shiro入门示例

扫码查看

一、pom引入maven依赖

<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<!-- https://mvnrepository.com/artifact/commons-logging/commons-logging -->
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.3.2</version>
</dependency>
</dependencies>

  

二、从ini文件获取用户名密码

shiro.ini文件
[users]
admin=123456
 
单元测试:
@Test
public void demoIni(){
//init配置文件初始化SecurityManager工厂
Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123456"); try{
subject.login(token);
}catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout();
}

 

三、自定义realm

1.自定义myRealm
public class myRealm1 implements Realm {
public String getName() {
return "myRealm1";
} public boolean supports(AuthenticationToken authenticationToken) {
return authenticationToken instanceof UsernamePasswordToken;
} public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username=(String)token.getPrincipal();
String password=new String((char[])token.getCredentials()); if(!username.equals("admin")){
throw new UnknownAccountException();
} if(!password.equals("123456")){
throw new IncorrectCredentialsException();
} return new SimpleAuthenticationInfo(username,password,getName());
}
}

 

2.shiro-realm.init配置文件
[main]
myrealm=realms.myRealm1
securityManager.realms=$myrealm 
说明:
  • 变量名=全限定类名会自动创建一个类实例
  • 变量名.属性=值 自动调用相应的setter方法进行赋值
  • $变量名 引用之前的一个对象实例
 
3.单元测试
@Test
public void demoCustomRealm(){
//init配置文件初始化SecurityManager工厂
Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123456"); try{
subject.login(token);
}catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout();
}

三、jdbc realm

1.还需要引入依赖
<!--jdbcrealm依赖 start-->
<!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>6.0.6</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.alibaba/druid -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.3</version>
</dependency>
<!--jdbcrealm依赖 end-->

  2.sql

use cathycms;

create table users (
id bigint auto_increment,
username varchar(100),
password varchar(100),
password_salt varchar(100),
constraint pk_users primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_users_username on users(username); create table user_roles(
id bigint auto_increment,
username varchar(100),
role_name varchar(100),
constraint pk_user_roles primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_user_roles on user_roles(username, role_name); create table roles_permissions(
id bigint auto_increment,
role_name varchar(100),
permission varchar(100),
constraint pk_roles_permissions primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_roles_permissions on roles_permissions(role_name, permission); insert into users(username,password)values('admin','123');

  

3.ini配置文件
[main]
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/cathycms
dataSource.username=root
dataSource.password=root
jdbcRealm.dataSource=$dataSource
securityManager.realms=$jdbcRealm

  

4.单元测试
@Test
public void demoJdbcRealm(){
//init配置文件初始化SecurityManager工厂
Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123"); try{
subject.login(token);
}catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout();
}

  

 
参考资料:说起shiro,最好的教程必须是张开涛老师的《跟我学shiro系列》
04-26 16:53
查看更多