shiro认证通过之后的授权
subject.hasRole("") ;
subject.hasRoles(List);
subject.hasAllRoles();
subject.isPermitted("");
修改ini文件
#配置用户名
[users]
zhangsan=123456,role1
lisi=123456,role2
wanghu=123456,role3
zhaoliu=123456,role2,role3
sunqi=123456,role4
#声明角色
[roles]
role1=user:query,user:add,user:update,user:delete,user:export
role2=user:query,user:add
role3=user:query,user:export
role4=*:*
//日志输出工具 private static final transient Logger log = LoggerFactory.getLogger(TestAuthenticationApp.class); public static void main(String[] args) { String username = "zhangsan"; String password = "123456"; log.info("My First Apache Shiro Application"); //1 创建安全管理器的工厂对象 Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); //2 使用工厂创建安全管理器 SecurityManager securityManager = factory.getInstance(); //3 把当前的安全管理器绑定到线程 SecurityUtils.setSecurityManager(securityManager); //4 使用SecurityUtils.getSubject() 得到主体 Subject currentUser = SecurityUtils.getSubject(); //5 封装用户名 AuthenticationToken arg0 = new UsernamePasswordToken(username, password); currentUser.login(arg0); System.out.println("认证通过"); //退出的方法 //currentUser.logout(); //判断用户是否通过认证 boolean authent = currentUser.isAuthenticated(); System.out.println(authent); //角色判断 boolean hasrole1 = currentUser.hasRole("role1"); System.out.println(hasrole1); //分别判断集合里面的角色返回数组 List<String> arr = Arrays.asList("role1","role2","role3"); boolean[] arrs = currentUser.hasRoles(arr); for (boolean string : arrs) { System.out.println(string); } //判断当前用户是否有 arr集合里的所有角色 boolean hasAllRoles = currentUser.hasAllRoles(arr); System.out.println(hasAllRoles); //权限判断 boolean permitted = currentUser.isPermitted("user:query"); System.out.println("当前用户有当前权限吗"+permitted); //分别判断 boolean[] permitted2 = currentUser.isPermitted("user:query","user:add"); //同时判断 boolean permitted3 = currentUser.isPermittedAll("user:query","user:add");
