Shiro内置Realm
IniRealm教程:
user.ini
[users] exp=123456,admin [roles] admin=user:delete,user:update
IniRealmTest.java
package com.exp.test; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.SimpleAccountRealm; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.junit.Before; import org.junit.Test; public class IniRealmTest { IniRealm iniRealm = new IniRealm("classpath:user.ini"); @Test public void Authenication(){ //1. 构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(iniRealm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("exp","123456"); //用户登录认证 subject.login(token); System.out.println("expworld=>"+ subject.isAuthenticated()); //expworld=>true subject.checkRole("admin"); subject.checkPermission("user:update"); //用户退出 subject.logout(); System.out.println("expworld=>"+ subject.isAuthenticated()); //expworld=>false } }
JdbcRealm教程:
总结:JdbcRealm默认会给三个表users、user_roles、roles_permissions和对应的认证授权sql语句。另外,咱们可以自定义表和sql。
JdbcRealmTest.java
package com.exp.test; import com.alibaba.druid.pool.DruidDataSource; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.junit.Test; public class JdbcRealmTest { DruidDataSource dataSource = new DruidDataSource(); { dataSource.setUrl("jdbc:mysql://localhost:3310/test_shiro");; dataSource.setUsername("root"); dataSource.setPassword("123456"); } @Test public void Authenication(){ JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(dataSource); jdbcRealm.setPermissionsLookupEnabled(true);//jdbcRealm默认关闭查询权限数据,需要开启 //自定义表和sql语句查询 String sql = "select password from test_user where username = ?"; jdbcRealm.setAuthenticationQuery(sql);//使用自己的查询语句 String roleSql = "select role_name from test_user_roles where user_name = ?"; jdbcRealm.setUserRolesQuery(roleSql); String permissionSql = "select permission from test_roles_permissions where role_name = ?"; jdbcRealm.setPermissionsQuery(permissionSql); //1. 构建SecurityManager环境 DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); //2.主体提交认证请求 SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","654321"); //用户登录认证 subject.login(token); System.out.println("expworld=>"+ subject.isAuthenticated()); //expworld=>true subject.checkRole("user"); subject.checkPermission("user:del"); /* //用户退出 subject.logout(); System.out.println("expworld=>"+ subject.isAuthenticated()); //expworld=>false*/ } }
相关sql:
CREATE TABLE users( id int, username VARCHAR(50), password VARCHAR(50) ); insert into users values(1,"exp","123456"); CREATE TABLE roles_permissions( id int, role_name VARCHAR(50), permission VARCHAR(50) ); insert into roles_permissions values(1,"admin","user:select"); CREATE TABLE user_roles( id int, username VARCHAR(50), role_name VARCHAR(50) ); insert into user_roles values(1,"exp","admin"); CREATE TABLE test_user( username VARCHAR(50), password VARCHAR(50) ); insert into test_user values("xiaoming","654321");
pom.xml
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <parent> <artifactId>shiro-demo</artifactId> <groupId>com.exp</groupId> <version>1.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>shiro-test</artifactId> <dependencies> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.0</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>REALEASE</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.45</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.6</version> </dependency> </dependencies> </project>
浙公网安备 33010602011771号