PS:
Authenticator:用来认证登录这些
Authrizer:对于权限进行管理
SessionManager/SessionDao:对Session进行相关操作
CacheManager:是对缓存进行管理
Cryptography:加密管理
-------------------------------
Realms: 是链接数据库的桥梁
<!-- shiro安全框架,maven导入 --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.0</version> </dependency>
package com.beet.test.HelloQuartz; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.SimpleAccountRealm; import org.apache.shiro.subject.Subject; import org.junit.Before; import org.junit.Test; public class AuthencationTest { SimpleAccountRealm simpleAccountRealm =new SimpleAccountRealm();
// JdbcRealm realm = new JdbcRealm();
/**
* 添加账户,到时候可以加载数据库
*/
@Before public void addUser(){ simpleAccountRealm.addAccount("bee", "123456");//提前注册一个账户 } @Test public void testAuthencationTest(){ //1.构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(simpleAccountRealm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("bee", "123456"); subject.login(token); System.out.println("isAuthencation--"+subject.isAuthenticated()); subject.logout(); System.out.println("isAuthencation--"+subject.isAuthenticated()); } }
isAuthencation--true
isAuthencation--false
package com.beet.test.HelloQuartz; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.SimpleAccountRealm; import org.apache.shiro.subject.Subject; import org.junit.Before; import org.junit.Test; public class AuthencationTest { SimpleAccountRealm simpleAccountRealm =new SimpleAccountRealm(); @Before public void addUser(){ simpleAccountRealm.addAccount("bee", "123456","admin");//提前注册一个账户 } @Test public void testAuthencationTest(){ //1.构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(simpleAccountRealm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("bee", "123456"); subject.login(token); System.out.println("isAuthencation--"+subject.isAuthenticated()); //检查权限 subject.checkRoles("admin"); subject.logout(); System.out.println("isAuthencation--"+subject.isAuthenticated()); } }
IniRealm
[users]
bee=123456,role1
[roles]
role1=user:delete,user:select
package com.beet.test.HelloQuartz; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.junit.Test; public class IniRealmTest { @Test public void testAuthencationTest(){ IniRealm iniRealm = new IniRealm("classpath:user.ini"); //1.构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(iniRealm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("bee", "123456"); subject.login(token); System.out.println("isAuthencation--"+subject.isAuthenticated()); subject.checkRole("role1");//是否有这个角色 subject.checkPermission("user:delete");//是否有这个权限 subject.logout(); System.out.println("isAuthencation--"+subject.isAuthenticated()); } }
JdbcRealm
1.maven 2.数据库加表
<!-- mysql数据库驱动 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.45</version>
</dependency>
<!-- 数据库配置 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.6</version>
</dependency>
package com.beet.test.HelloQuartz; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.junit.Test; import com.alibaba.druid.pool.DruidDataSource; public class JdbcRelamTest { DruidDataSource dataSource = new DruidDataSource(); { dataSource.setUrl("jdbc:mysql://localhost:3306/test"); dataSource.setUsername("root"); dataSource.setPassword("root"); } @Test public void testAuthencationTest(){ JdbcRealm jdbcRelam = new JdbcRealm(); jdbcRelam.setDataSource(dataSource); jdbcRelam.setPermissionsLookupEnabled(true);//记得把这个开关开启 String sql = "select password from test_user where user_name = ?"; jdbcRelam.setAuthenticationQuery(sql);//执行自己的查询语句 //1.构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRelam); // defaultSecurityManager.setr //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("bee", "123456"); subject.login(token); System.out.println("isAuthencation--"+subject.isAuthenticated()); subject.checkRole("role1");//是否有这个角色 subject.checkPermission("user:delete");//是否有这个权限 subject.logout(); System.out.println("isAuthencation--"+subject.isAuthenticated()); } }
package com.beet.test.HelloQuartz; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.junit.Test; public class IniRealmTest { @Test public void testAuthencationTest(){ IniRealm iniRealm = new IniRealm("classpath:user.ini"); //1.构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(iniRealm); // 加密 /*HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); matcher.setHashAlgorithmName("md5"); matcher.setHashIterations(1);//加密次数 iniRealm.setCredentialsMatcher(matcher);*/ //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("bee", "123456"); subject.login(token); System.out.println("isAuthencation--"+subject.isAuthenticated()); subject.checkRole("role1");//是否有这个角色 subject.checkPermission("user:delete");//是否有这个权限 subject.logout(); System.out.println("isAuthencation--"+subject.isAuthenticated()); } }
PS:在springmvc中,注解添加角色,只有admin1角色才能访问
PS:验证的东西 可以直接放在缓存中,然后就不会浪费数据库资源