shiro权限认证Realm的四大用法

一、SimpleAccountRealm 

public class AuthenticationTest {
    
    SimpleAccountRealm sar=new SimpleAccountRealm();
    
    @Before
    public void addUser() {
        sar.addAccount("mark", "123456","admin","user");
    }
    
    @Test
    public void testAuthentication() {
        //1.构建seruritymanager环境
        DefaultSecurityManager dsm=new DefaultSecurityManager();
        dsm.setRealm(sar);
        
        //2.主题提交认证请求
        SecurityUtils.setSecurityManager(dsm);
        Subject subject=SecurityUtils.getSubject();
        
        UsernamePasswordToken token=new UsernamePasswordToken("mark","123456");
        subject.login(token);
        
        System.out.println("isAuthenticated:"+subject.isAuthenticated());
        
        subject.checkRoles("admin","user");

    }

 

二.IniRealm

public class IniRealmTest {
 
    
    @Test
    public void testIniRealm() {
        IniRealm realm=new IniRealm("classpath:user.ini");
        DefaultSecurityManager defaultSerurityManager=new DefaultSecurityManager();
        defaultSerurityManager.setRealm(realm);
        
        SecurityUtils.setSecurityManager(defaultSerurityManager);
        Subject subject = SecurityUtils.getSubject();
        
        UsernamePasswordToken upt=new UsernamePasswordToken("mark","123456");
        
        subject.login(upt);
        
        System.out.println("isAuthentication:"+subject.isAuthenticated());
        
        subject.checkRole("admin");
        
        subject.checkPermission("user:update");
        
    }
}

三、JDBCRealm

public class JDBCRealmTest {
    
    DruidDataSource dataSource=new DruidDataSource();
    {
        dataSource.setUrl("jdbc:mysql://localhost:3306/xxxx");
        dataSource.setUsername("root");
        dataSource.setPassword("root");
    }
    
    @Test
    public void testJDBCRealm() {
        JdbcRealm realm=new JdbcRealm();
        realm.setDataSource(dataSource);
        realm.setPermissionsLookupEnabled(true);
        //如果不用自己的sql,数据库表名必须与shiro默认的查询语句中的一致,一般情况下都是使用自定义的sql,如下:
        String sql="select password from test_user where user_name=?";
        realm.setAuthenticationQuery(sql);
        String roleSql="select role_name from test_user_roles where user_name=?";
        realm.setUserRolesQuery(roleSql);
        String permissionSql="select permission from test_roles_permissions where role_name=?";
        realm.setPermissionsQuery(permissionSql);
        
        DefaultSecurityManager dsm=new DefaultSecurityManager();
        dsm.setRealm(realm);
        
        SecurityUtils.setSecurityManager(dsm);
        Subject subject = SecurityUtils.getSubject();
        
        UsernamePasswordToken token=new UsernamePasswordToken("xm","123");
        subject.login(token);
        
        System.out.println("isAuthencation:"+subject.isAuthenticated());
        
        subject.checkRole("admin");
        subject.checkRoles("admin","user");
        subject.checkPermission("user:delete");
    }
 
}

四、自定义Realm

public class customRealmTest {
    
    @Test
    public void testCustomRealm() {
        CustomRealm realm=new CustomRealm();
        
        DefaultSecurityManager sdm=new DefaultSecurityManager();
        sdm.setRealm(realm);
        
        HashedCredentialsMatcher hcm=new HashedCredentialsMatcher();
        hcm.setHashAlgorithmName("md5");
        hcm.setHashIterations(1);
        
        realm.setCredentialsMatcher(hcm);
        
        SecurityUtils.setSecurityManager(sdm);
        Subject subject = SecurityUtils.getSubject();
        
        UsernamePasswordToken token=new UsernamePasswordToken("mark","123456");
        subject.login(token);
        System.out.println("isAuthencation:"+subject.isAuthenticated());
        
        subject.checkRole("admin");
        subject.checkRoles("admin","user");
        
        subject.checkPermission("user:delete");
    }
 
}
 
public class CustomRealm extends AuthorizingRealm {
    
    Map<String, String> userMap=new HashMap<>();
    
    {
        //模拟数据库中查询出的数据
        userMap.put("mark", "73bea81c6c06bacab41a995495239545");
        super.setName("customReal");
    }
 
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
 
        String userName = (String) principals.getPrimaryPrincipal();
        //通过用户名获取数据库或缓存中的角色
        Set<String> roles=getRolesByUserName(userName);
        Set<String> premissions=getpremissionsByUserName(userName);
        SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
        info.setStringPermissions(premissions);
        info.setRoles(roles);
        return info;
    }
 
    private Set<String> getpremissionsByUserName(String userName) {
        Set<String> permission=new HashSet<>();
        permission.add("user:delete");
        return permission;
    }
 
    private Set<String> getRolesByUserName(String userName) {
        Set<String> roles=new HashSet<>();
        roles.add("admin");
        roles.add("user");
        return roles;
    }
 
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //1.通过主体传过来的信息获取用户名
        String userName=(String) token.getPrincipal();
        //2.通过用户名去数据库获取凭证
        String password=getPassowrdByUserName(userName);
        if(password==null) {
            return null;
        }
        
        SimpleAuthenticationInfo info=new SimpleAuthenticationInfo("mark",password,"customReal");
        //加盐--如果数据库中密码是加盐密文,此处应该设置盐的值
        info.setCredentialsSalt(ByteSource.Util.bytes("mark"));
        return info;
    }
 
    private String getPassowrdByUserName(String userName) {
        //实际中去查数据库   这个方便演示
        return userMap.get(userName);
    }
 
    public static void main(String[] args) {
        System.out.println((int)(1+Math.random()*10));
//        Md5Hash hsh=new Md5Hash("123456");  //md5加密
        Md5Hash hsh=new Md5Hash("123456","mark");  //MD5加密并加盐    更安全
        System.out.println(hsh);
    }
    
 
}
posted @ 2019-12-29 18:58  wlv1314  阅读(1537)  评论(0编辑  收藏  举报