Shiro

package com.blb.app;

import com.blb.realm.CustomerRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.Scanner;

@Component
public class MainApp {

    private static Scanner scanner=new Scanner(System.in);

    @Autowired
    private DefaultSecurityManager securityManager;

      public void run()
      {
          try {
              System.out.println("欢迎使用本系统");
              System.out.println("请输入用户名");
              String uname = scanner.next();
              System.out.println("请输入密码");
              String upwd = scanner.next();
              //认证
              //MVC模式
              //安全管理器  设置规则
              //为安全管理器设置规则
              //realm 就是 数据库用户数据  文件里面的用户数据   用户集 规则
              //使用不同的realm来满足不同的需求

              //设置一下密码的规则
             SecurityUtils.setSecurityManager(securityManager);
             //认证主体  用户
              Subject subject = SecurityUtils.getSubject();
              UsernamePasswordToken token = new UsernamePasswordToken(uname, upwd);
              //为我们当前认证的主体，要为他设置用户名和密码
              subject.login(token);
              System.out.println("用户登陆成功");
              //1.关联 2.认证
              //disabled
              //hidden
              boolean user = subject.isPermitted("user");
              System.out.println(user);
              boolean supermanager = subject.hasRole("超级管理员");
              System.out.println(supermanager);

          }catch (IncorrectCredentialsException e)
          {
              e.printStackTrace();
              System.out.println("密码错误!");

          }catch (UnknownAccountException e)
          {
              e.printStackTrace();
              System.out.println("当前系统没有该用户");


          }



      }

}

package com.blb.realm;

import com.blb.common.Assist;
import com.blb.entity.Users;
import com.blb.mapper.RolesMapper;
import com.blb.mapper.UserRolesMapper;
import com.blb.mapper.UsersMapper;
import com.blb.service.UsersService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

import java.util.List;

@Component
public class CustomerRealm extends AuthorizingRealm {




    @Autowired
    @Qualifier("usersMapper")
    private UsersMapper usersMapper;

    @Autowired
    private UserRolesMapper userRolesMapper;

    @Autowired
    private RolesMapper rolesMapper;


    {
        HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        hashedCredentialsMatcher.setHashIterations(1024);
        this.setCredentialsMatcher(hashedCredentialsMatcher);
    }

    //javafx
    //授权
    //1.RBAC
    //2.RBAC
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String username = (String)principalCollection.getPrimaryPrincipal();
        Assist assist=new Assist();
        assist.setRequires(Assist.and_eq("username",username));

        List<Users> users = usersMapper.selectUsers(assist);
        if(!CollectionUtils.isEmpty(users)) {
            Users user = users.get(0);

        }
        SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
        authorizationInfo.addRole("管理员");
        authorizationInfo.addStringPermission("user");
        authorizationInfo.addStringPermission("user:add");
        authorizationInfo.addStringPermission("user:delete");
        return authorizationInfo;

    }



    //认证  只能返回一条数据  我们一般会把人证通过的信息 保存 在这个对象中
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {


        UsernamePasswordToken upToken = (UsernamePasswordToken)token;
        String username=upToken.getUsername();
        Assist assist=new Assist();
        assist.setRequires(Assist.and_eq("username",username));

        List<Users> users = usersMapper.selectUsers(assist);
        if(!CollectionUtils.isEmpty(users)) {
            Users user = users.get(0);
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username, user.getPassword(),ByteSource.Util.bytes(user.getSalt()), this.getName());
            return  simpleAuthenticationInfo;
        }

        //在这里 我们获取的用户名和密码应该是加密过的数 据
        //加密后的数据和数据库的数据做比较就可以了

      //  String sql="select * from users where uname="+upToken.getUsername()+"and upwd="+upToken.getPassword();

        //如果在当前的方法中返回非空的对象  表示认证成功
        //否则认证失败
        //如果按照上面的写法 认证永远失败
        // 小花匠    e6d3ae1d4a762c2f1cf44d2bb014204b    643087041@qq.com    hidden    1324287105    10f709    60027808




        return null;
    }



}