5、Shiro之jdbcRealm认证授权
登录认证:
注意,下面我是以连接orcal数据库为例的依赖,如果各位同仁使用的是骑她数据库,可以换成对应数据库的依赖(数据源不用换)
Pom.xml增加依赖:
<!--引入连接orcal的jar包--> <!-- oracle驱动 --> <!-- https://mvnrepository.com/artifact/com.oracle/ojdbc14 --> <dependency> <groupId>com.oracle</groupId> <artifactId>ojdbc7</artifactId> <version>7.0.0</version> </dependency> <!--引入数据源--> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.6</version> </dependency>
新建名为JdbcRelamTes的t测试类:
JdbcRelamTest.java代码:
package com.shiro.shiroframe; import com.alibaba.druid.pool.DruidDataSource; import org.apache.catalina.security.SecurityUtil; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.subject.Subject; import org.junit.jupiter.api.Test; public class JdbcRelamTest { DruidDataSource druidDataSource = new DruidDataSource(); { druidDataSource.setUrl("jdbc:oracle:thin:@localhost:1521:ORCL"); druidDataSource.setUsername("testyanshemiyue");//你的数据库账号 druidDataSource.setPassword("testhourumiyu");//你的数据库密码 } @Test public void JdbcRelamTest() { JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(druidDataSource); DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("miyue", "houru"); subject.login(usernamePasswordToken); System.err.println(subject.isAuthenticated());//true } }
数据库创建表users并插入一条测试数据:
运行java代码:
如果账号密码正确打印结果为true,否则报错
补充:问什么要建users表?
下面是JdbcRealm类的源码:
在我们没有自己创建Sql语句时JdbcRealm会使用她自己定义的SQL语句,所以我们就根据此建表测试即可
角色认证和权限认证:
首先我们在数据库建立角色表和角色权限表并插入数据:
java代为:
package com.shiro.shiroframe; import com.alibaba.druid.pool.DruidDataSource; import org.apache.catalina.security.SecurityUtil; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.subject.Subject; import org.junit.jupiter.api.Test; public class JdbcRelamTest { DruidDataSource druidDataSource = new DruidDataSource(); { druidDataSource.setUrl("jdbc:oracle:thin:@localhost:1521:ORCL"); druidDataSource.setUsername("luzhanshi"); druidDataSource.setPassword("admin123"); } @Test public void JdbcRelamTest() { JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(druidDataSource); //开启查询权限的开关(默认是关闭的)否则Shiro是不会去查询权限数据的 jdbcRealm.setPermissionsLookupEnabled(true); DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("miyue", "houru"); //登录认证 subject.login(usernamePasswordToken); System.err.println(subject.isAuthenticated());//true //角色认证:验证miyue是否具有admin角色 subject.checkRole("admin"); //权限认证:验证admin角色是否具有user:select权限 subject.checkRoles("admin","user"); subject.checkPermission("user:select"); } }
执行java代码,验证通过控制台不报错,否则控制台报错
JdbcRelam自定义SQL:
如果上面涉及到的三个表是我们自定义的表名,那就要我们自己修改SQL语句了:
1、如下图我们按照上面建表的过程一样,新建了三张和上面一样,但是名字不一样的表:
那么我们的对应的java代码就要修改对应的SQL:代码如下:
package com.shiro.shiroframe; import com.alibaba.druid.pool.DruidDataSource; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.subject.Subject; import org.junit.jupiter.api.Test; public class JdbcRelamTest { DruidDataSource druidDataSource = new DruidDataSource(); { druidDataSource.setUrl("jdbc:oracle:thin:@localhost:1521:ORCL"); druidDataSource.setUsername("luzhanshi"); druidDataSource.setPassword("admin123"); } @Test public void JdbcRelamTest() { JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(druidDataSource); //开启查询权限的开关(默认是关闭的)否则Shiro是不会去查询权限数据的 jdbcRealm.setPermissionsLookupEnabled(true); //创建自定义SQL String sql ="SELECT PASSWORD FROM TESTUSER WHERE USERNAME=?"; String roleSql ="SELECT ROLE_NAME FROM Test_USER_ROLES WHERE USERNAME = ?"; String rolePermissionSql ="SELECT PERMISSION FROM TEST_ROLES_PERMISSIONS WHERE ROLE_NAME = ?"; jdbcRealm.setAuthenticationQuery(sql); jdbcRealm.setUserRolesQuery(roleSql); jdbcRealm.setPermissionsQuery(rolePermissionSql); DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("miyue", "houru"); //登录认证 subject.login(usernamePasswordToken); System.err.println(subject.isAuthenticated());//true // //角色认证:验证miyue是否具有admin角色 subject.checkRole("admin"); // //权限认证:验证admin角色是否具有user:select权限 subject.checkRoles("admin","user"); subject.checkPermission("user:select"); } }
