package com.sxt.shiro; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.config.IniSecurityManagerFactory; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.subject.Subject; import org.apache.shiro.util.Factory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * shiro的认证使用shiro.ini文件 * * @author LJH * */ @SuppressWarnings("deprecation") public class TestAuthenticationApp { // 日志输出工具 private static final transient Logger log = LoggerFactory.getLogger(TestAuthenticationApp.class); public static void main(String[] args) { String username = "zhangsan"; String password = "123456"; log.info("My First Apache Shiro Application"); // 1,创建安全管理器的工厂对象 org.apache.shiro.mgt.SecurityManager; // 不能使用java.lang.SecurityManager Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); // 2,使用工厂创建安全管理器 DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance(); // 3,创建UserRealm // UserRealm realm = new UserRealm(); // 4,给securityManager注入userRealm // securityManager.setRealm(realm); // 6,把当前的安全管理器绑定当到线的线程 SecurityUtils.setSecurityManager(securityManager); // 7,使用SecurityUtils.getSubject得到主体对象 Subject subject = SecurityUtils.getSubject(); // 8,封装用户名和密码 AuthenticationToken token = new UsernamePasswordToken(username, password); // 9,得到认证 try { subject.login(token); System.out.println("认证通过"); Object principal = subject.getPrincipal(); System.out.println(principal); } catch (IncorrectCredentialsException e) { System.out.println("密码不正确"); } catch (UnknownAccountException e) { System.out.println("用户名不存在"); } // 角色判断 boolean hasRole1 = subject.hasRole("role1"); System.out.println("是否有role1的角色:" + hasRole1); boolean permitted = subject.isPermitted("user:query"); System.out.println(permitted); } }
[main] #创建userRealm对象 userRealm=com.sxt.realm.UserRealm #把当前对象给安全管理器 #securityManager=org.apache.shiro.mgt.DefaultSecurityManager securityManager.realm=$userRealm
package com.sxt.realm; import java.util.Collection; import java.util.List; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import com.sxt.domain.ActiverUser; import com.sxt.domain.User; import com.sxt.service.PermissionService; import com.sxt.service.RoleService; import com.sxt.service.UserService; import com.sxt.service.imp.PermissionServiceImpl; import com.sxt.service.imp.RoleServiceImpl; import com.sxt.service.imp.UserServiceImpl; public class UserRealm extends AuthorizingRealm { private UserService userService=new UserServiceImpl(); private RoleService roleService =new RoleServiceImpl(); private PermissionService permissionService=new PermissionServiceImpl(); /** * 做认证 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username=token.getPrincipal().toString(); token.getCredentials(); System.out.println(username); /** * 以前登陆的逻辑是 把用户和密码全部发到数据库 去匹配 * 在shrio里面是先根据用户名把用户对象查询出来,再来做密码匹配 */ User user=userService.queryUserByUserName(username); if(null!=user) { List<String> roles=roleService.queryRoleByUserName(user.getUsername()); List<String> permissions=permissionService.queryPermissionByUserName(user.getUsername()); ActiverUser activerUser=new ActiverUser(user, roles, permissions); /** * 参数说明 * 参数1:可以传到任意对象 * 参数2:从数据库里面查询出来的密码 * 参数3:当前类名 */ SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activerUser, user.getPwd(), this.getName()); return info; }else { //用户不存在 shiro会抛 UnknowAccountException return null; } } /** * 作授权 * * 参数说明 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ActiverUser activerUser = (ActiverUser) principals.getPrimaryPrincipal(); SimpleAuthorizationInfo info=new SimpleAuthorizationInfo(); //添加角色 Collection<String> roles=activerUser.getRoles(); if(null!=roles&&roles.size()>0) { info.addRoles(roles); } Collection<String> permissions=activerUser.getPermissions(); //添加权限 if(null!=permissions&&permissions.size()>0) { info.addStringPermissions(permissions); } // if(activerUser.getUser().getType()==0) { // info.addStringPermission("*:*"); // } return info; } }