Shiro learning - 入门案例(2)

Shiro小案例

在上篇Shiro入门学习中说到了Shiro可以完成认证,授权等流程。在学习认证流程之前,我们应该先入门一个Shiro小案例。

创建一个java maven项目

 

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>groupId</groupId>
    <artifactId>Shrio-login</artifactId>
    <version>1.0-SNAPSHOT</version>

    <dependencies>

        <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging -->
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core -->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.3.2</version>
        </dependency>


        <!-- https://mvnrepository.com/artifact/org.slf4j/slf4j-api -->
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
            <version>1.7.25</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/org.slf4j/slf4j-log4j12 -->
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-log4j12</artifactId>
            <version>1.7.25</version>
        </dependency>


        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-nop</artifactId>
            <version>1.7.2</version>
        </dependency>
    </dependencies>

</project>
Pom.xml
log4j.rootLogger = info,stdout,file
log4j.appender.stdout=org.apache.log4j.ConsoleAppender 
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=[%p][%d{yyyy-MM-dd HH:mm:ss}][%C{1}:%L] - %m%n
log4j.appender.file = org.apache.log4j.DailyRollingFileAppender
log4j.appender.file.file=C:\\Users\\amber.lei\\Documents\\Learning\\Shiro\\log\\info(+).log

log4j.appender.file.DatePattern= '.'yyyy-MM-dd
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=[%p][%d{yyyy-MM-dd HH:mm:ss}][%C{1}:%L] - %m%n
log4j.appender.file.Encoding=UTF-8
log4j.properties

 LoginDemo.java

 1 package com.amber.login;
 2 
 3 import org.apache.shiro.SecurityUtils;
 4 import org.apache.shiro.authc.AuthenticationException;
 5 import org.apache.shiro.authc.UnknownAccountException;
 6 import org.apache.shiro.authc.UsernamePasswordToken;
 7 import org.apache.shiro.config.IniSecurityManagerFactory;
 8 import org.apache.shiro.mgt.SecurityManager;
 9 import org.apache.shiro.subject.Subject;
10 import org.slf4j.Logger;
11 import org.slf4j.LoggerFactory;
12 
13 /**
14  * Shiro入门
15  */
16 public class LoginDemo {
17     static Logger logger = LoggerFactory.getLogger(LoginDemo.class);
18     public static void main(String[] args) {
19 
20         //1.获得SecurityManagerFactory
21         IniSecurityManagerFactory iniSecurityManagerFactory = new IniSecurityManagerFactory("classpath:shiro.ini");
22         //2.通过工厂获得SecurityManager
23         SecurityManager securityManager =  iniSecurityManagerFactory.getInstance();
24         //3.把SecurityManger放置到运行环境中
25         SecurityUtils.setSecurityManager(securityManager);
26         try {
27             //4.通过SecurityUtis获取subject
28             Subject subject =  SecurityUtils.getSubject();
29             UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("amber", "111111");//这里的amber 和 111111指用户输入的用户名和密码
30             //登陆
31             subject.login(usernamePasswordToken);
32             //判断是否通过验证,true代表通过验证
33             if (subject.isAuthenticated()) {
34                 logger.info("login successful");
35             }
36             subject.logout();
37         } catch (UnknownAccountException e) {
38             logger.error("ERROR incorrect username or passwod", e);
39         } catch (AuthenticationException e) {
40             logger.error("login failed", e);
41         }
42     }
43 }

Shiro.ini

[users]
amber=111111

[users]可以理解成一个用户组,里面有一个用户username:amber ,password:111111.当然在实际开发中,我们的用户名和密码都是从数据库中读取出来的。

 

Shiro案例流程:

  • 通过shiro.ini文件获得到工厂,然后通过工厂获得SecurityManager.
  • 把SecuityManager交给SecuityUtils
  • 通过SecurityUtils获得到Subject对象
  • 把用户传入的用户名和密码,生成UsernamePasswordToken实例
  • 把token传给Subject.login(token),如果验证失败抛出异常
posted @ 2018-11-27 14:14  amberbar  阅读(321)  评论(0编辑  收藏  举报