package com.blb.app;
import com.blb.realm.CustomerRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.Scanner;
@Component
public class MainApp {
private static Scanner scanner=new Scanner(System.in);
@Autowired
private DefaultSecurityManager securityManager;
public void run()
{
try {
System.out.println("欢迎使用本系统");
System.out.println("请输入用户名");
String uname = scanner.next();
System.out.println("请输入密码");
String upwd = scanner.next();
//认证
//MVC模式
//安全管理器 设置规则
//为安全管理器设置规则
//realm 就是 数据库用户数据 文件里面的用户数据 用户集 规则
//使用不同的realm来满足不同的需求
//设置一下密码的规则
SecurityUtils.setSecurityManager(securityManager);
//认证主体 用户
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(uname, upwd);
//为我们当前认证的主体,要为他设置用户名和密码
subject.login(token);
System.out.println("用户登陆成功");
//1.关联 2.认证
//disabled
//hidden
boolean user = subject.isPermitted("user");
System.out.println(user);
boolean supermanager = subject.hasRole("超级管理员");
System.out.println(supermanager);
}catch (IncorrectCredentialsException e)
{
e.printStackTrace();
System.out.println("密码错误!");
}catch (UnknownAccountException e)
{
e.printStackTrace();
System.out.println("当前系统没有该用户");
}
}
}
package com.blb.realm;
import com.blb.common.Assist;
import com.blb.entity.Users;
import com.blb.mapper.RolesMapper;
import com.blb.mapper.UserRolesMapper;
import com.blb.mapper.UsersMapper;
import com.blb.service.UsersService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import java.util.List;
@Component
public class CustomerRealm extends AuthorizingRealm {
@Autowired
@Qualifier("usersMapper")
private UsersMapper usersMapper;
@Autowired
private UserRolesMapper userRolesMapper;
@Autowired
private RolesMapper rolesMapper;
{
HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("MD5");
hashedCredentialsMatcher.setHashIterations(1024);
this.setCredentialsMatcher(hashedCredentialsMatcher);
}
//javafx
//授权
//1.RBAC
//2.RBAC
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
String username = (String)principalCollection.getPrimaryPrincipal();
Assist assist=new Assist();
assist.setRequires(Assist.and_eq("username",username));
List<Users> users = usersMapper.selectUsers(assist);
if(!CollectionUtils.isEmpty(users)) {
Users user = users.get(0);
}
SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
authorizationInfo.addRole("管理员");
authorizationInfo.addStringPermission("user");
authorizationInfo.addStringPermission("user:add");
authorizationInfo.addStringPermission("user:delete");
return authorizationInfo;
}
//认证 只能返回一条数据 我们一般会把人证通过的信息 保存 在这个对象中
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken)token;
String username=upToken.getUsername();
Assist assist=new Assist();
assist.setRequires(Assist.and_eq("username",username));
List<Users> users = usersMapper.selectUsers(assist);
if(!CollectionUtils.isEmpty(users)) {
Users user = users.get(0);
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username, user.getPassword(),ByteSource.Util.bytes(user.getSalt()), this.getName());
return simpleAuthenticationInfo;
}
//在这里 我们获取的用户名和密码应该是加密过的数 据
//加密后的数据和数据库的数据做比较就可以了
// String sql="select * from users where uname="+upToken.getUsername()+"and upwd="+upToken.getPassword();
//如果在当前的方法中返回非空的对象 表示认证成功
//否则认证失败
//如果按照上面的写法 认证永远失败
// 小花匠 e6d3ae1d4a762c2f1cf44d2bb014204b 643087041@qq.com hidden 1324287105 10f709 60027808
return null;
}
}