package com.sxt.shiro;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* shiro的认证使用shiro.ini文件
*
* @author LJH
*
*/
@SuppressWarnings("deprecation")
public class TestAuthenticationApp {
// 日志输出工具
private static final transient Logger log = LoggerFactory.getLogger(TestAuthenticationApp.class);
public static void main(String[] args) {
String username = "zhangsan";
String password = "123456";
log.info("My First Apache Shiro Application");
// 1,创建安全管理器的工厂对象 org.apache.shiro.mgt.SecurityManager;
// 不能使用java.lang.SecurityManager
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
// 2,使用工厂创建安全管理器
DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance();
// 3,创建UserRealm
// UserRealm realm = new UserRealm();
// 4,给securityManager注入userRealm
// securityManager.setRealm(realm);
// 6,把当前的安全管理器绑定当到线的线程
SecurityUtils.setSecurityManager(securityManager);
// 7,使用SecurityUtils.getSubject得到主体对象
Subject subject = SecurityUtils.getSubject();
// 8,封装用户名和密码
AuthenticationToken token = new UsernamePasswordToken(username, password);
// 9,得到认证
try {
subject.login(token);
System.out.println("认证通过");
Object principal = subject.getPrincipal();
System.out.println(principal);
} catch (IncorrectCredentialsException e) {
System.out.println("密码不正确");
} catch (UnknownAccountException e) {
System.out.println("用户名不存在");
}
// 角色判断
boolean hasRole1 = subject.hasRole("role1");
System.out.println("是否有role1的角色:" + hasRole1);
boolean permitted = subject.isPermitted("user:query");
System.out.println(permitted);
}
}
[main]
#创建userRealm对象
userRealm=com.sxt.realm.UserRealm
#把当前对象给安全管理器
#securityManager=org.apache.shiro.mgt.DefaultSecurityManager
securityManager.realm=$userRealm
package com.sxt.realm;
import java.util.Collection;
import java.util.List;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import com.sxt.domain.ActiverUser;
import com.sxt.domain.User;
import com.sxt.service.PermissionService;
import com.sxt.service.RoleService;
import com.sxt.service.UserService;
import com.sxt.service.imp.PermissionServiceImpl;
import com.sxt.service.imp.RoleServiceImpl;
import com.sxt.service.imp.UserServiceImpl;
public class UserRealm extends AuthorizingRealm {
private UserService userService=new UserServiceImpl();
private RoleService roleService =new RoleServiceImpl();
private PermissionService permissionService=new PermissionServiceImpl();
/**
* 做认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username=token.getPrincipal().toString();
token.getCredentials();
System.out.println(username);
/**
* 以前登陆的逻辑是 把用户和密码全部发到数据库 去匹配
* 在shrio里面是先根据用户名把用户对象查询出来,再来做密码匹配
*/
User user=userService.queryUserByUserName(username);
if(null!=user) {
List<String> roles=roleService.queryRoleByUserName(user.getUsername());
List<String> permissions=permissionService.queryPermissionByUserName(user.getUsername());
ActiverUser activerUser=new ActiverUser(user, roles, permissions);
/**
* 参数说明
* 参数1:可以传到任意对象
* 参数2:从数据库里面查询出来的密码
* 参数3:当前类名
*/
SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activerUser, user.getPwd(), this.getName());
return info;
}else {
//用户不存在 shiro会抛 UnknowAccountException
return null;
}
}
/**
* 作授权
*
* 参数说明
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
ActiverUser activerUser = (ActiverUser) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
//添加角色
Collection<String> roles=activerUser.getRoles();
if(null!=roles&&roles.size()>0) {
info.addRoles(roles);
}
Collection<String> permissions=activerUser.getPermissions();
//添加权限
if(null!=permissions&&permissions.size()>0) {
info.addStringPermissions(permissions);
}
// if(activerUser.getUser().getType()==0) {
// info.addStringPermission("*:*");
// }
return info;
}
}
浙公网安备 33010602011771号