shiro的角色和权限

s首先要将读取文件的方法封装,只需要传入文件,用户名和密码即可登陆

package com.java.shiro.common;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;

public class ShiroUtil {

public static Subject login(String configFile, String userName, String password) {
// 读取shiro配置文件,初始化SecurityManager工厂
Factory<SecurityManager> factory = new IniSecurityManagerFactory(configFile);
// 获取securityManager实例
SecurityManager securityManager = factory.getInstance();
// 把securityManager实例绑定到SecurityUtils
SecurityUtils.setSecurityManager(securityManager);
// 得到当前执行的用户
Subject currentUser = SecurityUtils.getSubject();
// 创建用户令牌,用户名/密码
UsernamePasswordToken token = new UsernamePasswordToken(userName, password);

try {
// 身份认证
currentUser.login(token);

System.out.println("登陆成功");
} catch (AuthenticationException e) {
e.printStackTrace();
System.out.println("身份认证失败");
}
// 退出
return currentUser;

}
}

 

1,判断角色,首先配置角色ini文件

文件名:shiro_role.ini

[users]
java1234=1234,role1,role2
jack=123,role1

 

*****测试方法

 

package com.java.shiro;

import static org.junit.Assert.*;

import java.util.Arrays;

import org.apache.shiro.subject.Subject;
import org.junit.Test;

import com.java.shiro.common.ShiroUtil;

public class RoleTest {

@Test
public void testHasRole() {
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java1234", "1234");
// System.out.println(currentUser.hasRole("role2")?"有role2":"没有role2");

// boolean[] booleans = currentUser.hasRoles(Arrays.asList("role1","role2","role3"));
// for (boolean b : booleans) {
// System.out.println(b);
// }

System.out.println(currentUser.hasAllRoles(Arrays.asList("role1","role2"))?"有两个权限":"不足两个权限");

//判断完之后要加logout()
currentUser.logout();
}


@Test
public void testCheckRole() {
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java1234", "1234");
// System.out.println(currentUser.hasRole("role2")?"有role2":"没有role2");

// boolean[] booleans = currentUser.hasRoles(Arrays.asList("role1","role2","role3"));
// for (boolean b : booleans) {
// System.out.println(b);
// }
// currentUser.checkRole("role8");
//传一个数组集合,都有不报错,没有其中一个或多个都会报错
currentUser.checkRoles(Arrays.asList("role1","role2"));
//传多个字符串
currentUser.checkRoles("role1","role2","role3");
// System.out.println(currentUser.hasAllRoles(Arrays.asList("role1","role2"))?"有两个权限":"不足两个权限");

//判断完之后要加logout()
currentUser.logout();
}


}

 

2,权限判断,首先配置角色ini文件

文件名:shiro_permission.ini

[users]
java1234=1234,role1,role2
jack=123,role1

[roles]
role1=user:select
role2=user:select,user:add,user:delete

 

*****测试方法

package com.java.shiro;

import static org.junit.Assert.*;

import java.util.Arrays;

import org.apache.shiro.subject.Subject;
import org.junit.Test;

import com.java.shiro.common.ShiroUtil;

public class PermissionTest {

@Test
public void testIsPermitted() {
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java1234", "1234");
//判断是否有user的select权限
boolean result = currentUser.isPermitted("user:update");
////判断是否有user的后面的权限,返回boolean数组
boolean [] results = currentUser.isPermitted("user:select","user:add","user:update");
for (boolean b : results) {
System.out.println(b+"权限");
}
//全有返回true,不全有返回false
boolean all = currentUser.isPermittedAll("user:add","user:update");
System.out.println(all+"权限");

// System.out.println(result+"权限");

//判断完之后要加logout()
currentUser.logout();


}



@Test
public void testCheckPermitted() {
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java1234", "1234");
//有权限无返回,没权限抛出异常
currentUser.checkPermission("user:add");
//权限都有无返回,不全有抛出异常
currentUser.checkPermissions("user:update","user:select");



//判断完之后要加logout()
// currentUser.logout();


}

}

 

posted @ 2017-05-17 23:25  喜欢就去做~  阅读(536)  评论(0编辑  收藏  举报