { //连接数据库 DruidDataSource dataSource=new DruidDataSource(); { dataSource.setUrl("jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=utf-8&useSSL=false"); dataSource.setUsername("root"); dataSource.setPassword(""); } @Test public void testSql(){ //自定义JdbcRealm JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(dataSource); //开启权限设置开关 jdbcRealm.setPermissionsLookupEnabled(true); /* 下面是自定义sql语句,查询的是以test_开头的表 模板语句 "select password from users where username = ?"; "select password, password_salt from users where username = ?"; "select role_name from user_roles where username = ?"; "select permission from roles_permissions where role_name = ?"; */ //认证 String sql_pwd="select password from test_user where username= ?"; jdbcRealm.setAuthenticationQuery(sql_pwd); //认证 角色 String sql_role="select role_name from test_user_roles where username=?"; jdbcRealm.setUserRolesQuery(sql_role); //认证 权限 String sql_per="select permission from test_roles_permissions where role_name=?"; jdbcRealm.setPermissionsQuery(sql_per); DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","123456"); //认证 登录 subject.login(token); //认证 角色 subject.checkRole("admin"); subject.checkRoles("admin","user"); //认证 权限 subject.checkPermission("user:delete"); } }
表
