一、pom引入maven依赖
<dependencies> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging --> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.3.2</version> </dependency> </dependencies>
二、从ini文件获取用户名密码
shiro.ini文件
[users] admin=123456
单元测试:
@Test public void demoIni(){ //init配置文件初始化SecurityManager工厂 Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro.ini"); SecurityManager securityManager=factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject(); UsernamePasswordToken token=new UsernamePasswordToken("admin","123456"); try{ subject.login(token); }catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout(); }
三、自定义realm
1.自定义myRealm
public class myRealm1 implements Realm { public String getName() { return "myRealm1"; } public boolean supports(AuthenticationToken authenticationToken) { return authenticationToken instanceof UsernamePasswordToken; } public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username=(String)token.getPrincipal(); String password=new String((char[])token.getCredentials()); if(!username.equals("admin")){ throw new UnknownAccountException(); } if(!password.equals("123456")){ throw new IncorrectCredentialsException(); } return new SimpleAuthenticationInfo(username,password,getName()); } }
2.shiro-realm.init配置文件
[main] myrealm=realms.myRealm1 securityManager.realms=$myrealm
说明:
- 变量名=全限定类名会自动创建一个类实例
- 变量名.属性=值 自动调用相应的setter方法进行赋值
- $变量名 引用之前的一个对象实例
3.单元测试
@Test public void demoCustomRealm(){ //init配置文件初始化SecurityManager工厂 Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini"); SecurityManager securityManager=factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject(); UsernamePasswordToken token=new UsernamePasswordToken("admin","123456"); try{ subject.login(token); }catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout(); }
三、jdbc realm
1.还需要引入依赖
<!--jdbcrealm依赖 start--> <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>6.0.6</version> </dependency> <!-- https://mvnrepository.com/artifact/com.alibaba/druid --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.3</version> </dependency> <!--jdbcrealm依赖 end-->
2.sql
use cathycms; create table users ( id bigint auto_increment, username varchar(100), password varchar(100), password_salt varchar(100), constraint pk_users primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_users_username on users(username); create table user_roles( id bigint auto_increment, username varchar(100), role_name varchar(100), constraint pk_user_roles primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_user_roles on user_roles(username, role_name); create table roles_permissions( id bigint auto_increment, role_name varchar(100), permission varchar(100), constraint pk_roles_permissions primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_roles_permissions on roles_permissions(role_name, permission); insert into users(username,password)values('admin','123');
3.ini配置文件
[main] jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm dataSource=com.alibaba.druid.pool.DruidDataSource dataSource.driverClassName=com.mysql.jdbc.Driver dataSource.url=jdbc:mysql://localhost:3306/cathycms dataSource.username=root dataSource.password=root jdbcRealm.dataSource=$dataSource securityManager.realms=$jdbcRealm
4.单元测试
@Test public void demoJdbcRealm(){ //init配置文件初始化SecurityManager工厂 Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini"); SecurityManager securityManager=factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject(); UsernamePasswordToken token=new UsernamePasswordToken("admin","123"); try{ subject.login(token); }catch (AuthenticationException ex){ } org.junit.Assert.assertEquals(true,subject.isAuthenticated()); subject.logout(); }
参考资料:说起shiro,最好的教程必须是张开涛老师的《跟我学shiro系列》
作者:陈敬(公众号:敬YES)
出处:http://www.cnblogs.com/janes/
博客文章仅供交流学习,请勿用于商业用途。如需转载,请务必注明出处。