我们首先了解下什么是shiro ,Shiro 是 JAVA 世界中新近出现的权限框架,较之 JAAS 和 Spring Security,Shiro 在保持强大功能的同时,还在简单性和灵活性方面拥有巨大优势
Shiro 是一个强大而灵活的开源安全框架,能够非常清晰的处理认证、授权、管理会话以及密码加密。如下是它所具有的特点:
- 易于理解的 Java Security API;
- 简单的身份认证(登录),支持多种数据源(LDAP,JDBC,Kerberos,ActiveDirectory 等);
- 对角色的简单的签权(访问控制),支持细粒度的签权;
- 支持一级缓存,以提升应用程序的性能;
- 内置的基于 POJO 企业会话管理,适用于 Web 以及非 Web 的环境;
- 异构客户端会话访问;
- 非常简单的加密 API;
- 不跟任何的框架或者容器捆绑,可以独立运行。
Shiro 主要有四个组件
-
SecurityManager
典型的 Facade,Shiro 通过它对外提供安全管理的各种服务。
-
Authenticator
对“Who are you ?”进行核实。通常涉及用户名和密码。
这 个组件负责收集 principals 和 credentials,并将它们提交给应用系统。如果提交的 credentials 跟应用系统中提供的 credentials 吻合,就能够继续访问,否则需要重新提交 principals 和 credentials,或者直接终止访问。
-
Authorizer
身 份份验证通过后,由这个组件对登录人员进行访问控制的筛查,比如“who can do what”, 或者“who can do which actions”。Shiro 采用“基于 Realm”的方法,即用户(又称 Subject)、用户组、角色和 permission 的聚合体。
-
Session Manager
这个组件保证了异构客户端的访问,配置简单。它是基于 POJO/J2SE 的,不跟任何的客户端或者协议绑定。
Shiro 的认证和签权可以通过 JDBC、LDAP 或者 Active Directory 来访问数据库、目录服务器或者 Active Directory 中的人员以及认证 / 签权信息。SessionManager 通过会话 DAO 可以将会话保存在 cache 中,或者固化到数据库或文件系统中。
简介
apache shiro 是一个功能强大和易于使用的Java安全框架,为开发人员提供一个直观而全面的的解决方案的认证,授权,加密,会话管理。
在实际应用中,它实现了应用程序的安全管理的各个方面。
shiro的功能
apache shiro能做什么?
支持认证跨一个或多个数据源(LDAP,JDBC,kerberos身份等)
执行授权,基于角色的细粒度的权限控制。
增强的缓存的支持。
支持web或者非web环境,可以在任何单点登录(SSO)或集群分布式会话中使用。
主要功能是:认证,授权,会话管理和加密。
下载并且使用
1,确保系统内安装JDK1.5+和maven2.2+。
2,到shiro主页下载shiro.
3,解压缩
unzip shiro-root-1.1.0-source-release.zip
4,进入到quickstart目录
cd shiro-root-1.1.0/samples/quickstart
5,运行quickstart
mvn compile exec:java
执行完成如下图:
Quickstart.java
// get the currently executing user: Subject currentUser = SecurityUtils.getSubject();
使用SecurityUtils.getSubject(),我们可以得到当前正在执行的主题。
得到主题之后,你可以得到他对应的会话信息
// Do some stuff with a Session (no need for a web or EJB container!!!) Session session = currentUser.getSession(); session.setAttribute("someKey", "aValue"); String value = (String) session.getAttribute("someKey"); if (value.equals("aValue")) { log.info("Retrieved the correct value! [" + value + "]"); }
你可以得到http的session信息,也可以在非web环境中使用,得到相对应的会话信息。
如果在web应用程序中部署应用,默认情况下,应用将以HttpSession为基础。在企业级应用中,你在多个应用中可以使用相同的API,无论部署环境。而且使用任何客户端技术你都可以共享会话数据。
接下来判断登录信息
// let's login the current user so we can check against roles and permissions: if (!currentUser.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa"); token.setRememberMe(true); try { currentUser.login(token); } catch (UnknownAccountException uae) { log.info("There is no user with username of " + token.getPrincipal()); } catch (IncorrectCredentialsException ice) { log.info("Password for account " + token.getPrincipal() + " was incorrect!"); } catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it."); } // ... catch more exceptions here (maybe custom ones specific to your application? catch (AuthenticationException ae) { //unexpected condition? error? } }
如果正确可以向下执行,如果不正确,就会对不同的业务进行处理。
比如用户名不正确,密码不正确,用户被锁定的异常,当然也可以使用自定义抛出的异常。
如果登录成功,那么下一步可以做什么呢?
提示当前用户:
//say who they are: //print their identifying principal (in this case, a username): log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
接着测试是否还有其它角色
//test a role: if (currentUser.hasRole("schwartz")) { log.info("May the Schwartz be with you!"); } else { log.info("Hello, mere mortal."); }
接着测试是否有特定的权限
//test a typed permission (not instance-level) if (currentUser.isPermitted("lightsaber:weild")) { log.info("You may use a lightsaber ring. Use it wisely."); } else { log.info("Sorry, lightsaber rings are for schwartz masters only."); }
接着验证一个非常强大的实例级权限
//a (very powerful) Instance Level permission: if (currentUser.isPermitted("winnebago:drive:eagle5")) { log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " + "Here are the keys - have fun!"); } else { log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!"); }
最后是使用程序注销:
//all done - log out! currentUser.logout();
认证就是用户确认身份的过程,确认登录的用户身份能够操作的内容。
使用shiro认证分为以下几个步骤:
1,得到主体的认证和凭据。
// let's login the current user so we can check against roles and permissions: |
if (!currentUser.isAuthenticated()) { |
UsernamePasswordToken token = new UsernamePasswordToken( "lonestarr" , "vespa" ); |
token.setRememberMe( true ); |
2,提交认证和凭据给身份验证系统。
Subject currentUser = SecurityUtils.getSubject(); |
currentUser.login(token); |
3,判断是否允许访问,重试认证或者阻止访问。
try { |
currentUser.login(token); |
} catch (UnknownAccountException uae) { |
log.info( "There is no user with username of " + token.getPrincipal()); |
} catch (IncorrectCredentialsException ice) { |
log.info( "Password for account " + token.getPrincipal() + " was incorrect!" ); |
} catch (LockedAccountException lae) { |
log.info( "The account for username " + token.getPrincipal() + " is locked. " + |
"Please contact your administrator to unlock it." ); |
} |
// ... catch more exceptions here (maybe custom ones specific to your application? |
catch (AuthenticationException ae) { |
//unexpected condition? error? |
} |
其中Remember Me的功能包括两个方法,一个是
isRemembered
boolean isRemembered()
非匿名登录的用户可以记住上次使用的主题的信息。
isAuthenticated
boolean isAuthenticated()
在此期间需要使用有效的凭据登录系统,否则值为false.
授权操作
授权的例子就是是否可以访问某个页面,可以操作某个按钮,是否可以编缉对应的数据等。
如何在shiro中使用授权
1,使用编程方式
判断是否有管理员角色
if (currentUser.hasRole( "admin" )) { |
判断用户是否有打印的权限
Permission printPermission = new PrinterPermission(“laserjet3000n”,“print”); |
If (currentUser.isPermitted(printPermission)) { //do one thing (show the print button?) } else { //don’t show the button? }
也可以使用字符串的方式验证
String perm = “printer:print:laserjet4400n”; |
|
if (currentUser.isPermitted(perm)){ |
//show the print button? |
} else { |
//don’t show the button? |
} |
2,使用注释方式
判断用户是否有 创建账户权限
//Will throw an AuthorizationException if none |
//of the caller’s roles imply the Account |
//'create' permission\u000B |
@RequiresPermissions (“account:create”) |
public void openAccount( Account acct ) { |
//create the account |
} |
判断用户角色,如果符合角色,可以使用对应方法
//Throws an AuthorizationException if the caller |
//doesn’t have the ‘teller’ role: |
|
@RequiresRoles ( “teller” ) |
public void openAccount( Account acct ) { |
//do something in here that only a teller |
//should do |
} |
3,使用jsp taglib
判断用户是否有管理权限
<%@ taglib prefix=“shiro” uri=http: //shiro.apache.org/tags %> |
<html> |
<body> |
<shiro:hasPermission name=“users:manage”> |
<a href=“manageUsers.jsp”> |
Click here to manage users |
</a> |
</shiro:hasPermission> |
<shiro:lacksPermission name=“users:manage”> |
No user management for you! |
</shiro:lacksPermission> |
</body> |
</html> |
从高的级别来看shiro:
看一下官方的图
应用程序调用subject(主题),主题可以是一个用户也可以是与系统交互的另一个系统,主题绑定shiro的权限管 理,SecurityManager(安全管理),它控制与有与主题相关的安全操作。Realm(桥梁)它是安全与数据之间的桥,它封装了比如DAO的配 置信息,可以指定连接的数据源,也可使用其它的认证方式,如LDAP等。
然后看一下详细的架构图:
Subject (org.apache.shiro.subject.Subject)
主题:与系统交互的第三方如(用户,cron服务,第三方应用)等。
SecurityManager (org.apache.shiro.mgt.SecurityManager)
shiro系统的核心,协调主题使用的操作,验证,配置等。
Authenticator (org.apache.shiro.authc.Authenticator)
身份验证组件,对企图登录系统的用户进行身份的验证。其中包含一个Authentication Strategy
(org.apache.shiro.authc.pam.AuthenticationStrategy)组件。配置验证成功与失败的条件。
Authorizer (org.apache.shiro.authz.Authorizer)
授权组件,指用户访问特定应用程序的机制。
SessionManager (org.apache.shiro.session.mgt.SessionManager)
管理会话如何创建生命周期。其中包括的sessiondao是管理会议数据的持久操作:SessionDAO (org.apache.shiro.session.mgt.eis.SessionDAO),代表执行sessionManager的CRUD操作。
CacheManager (org.apache.shiro.cache.CacheManager)
缓存管理模块。
Cryptography (org.apache.shiro.crypto.*)
加密模块。
Realms (org.apache.shiro.realm.Realm)
多种方式处理的桥梁。
多种配置方式:
与spring,jboss,guice等进行配置。
1,编程方式配置
例如:
Realm realm = //instantiate or acquire a Realm instance. We'll discuss Realms later. |
|
SecurityManager securityManager = new DefaultSecurityManager(realm); |
//Make the SecurityManager instance available to the entire application via static memory: |
SecurityUtils.setSecurityManager(securityManager); |
2,sessionManager对象图
如果你想使用sessionManager配置自定义的sessionDao信息,进行自定义会话管理
... |
|
DefaultSecurityManager securityManager = new DefaultSecurityManager(realm); |
SessionDAO sessionDAO = new CustomSessionDAO(); |
|
((DefaultSessionManager)securityManager.getSessionManager()).setSessionDAO(sessionDAO); |
... |
3,INI配置
1) 创建一个INI从SecurityManager
可以从多种方式读取INI配置文件的信息,如文件系统,类路径等
import org.apache.shiro.SecurityUtils; |
import org.apache.shiro.util.Factory; |
import org.apache.shiro.mgt.SecurityManager; |
import org.apache.shiro.config.IniSecurityManagerFactory; |
... |
|
Factory<SecurityManager> factory = new IniSecurityManagerFactory( "classpath:shiro.ini" ); |
SecurityManager securityManager = factory.getInstance(); |
SecurityUtils.setSecurityManager(securityManager); |
2) 通过Ini实例读取
类似于Properties的方式
import org.apache.shiro.SecurityUtils; |
import org.apache.shiro.util.Factory; |
import org.apache.shiro.mgt.SecurityManager; |
import org.apache.shiro.config.Ini; |
import org.apache.shiro.config.IniSecurityManagerFactory; |
... |
|
Ini ini = new Ini(); |
//populate the Ini instance as necessary |
... |
Factory<SecurityManager> factory = new IniSecurityManagerFactory(ini); |
SecurityManager securityManager = factory.getInstance(); |
SecurityUtils.setSecurityManager(securityManager); |
加载之后就可以操作INI的配置了。
4,INI配置
每一个节点都是单独的,不可以重复,注释可以使用#或者;
配置示例
# ======================= |
# Shiro INI configuration |
# ======================= |
[main] |
# Objects and their properties are defined here, |
# Such as the securityManager, Realms and anything |
# else needed to build the SecurityManager |
|
[users] |
# The 'users' section is for simple deployments |
# when you only need a small number of statically-defined |
# set of User accounts. |
|
[roles] |
# The 'roles' section is for simple deployments |
# when you only need a small number of statically-defined |
# roles. |
|
[urls] |
# The 'urls' section is used for url-based security |
# in web applications. We'll discuss this section in the |
# Web documentation |
1) [main]
配置sessionManager的实例和它的依赖。
配置示例
[main] |
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher |
|
myRealm = com.company.security.shiro.DatabaseRealm |
myRealm.connectionTimeout = 30000 |
myRealm.username = jsmith |
myRealm.password = secret |
myRealm.credentialsMatcher = $sha256Matcher |
securityManager.sessionManager.globalSessionTimeout = 1800000 |
定义一个对象
[main] |
myRealm = com.company.shiro.realm.MyRealm |
... |
简单的属性设置
... |
myRealm.connectionTimeout = 30000 |
myRealm.username = jsmith |
... |
配置信息将转入到对应的set方法中
... |
myRealm.setConnectionTimeout( 30000 ); |
myRealm.setUsername( "jsmith" ); |
... |
参考值
你可以使用$符号引用先前定义的一个对象的实例
... |
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher |
... |
myRealm.credentialsMatcher = $sha256Matcher |
... |
嵌套属性
... |
securityManager.sessionManager.globalSessionTimeout = 1800000 |
... |
将被注入到下面的程序中
securityManager.getSessionManager().setGlobalSessionTimeout( 1800000 ); |
引用其它的属性
sessionListener1 = com.company.my.SessionListenerImplementation |
... |
sessionListener2 = com.company.my.other.SessionListenerImplementation |
... |
securityManager.sessionManager.sessionListeners = $sessionListener1, $sessionListener2 |
以键值的配置方式
object1 = com.company.some.Class |
object2 = com.company.another.Class |
... |
anObject = some. class .with.a.Map.property |
|
anObject.mapProperty = key1:$object1, key2:$object2 |
2) [users]
在用户比较少的情况下这种配置信息是有效的
[users] |
admin = secret |
lonestarr = vespa, goodguy, schwartz |
darkhelmet = ludicrousspeed, badguy, schwartz |
3) [roles]
如果角色信息比较少的情况下可以使用这项配置
[roles] |
# 'admin' role has all permissions, indicated by the wildcard '*' |
admin = * |
# The 'schwartz' role can do anything (*) with any lightsaber: |
schwartz = lightsaber:* |
# The 'goodguy' role is allowed to 'drive' (action) the winnebago (type) with |
# license plate 'eagle5' (instance specific id) |
goodguy = winnebago:drive:eagle5 |
4) [urls]
配置url等可访问的资源信息。
shiro(3)-shiro核心
身份认证
身份认证分三个步骤
1)提交主题和凭据
2)进行身份认证
3)判断是通过,重新提交还是不通过
验证顺序
1)调用subject的login方法,提交主体和凭据。
2)得到对应操作的Security Manager
3)通过Sceurity Manager得到对应的Autherticator实例
4)根据配置策略查找对应的桥信息
5)通过桥信息到对应的配置处理进行身份验证
验证器
如果你想配置一个自定义的验证器
可以在配置文件中使用
[main] ... authenticator = com.foo.bar.CustomAuthenticator securityManager.authenticator = $authenticator
配置策略信息
AtLeastOneSuccessfulStrategy 如果一个验证成功,则验证结果为成功
FirstSuccessfulStrategy 只有第一个成功,才算成功
AllSuccessfulStrategy 所有的都必须成功
对应的在配置文件中的策略使用如下
shiro.ini [main] ... authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy securityManager.authenticator.authenticationStrategy = $authcStrategy ...
执行顺序
1)隐式顺序
blahRealm = com.company.blah.Realm ... fooRealm = com.company.foo.Realm ... barRealm = com.company.another.Realm
按上下顺序执行
2)指定顺序
blahRealm = com.company.blah.Realm ... fooRealm = com.company.foo.Realm ... barRealm = com.company.another.Realm securityManager.realms = $fooRealm, $barRealm, $blahRealm ...
按指定的顺序执行
授权
控制谁有权限访问应用程序
授权的几个要素:权限,角色和用户。
三种权限的判断方式
1)编程
角色判断
Subject currentUser = SecurityUtils.getSubject(); if (currentUser.hasRole("administrator")) { //show the admin button } else { //don't show the button? Grey it out? }
hasRole(String roleName) 主题是否已分配给指定的角色
hasRoles(List<String> roleNames) 是否包含指定的角色
hasAllRoles(Collection<String> roleNames) 是否包含指定的所有角色
角色断言
Subject currentUser = SecurityUtils.getSubject(); //guarantee that the current user is a bank teller and //therefore allowed to open the account: currentUser.checkRole("bankTeller"); openBankAccount();
checkRole(String roleName) 断言是否是指定角色
checkRoles(Collection<String> roleNames) 断言是否包含以下角色
checkRoles(String... roleNames) 断言是否包含所有角色
如果判断指定用户是否有权限访问指定名称的打印机
那么就会用到下列几个方法
Permission printPermission = new PrinterPermission("laserjet4400n", "print"); Subject currentUser = SecurityUtils.getSubject(); if (currentUser.isPermitted(printPermission)) { //show the Print button } else { //don't show the button? Grey it out? }
isPermitted(Permission p) 判断主题是否允许执行一个动作
isPermitted(List<Permission> perms) 是否允许执行一组动作
isPermittedAll(Collection<Permission> perms) 是否允许执行所有动作
基于字符串的权限检查
Subject currentUser = SecurityUtils.getSubject(); if (currentUser.isPermitted("printer:print:laserjet4400n")) { //show the Print button } else { //don't show the button? Grey it out? }
也可以如下使用
Subject currentUser = SecurityUtils.getSubject(); Permission p = new WildcardPermission("printer:print:laserjet4400n"); if (currentUser.isPermitted(p) { //show the Print button } else { //don't show the button? Grey it out? }
权限断言类似于角色断言。
2)annocation方式
The RequiresAuthentication annotation
@RequiresAuthentication public void updateAccount(Account userAccount) { //this method will only be invoked by a //Subject that is guaranteed authenticated ... }
等同于下述代码
public void updateAccount(Account userAccount) { if (!SecurityUtils.getSubject().isAuthenticated()) { throw new AuthorizationException(...); } //Subject is guaranteed authenticated here ... }
The RequiresGuest annotation
@RequiresGuest public void signUp(User newUser) { //this method will only be invoked by a //Subject that is unknown/anonymous ... }
等同于
public void signUp(User newUser) { Subject currentUser = SecurityUtils.getSubject(); PrincipalCollection principals = currentUser.getPrincipals(); if (principals != null && !principals.isEmpty()) { //known identity - not a guest: throw new AuthorizationException(...); } //Subject is guaranteed to be a 'guest' here ... }
The RequiresPermissions annotation
@RequiresPermissions("account:create") public void createAccount(Account account) { //this method will only be invoked by a Subject //that is permitted to create an account ... }
等同于
public void createAccount(Account account) { Subject currentUser = SecurityUtils.getSubject(); if (!subject.isPermitted("account:create")) { throw new AuthorizationException(...); } //Subject is guaranteed to be permitted here ... }
The RequiresRoles permission
@RequiresRoles("administrator") public void deleteUser(User user) { //this method will only be invoked by an administrator ... }
等同于
public void deleteUser(User user) { Subject currentUser = SecurityUtils.getSubject(); if (!subject.hasRole("administrator")) { throw new AuthorizationException(...); } //Subject is guaranteed to be an 'administrator' here ... }
The RequiresUser annotation
@RequiresUser public void updateAccount(Account account) { //this method will only be invoked by a 'user' //i.e. a Subject with a known identity ... }
等同于
public void updateAccount(Account account) { Subject currentUser = SecurityUtils.getSubject(); PrincipalCollection principals = currentUser.getPrincipals(); if (principals == null || principals.isEmpty()) { //no identity - they're anonymous, not allowed: throw new AuthorizationException(...); } //Subject is guaranteed to have a known identity here ... }
授权顺序
1)应用程序调用主题,判断hasRole,isPermitted得到角色或者用户权限的列表。
2)组成对应的授权方法
3)协调如何授权
4)通过桥进行各种方式的授权
web应用
配置web.xml
<listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> ... <filter> <filter-name>ShiroFilter</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> </filter> <filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
如果你愿意你可以自定义一个web应用
<context-param> <param-name>shiroEnvironmentClass</param-name> <param-value>com.foo.bar.shiro.MyWebEnvironment</param-value> </context-param>
如果你想改变shiro.ini的位置,那么你可以指定
<context-param> <param-name>shiroConfigLocations</param-name> <param-value>YOUR_RESOURCE_LOCATION_HERE</param-value> </context-param>
shiro.ini中的[urls]配置
例如:
... [urls] /index.html = anon /user/create = anon /user/** = authc /admin/** = authc, roles[administrator] /rest/** = authc, rest /remoting/rpc/** = authc, perms["remote:invoke"]
假如你有如下设置
/account/** = ssl, authc
/account下的任何应用程序都将触动ssl和authc链
在官方的示例中,有一个aspectj的示例,这个是一个银行的示例,简单的做了一下修改,演示一下其中几个方法的使用过程。
看以下几个类,包括账户信息,转账信息,以及一些异常处理程序,还包括一个业务操作类
Account账户信息类
import org.apache.commons.lang.builder.ToStringBuilder; import org.apache.commons.lang.builder.ToStringStyle; import java.sql.Timestamp; import java.util.ArrayList; import java.util.Date; import java.util.List; public class Account { private static long _SEQUENCE; private long _id; private String _ownerName; private volatile boolean _isActive; private double _balance; private final List<AccountTransaction> _transactions; private String _createdBy; private Date _creationDate; public Account(String anOwnerName) { _id = ++_SEQUENCE; _ownerName = anOwnerName; _isActive = true; _balance = 0.0d; _transactions = new ArrayList<AccountTransaction>(); _createdBy = "unknown"; _creationDate = new Date(); } /** * Returns the id attribute. * * @return The id value. */ public long getId() { return _id; } /** * Returns the ownerName attribute. * * @return The ownerName value. */ public String getOwnerName() { return _ownerName; } /** * Returns the isActive attribute. * * @return The isActive value. */ public boolean isActive() { return _isActive; } /** * Changes the value of the attributes isActive. * * @param aIsActive The new value of the isActive attribute. */ public void setActive(boolean aIsActive) { _isActive = aIsActive; } /** * Changes the value of the attributes ownerName. * * @param aOwnerName The new value of the ownerName attribute. */ public void setOwnerName(String aOwnerName) { _ownerName = aOwnerName; } /** * Returns the balance attribute. * * @return The balance value. */ public double getBalance() { return _balance; } /** * Returns the transactions attribute. * * @return The transactions value. */ public List<AccountTransaction> getTransactions() { return _transactions; } protected void applyTransaction(AccountTransaction aTransaction) throws NotEnoughFundsException, InactiveAccountException { if (!_isActive) { throw new InactiveAccountException("Unable to apply " + aTransaction.getType() + " of amount " + aTransaction.getAmount() + " to account " + _id); } synchronized (_transactions) { if (AccountTransaction.TransactionType.DEPOSIT == aTransaction.getType()) { _transactions.add(aTransaction); _balance += aTransaction.getAmount(); } else if (AccountTransaction.TransactionType.WITHDRAWAL == aTransaction.getType()) { if (_balance < aTransaction.getAmount()) { throw new NotEnoughFundsException("Unable to withdraw " + aTransaction.getAmount() + "$ from account " + _id + " - current balance is " + _balance); } _transactions.add(aTransaction); _balance -= aTransaction.getAmount(); } else { throw new IllegalArgumentException("The transaction passed in has an invalid type: " + aTransaction.getType()); } } } /** * Changes the value of the attributes createdBy. * * @param aCreatedBy The new value of the createdBy attribute. */ protected void setCreatedBy(String aCreatedBy) { _createdBy = aCreatedBy; } /** * Returns the createdBy attribute. * * @return The createdBy value. */ public String getCreatedBy() { return _createdBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /* (non-Javadoc) * @see java.lang.Object#toString() */ public String toString() { return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE). append("id", _id). append("ownerName", _ownerName). append("isActive", _isActive). append("balance", _balance). append("tx.count", _transactions.size()). append("createdBy", _createdBy). append("creationDate", new Timestamp(_creationDate.getTime())). toString(); } }
AccountNotFoundException,账号不存在异常
package org.apache.shiro.samples.aspectj.bank; public class AccountNotFoundException extends BankServiceException { public AccountNotFoundException(String aMessage) { super(aMessage); } }
AccountTransaction,账号转入与转出
package org.apache.shiro.samples.aspectj.bank; import org.apache.commons.lang.builder.ToStringBuilder; import org.apache.commons.lang.builder.ToStringStyle; import java.sql.Timestamp; import java.util.Date; public class AccountTransaction { private static long _SEQUENCE; public enum TransactionType { DEPOSIT, WITHDRAWAL } private long _id; private TransactionType _type; private long _accountId; private double _amount; private String _createdBy; private Date _creationDate; public static AccountTransaction createDepositTx(long anAccountId, double anAmount) { return new AccountTransaction(TransactionType.DEPOSIT, anAccountId, anAmount); } public static AccountTransaction createWithdrawalTx(long anAccountId, double anAmount) { return new AccountTransaction(TransactionType.WITHDRAWAL, anAccountId, anAmount); } private AccountTransaction(TransactionType aType, long anAccountId, double anAmount) { _id = ++_SEQUENCE; _type = aType; _accountId = anAccountId; _amount = anAmount; _createdBy = "unknown"; _creationDate = new Date(); } /** * Returns the id attribute. * * @return The id value. */ public long getId() { return _id; } /** * Returns the type attribute. * * @return The type value. */ public TransactionType getType() { return _type; } /** * Returns the accountId attribute. * * @return The accountId value. */ public long getAccountId() { return _accountId; } /** * Returns the amount attribute. * * @return The amount value. */ public double getAmount() { return _amount; } /** * Changes the value of the attributes createdBy. * * @param aCreatedBy The new value of the createdBy attribute. */ protected void setCreatedBy(String aCreatedBy) { _createdBy = aCreatedBy; } /** * Returns the createdBy attribute. * * @return The createdBy value. */ public String getCreatedBy() { return _createdBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /* (non-Javadoc) * @see java.lang.Object#toString() */ public String toString() { return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE). append("id", _id). append("type", _type). append("accountId", _accountId). append("amount", _amount). append("createdBy", _createdBy). append("creationDate", new Timestamp(_creationDate.getTime())). toString(); } }
BankServerRunner,银行服务运行
package org.apache.shiro.samples.aspectj.bank; public class BankServerRunner { private SecureBankService _bankService; public synchronized void start() throws Exception { if (_bankService == null) { _bankService = new SecureBankService(); _bankService.start(); } } public synchronized void stop() { if (_bankService != null) { try { _bankService.dispose(); } finally { _bankService = null; } } } public BankService getBankService() { return _bankService; } public static void main(String[] args) { try { BankServerRunner server = new BankServerRunner(); server.start(); server.stop(); } catch (Exception e) { e.printStackTrace(); } } }
BankService,银行服务接口
package org.apache.shiro.samples.aspectj.bank; import java.util.Date; public interface BankService { public long[] searchAccountIdsByOwner(String anOwnerName); public long createNewAccount(String anOwnerName); public double getBalanceOf(long anAccountId) throws AccountNotFoundException; public String getOwnerOf(long anAccountId) throws AccountNotFoundException; public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException; public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException; public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException; public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException; public boolean isAccountActive(long anAccountId) throws AccountNotFoundException; public static class TxLog { private Date _creationDate; private double _amount; private String _madeBy; public TxLog(Date aCreationDate, double aAmount, String aMadeBy) { super(); _creationDate = aCreationDate; _amount = aAmount; _madeBy = aMadeBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /** * Returns the amount attribute. * * @return The amount value. */ public double getAmount() { return _amount; } /** * Returns the madeBy attribute. * * @return The madeBy value. */ public String getMadeBy() { return _madeBy; } } }
BankServiceException,银行服务异常
package org.apache.shiro.samples.aspectj.bank; public class BankServiceException extends Exception { public BankServiceException(String aMessage) { super(aMessage); } public BankServiceException(String aMessage, Throwable aCause) { super(aMessage, aCause); } }
InactiveAccountException,存入账户异常
package org.apache.shiro.samples.aspectj.bank; public class InactiveAccountException extends BankServiceException { public InactiveAccountException(String aMessage) { super(aMessage); } }
NotEnoughFundsException,账户不足异常
package org.apache.shiro.samples.aspectj.bank; public class NotEnoughFundsException extends BankServiceException { public NotEnoughFundsException(String aMessage) { super(aMessage); } }
SecureBankService,安全银行的服务类,处理各种银行的业务
package org.apache.shiro.samples.aspectj.bank; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.samples.aspectj.bank.AccountTransaction.TransactionType; import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; public class SecureBankService implements BankService { private static final Logger log = LoggerFactory.getLogger(SecureBankService.class); private volatile boolean _isRunning; private final List<Account> _accounts; private Map<Long, Account> _accountsById; /** * Creates a new {@link SecureBankService} instance. */ public SecureBankService() { _accounts = new ArrayList<Account>(); _accountsById = new HashMap<Long, Account>(); } /** * Starts this service */ public void start() throws Exception { _isRunning = true; log.info("银行服务开始..."); } /** * Stop this service */ public void dispose() { log.info("银行服务停止..."); _isRunning = false; synchronized (_accounts) { _accountsById.clear(); _accounts.clear(); } log.info("银行服务停止!"); } /** * Internal utility method that validate the internal state of this service. */ protected void assertServiceState() { if (!_isRunning) { throw new IllegalStateException("银行的服务没有开始"); } } public int getAccountCount() { return _accounts.size(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#createNewAccount(java.lang.String) */ @RequiresPermissions("bankAccount:create") public long createNewAccount(String anOwnerName) { assertServiceState(); log.info("创建新的账户给 " + anOwnerName); synchronized (_accounts) { Account account = new Account(anOwnerName); account.setCreatedBy(getCurrentUsername()); _accounts.add(account); _accountsById.put(account.getId(), account); log.debug("创建新的账户: " + account); return account.getId(); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#searchAccountIdsByOwner(java.lang.String) */ public long[] searchAccountIdsByOwner(String anOwnerName) { assertServiceState(); log.info("查找已经存在的银行账户为 " + anOwnerName); ArrayList<Account> matchAccounts = new ArrayList<Account>(); synchronized (_accounts) { for (Account a : _accounts) { if (a.getOwnerName().toLowerCase().contains(anOwnerName.toLowerCase())) { matchAccounts.add(a); } } } long[] accountIds = new long[matchAccounts.size()]; int index = 0; for (Account a : matchAccounts) { accountIds[index++] = a.getId(); } log.debug("找到 " + accountIds.length + " 相匹配的账户的名称 " + anOwnerName); return accountIds; } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getOwnerOf(long) */ @RequiresPermissions("bankAccount:read") public String getOwnerOf(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获得银行账户的所有者 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.getOwnerName(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getBalanceOf(long) */ @RequiresPermissions("bankAccount:read") public double getBalanceOf(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("得到账户的余额 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.getBalance(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#depositInto(long, double) */ @RequiresPermissions("bankAccount:operate") public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException { assertServiceState(); log.info("存钱到 " + anAmount + " 这个账户 " + anAccountId); try { Account a = safellyRetrieveAccountForId(anAccountId); AccountTransaction tx = AccountTransaction.createDepositTx(anAccountId, anAmount); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); log.debug("新的账户余额 " + a.getId() + " 存款后 " + a.getBalance()); return a.getBalance(); } catch (NotEnoughFundsException nefe) { throw new IllegalStateException("应该从未发生过", nefe); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#withdrawFrom(long, double) */ @RequiresPermissions("bankAccount:operate") public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException { assertServiceState(); log.info("取款 " + anAmount + " 从账户 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); AccountTransaction tx = AccountTransaction.createWithdrawalTx(anAccountId, anAmount); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); log.debug("新的账户余额 " + a.getId() + " 取款后 " + a.getBalance()); return a.getBalance(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getTxHistoryFor(long) */ @RequiresPermissions("bankAccount:read") public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获取账户交易 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); TxLog[] txs = new TxLog[a.getTransactions().size()]; int index = 0; for (AccountTransaction tx : a.getTransactions()) { log.debug("查过交易 " + tx); if (TransactionType.DEPOSIT == tx.getType()) { txs[index++] = new TxLog(tx.getCreationDate(), tx.getAmount(), tx.getCreatedBy()); } else { txs[index++] = new TxLog(tx.getCreationDate(), -1.0d * tx.getAmount(), tx.getCreatedBy()); } } return txs; } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#closeAccount(long) */ @RequiresPermissions("bankAccount:close") public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException { assertServiceState(); log.info("截止账户 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); if (!a.isActive()) { throw new InactiveAccountException("这个账户 " + anAccountId + " 已经关闭"); } try { AccountTransaction tx = AccountTransaction.createWithdrawalTx(a.getId(), a.getBalance()); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); a.setActive(false); log.debug("账户 " + a.getId() + " 现在是关闭的 " + tx.getAmount() + " 针对这个业主"); return tx.getAmount(); } catch (NotEnoughFundsException nefe) { throw new IllegalStateException("应该从来不发生", nefe); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#isAccountActive(long) */ @RequiresPermissions("bankAccount:read") public boolean isAccountActive(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获取账户的活动状态 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.isActive(); } /** * Internal method that safelly (concurrency-wise) retrieves an account from the id passed in. * * @param anAccountId The identifier of the account to retrieve. * @return The account instance retrieved. * @throws AccountNotFoundException If no account is found for the provided identifier. */ protected Account safellyRetrieveAccountForId(long anAccountId) throws AccountNotFoundException { Account account = null; synchronized (_accounts) { account = _accountsById.get(anAccountId); } if (account == null) { throw new AccountNotFoundException("没有找到ID为 " + anAccountId + " 的账户"); } log.info("检查账户 " + account); return account; } /** * Internal utility method to retrieve the username of the current authenticated user. * * @return The name. */ protected String getCurrentUsername() { Subject subject = SecurityUtils.getSubject(); if (subject == null || subject.getPrincipal() == null || !subject.isAuthenticated()) { throw new IllegalStateException("无法检索当前验证的主题"); } return SecurityUtils.getSubject().getPrincipal().toString(); } }
在配置文件中配置了三组账户
[users] root = secret, admin sally = 1234, superviser dan = 123, user
用户 root 密码secret 角色admin
用户 sally 密码1234 角色superviser
用户 dan密码123 角色user
角色信息包括
[roles] admin = bankAccount:* superviser = bankAccount:create, bankAccount:read bankAccount:close user = bankAccount:create, bankAccount:read, bankAccount:operate
包括种种操作的权限分配
使用junit测试
@BeforeClass public static void setUpClass() throws Exception { BasicConfigurator.resetConfiguration(); BasicConfigurator.configure(); logger = Logger.getLogger(SecureBankServiceTest.class.getSimpleName()); Factory<SecurityManager> factory = new IniSecurityManagerFactory( "classpath:shiroBankServiceTest.ini"); SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); service = new SecureBankService(); service.start(); }
加载对应的ini中的信息,在每次运行之前
登录用户的操作方法
// 作为用户登录,不能关闭账户 protected void loginAsUser() { if (_subject == null) { _subject = SecurityUtils.getSubject(); } // use dan to run as a normal user (which cannot close an account) _subject.login(new UsernamePasswordToken("dan", "123")); } // 作为超级用户登录,不能操作账户 protected void loginAsSuperviser() { if (_subject == null) { _subject = SecurityUtils.getSubject(); } // use sally to run as a superviser (which cannot operate an account) _subject.login(new UsernamePasswordToken("sally", "1234")); }
给张三创建账户,并且检查账户的情况
@Test public void testCreateAccount() throws Exception { loginAsUser(); createAndValidateAccountFor("张三"); } protected long createAndValidateAccountFor(String anOwner) throws Exception { long createdId = service.createNewAccount(anOwner); assertAccount(anOwner, true, 0.0d, 0, createdId); return createdId; } public static void assertAccount(String eOwnerName, boolean eIsActive, double eBalance, int eTxLogCount, long actualAccountId) throws Exception { Assert.assertEquals(eOwnerName, service.getOwnerOf(actualAccountId)); Assert.assertEquals(eIsActive, service.isAccountActive(actualAccountId)); Assert.assertEquals(eBalance, service.getBalanceOf(actualAccountId)); Assert.assertEquals(eTxLogCount, service.getTxHistoryFor(actualAccountId).length); }
看打印出来的信息
1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 62 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 122 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 123 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 132 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 张三 203 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71] 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71] 206 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 206 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [66208001-e91d-4625-938f-1b1c08b2645c] 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
创建张三的用户信息并且检查张三的账户的情况。
第二个测试
创建账户李四并且存入250到账户里,用户有创建和操作的权限,所以可以操作
@Test public void testDepositInto_singleTx() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("李四"); makeDepositAndValidateAccount(accountId, 250.00d, "李四"); }
protected double makeDepositAndValidateAccount(long anAccountId, double anAmount, String eOwnerName) throws Exception { double previousBalance = service.getBalanceOf(anAccountId); int previousTxCount = service.getTxHistoryFor(anAccountId).length; double newBalance = service.depositInto(anAccountId, anAmount); Assert.assertEquals(previousBalance + anAmount, newBalance); assertAccount(eOwnerName, true, newBalance, 1 + previousTxCount, anAccountId); return newBalance; }
运行后的结果
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 56 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 59 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 115 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 171 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 李四 188 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 250.0 这个账户 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013] 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 250.0 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991] 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013] 196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 197 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [3b53dc16-67d5-4730-ae8a-872d113c7546] 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
创建账户王五并且存入多笔款项
@Test public void testDepositInto_multiTxs() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("王五"); makeDepositAndValidateAccount(accountId, 50.00d, "王五"); makeDepositAndValidateAccount(accountId, 300.00d, "王五"); makeDepositAndValidateAccount(accountId, 85.00d, "王五"); assertAccount("王五", true, 435.00d, 3, accountId); }
一共存入三笔,最后得到的数据的总和为435
看日志打出来的信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 49 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 62 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 129 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 王五 204 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 300.0 这个账户 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741] 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 350.0 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 85.0 这个账户 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 435.0 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742] 214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1d66c2ec-a668-478a-8f30-e3c65f80a16d] 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
创建账户贾六并且取款,因为账户为空所以会抛出异常
@Test(expected = NotEnoughFundsException.class) public void testWithdrawFrom_emptyAccount() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("贾六"); service.withdrawFrom(accountId, 100.00d); }
看执行的结果
1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 15 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 60 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 63 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 128 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 128 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 129 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 130 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 132 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 145 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 贾六 205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029] 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 20:56:05.047] 210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [05f3559d-d0c4-458c-a220-31389550576f] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
得到期望的NotEnoughFundsException,运行通过
然后创建账户周七,先存入50,然后取100,结果得到的与面相同,余额不足异常
@Test(expected = NotEnoughFundsException.class) public void testWithdrawFrom_notEnoughFunds() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("周七"); makeDepositAndValidateAccount(accountId, 50.00d, "周七"); service.withdrawFrom(accountId, 100.00d); }
看打印出的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 61 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 131 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 179 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 周七 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955] 200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0 200 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936] 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:01:30.956] 202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [a85a89c7-a805-4086-bd5b-109a0d54086c] 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
再测试先存后取,先存入500,后取100,最后得到的结果为400
@Test public void testWithdrawFrom_singleTx() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("国八"); makeDepositAndValidateAccount(accountId, 500.00d, "国八"); makeWithdrawalAndValidateAccount(accountId, 100.00d, "国八"); assertAccount("国八", true, 400.00d, 2, accountId); }
看打印出的结果
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 11 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 59 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 116 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 国八 185 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103] 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104] 193 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 193 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [192dddd6-7090-435c-bb65-b3b64a73d667] 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
存入一笔取多笔
@Test public void testWithdrawFrom_manyTxs() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Zoe Smith"); makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 100.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 75.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 125.00d, "Zoe Smith"); assertAccount("Zoe Smith", true, 200.00d, 4, accountId); }
查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 53 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 57 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 72 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 76 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 133 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 134 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 135 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 143 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith 205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 75.0 从账户 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339] 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 325.0 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339] 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 125.0 从账户 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 200.0 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339] 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341] 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 221 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312] 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337] 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338] 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339] 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341] 221 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 221 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1ecbe8f2-f2f5-468b-af2b-d82d6b1267fa] 223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
存多少取多少
@Test public void testWithdrawFrom_upToZero() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Zoe Smith"); makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 500.00d, "Zoe Smith"); assertAccount("Zoe Smith", true, 0.00d, 2, accountId); }
查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 58 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 114 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 115 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 116 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 125 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith 186 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 500.0 从账户 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 0.0 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804] 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806] 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783] 194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804] 194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806] 194 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 195 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [12aeb47c-f3c1-46c1-baec-78da03762422] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
关闭账户余额为0的账户,普通用户没有权限,所以需要转到另外一个角色的账户进行操作
@Test public void testCloseAccount_zeroBalance() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Chris Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(0.00d, closingBalance); assertAccount("Chris Smith", false, 0.00d, 1, accountId); }
查看打印出来的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 14 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 61 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 63 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 123 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 124 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 133 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith 207 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [c4adc0a6-987c-4c94-ad38-d13f683c7f1d] 211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 211 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally] 211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 211 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516] 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496] 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516] 214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally 214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [f0988257-3441-489a-859c-538043ead6e3] 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
创建用户并且存入350,然后对这个用户进行关闭操作
@Test public void testCloseAccount_withBalance() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Gerry Smith"); makeDepositAndValidateAccount(accountId, 385.00d, "Gerry Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(385.00d, closingBalance); assertAccount("Gerry Smith", false, 0.00d, 2, accountId); }
查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 58 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 61 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 118 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 118 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 119 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 128 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 173 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Gerry Smith 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 385.0 这个账户 1 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672] 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 385.0 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672] 196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 196 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [b2e689a3-cd4a-4785-962b-0df77758533b] 197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 197 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally] 197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 197 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674] 197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 385.0 针对这个业主 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652] 198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672] 198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674] 198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally 198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [6ffa0d67-7510-4205-9fa8-01b6bb9793f5] 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
创建用户并且关闭正活动的账户
@Test(expected = InactiveAccountException.class) public void testCloseAccount_alreadyClosed() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Chris Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(0.00d, closingBalance); assertAccount("Chris Smith", false, 0.00d, 1, accountId); service.closeAccount(accountId); }
查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini] 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users] 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles] 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles] 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing... 47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing... 57 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始... 60 [main] INFO SecureBankServiceTest - ######################### ### 开始测试用例 1 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 117 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan] 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 119 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance. 120 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler... 127 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 178 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan 198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [8ff8f7c8-5d03-4e4f-b47d-0414cd43111d] 198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 199 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally] 199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 199 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777] 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777] 202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1 202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755] 202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally 202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [53286615-5b71-4642-b3e8-916fb77fba60] 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止... 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!
其中判断权限使用的是annocation的方式
@RequiresPermissions("bankAccount:create") 是否有用户创建权限
@RequiresPermissions("bankAccount:read") 读权限
@RequiresPermissions("bankAccount:operate") 操作权限
@RequiresPermissions("bankAccount:close") 关闭权限
根据以上几个标签就可以得到对应的权限信息
我们首先了解下什么是shiro ,Shiro 是 JAVA 世界中新近出现的权限框架,较之 JAAS 和 Spring Security,Shiro 在保持强大功能的同时,还在简单性和灵活性方面拥有巨大优势 Shiro 是一个强大而灵活的开源安全框架,能够非常清晰的处理认证、授权、管理会话以及密码加密。如下是它所具有的特点:
易于理解的 Java Security API;
简单的身份认证(登录),支持多种数据源(LDAP,JDBC,Kerberos,ActiveDirectory 等);
对角色的简单的签权(访问控制),支持细粒度的签权;
支持一级缓存,以提升应用程序的性能;
内置的基于 POJO 企业会话管理,适用于 Web 以及非 Web 的环境;
异构客户端会话访问;
非常简单的加密 API;
不跟任何的框架或者容器捆绑,可以独立运行。
Shiro 主要有四个组件
SecurityManager典型的 Facade,Shiro 通过它对外提供安全管理的各种服务。
Authenticator对“Who are you ?”进行核实。通常涉及用户名和密码。这 个组件负责收集 principals 和 credentials,并将它们提交给应用系统。如果提交的 credentials 跟应用系统中提供的 credentials 吻合,就能够继续访问,否则需要重新提交 principals 和 credentials,或者直接终止访问。
Authorizer身 份份验证通过后,由这个组件对登录人员进行访问控制的筛查,比如“who can do what”, 或者“who can do which actions”。Shiro 采用“基于 Realm”的方法,即用户(又称 Subject)、用户组、角色和 permission 的聚合体。
Session Manager这个组件保证了异构客户端的访问,配置简单。它是基于 POJO/J2SE 的,不跟任何的客户端或者协议绑定。
Shiro 的认证和签权可以通过 JDBC、LDAP 或者 Active Directory 来访问数据库、目录服务器或者 Active Directory 中的人员以及认证 / 签权信息。SessionManager 通过会话 DAO 可以将会话保存在 cache 中,或者固化到数据库或文件系统中。 简介apache shiro 是一个功能强大和易于使用的Java安全框架,为开发人员提供一个直观而全面的的解决方案的认证,授权,加密,会话管理。在实际应用中,它实现了应用程序的安全管理的各个方面。 shiro的功能 apache shiro能做什么?支持认证跨一个或多个数据源(LDAP,JDBC,kerberos身份等)执行授权,基于角色的细粒度的权限控制。增强的缓存的支持。支持web或者非web环境,可以在任何单点登录(SSO)或集群分布式会话中使用。主要功能是:认证,授权,会话管理和加密。下载并且使用1,确保系统内安装JDK1.5+和maven2.2+。2,到shiro主页下载shiro.3,解压缩unzip shiro-root-1.1.0-source-release.zip4,进入到quickstart目录cd shiro-root-1.1.0mples/quickstart5,运行quickstartmvn compile exec:java执行完成如下图:Quickstart.java
// get the currently executing user: Subject currentUser = SecurityUtils.getSubject();使用SecurityUtils.getSubject(),我们可以得到当前正在执行的主题。得到主题之后,你可以得到他对应的会话信息
// Do some stuff with a Session (no need for a web or EJB container!!!) Session session = currentUser.getSession(); session.setAttribute("someKey", "aValue"); String value = (String) session.getAttribute("someKey"); if (value.equals("aValue")) { log.info("Retrieved the correct value! [" + value + "]"); }你可以得到http的session信息,也可以在非web环境中使用,得到相对应的会话信息。如果在web应用程序中部署应用,默认情况下,应用将以HttpSession为基础。在企业级应用中,你在多个应用中可以使用相同的API,无论部署环境。而且使用任何客户端技术你都可以共享会话数据。接下来判断登录信息
// let's login the current user so we can check against roles and permissions: if (!currentUser.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa"); token.setRememberMe(true); try { currentUser.login(token); } catch (UnknownAccountException uae) { log.info("There is no user with username of " + token.getPrincipal()); } catch (IncorrectCredentialsException ice) { log.info("Password for account " + token.getPrincipal() + " was incorrect!"); } catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it."); } // ... catch more exceptions here (maybe custom ones specific to your application? catch (AuthenticationException ae) { //unexpected condition? error? } }如果正确可以向下执行,如果不正确,就会对不同的业务进行处理。比如用户名不正确,密码不正确,用户被锁定的异常,当然也可以使用自定义抛出的异常。如果登录成功,那么下一步可以做什么呢?提示当前用户:
/y who they are: //print their identifying principal (in this case, a username): log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");接着测试是否还有其它角色
//test a role: if (currentUser.hasRole("schwartz")) { log.info("May the Schwartz be with you!"); } else { log.info("Hello, mere mortal."); }接着测试是否有特定的权限
//test a typed permission (not instance-level) if (currentUser.isPermitted("lightsaber:weild")) { log.info("You may use a lightsaber ring. Use it wisely."); } else { log.info("Sorry, lightsaber rings are for schwartz masters only."); }接着验证一个非常强大的实例级权限
//a (very powerful) Instance Level permission: if (currentUser.isPermitted("winnebago:drive:eagle5")) { log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " + "Here are the keys - have fun!"); } else { log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!"); }最后是使用程序注销:
//all done - log out! currentUser.logout();认证就是用户确认身份的过程,确认登录的用户身份能够操作的内容。使用shiro认证分为以下几个步骤:1,得到主体的认证和凭据。
view sourceprint?
// let's login the current user so we can check against roles and permissions:
if(!currentUser.isAuthenticated()) {
UsernamePasswordToken token =newUsernamePasswordToken("lonestarr","vespa");
token.setRememberMe(true);
2,提交认证和凭据给身份验证系统。
view sourceprint?
Subject currentUser = SecurityUtils.getSubject();
currentUser.login(token);
3,判断是否允许访问,重试认证或者阻止访问。
view sourceprint?
try{
currentUser.login(token);
}catch(UnknownAccountException uae) {
log.info("There is no user with username of "+ token.getPrincipal());
}catch(IncorrectCredentialsException ice) {
log.info("Password for account "+ token.getPrincipal() +" was incorrect!");
}catch(LockedAccountException lae) {
log.info("The account for username "+ token.getPrincipal() +" is locked. "+
"Please contact your administrator to unlock it.");
}
// ... catch more exceptions here (maybe custom ones specific to your application?
catch(AuthenticationException ae) {
//unexpected condition? error?
}
其中Remember Me的功能包括两个方法,一个是isRememberedbooleanisRemembered()非匿名登录的用户可以记住上次使用的主题的信息。isAuthenticatedbooleanisAuthenticated()在此期间需要使用有效的凭据登录系统,否则值为false. 授权操作授权的例子就是是否可以访问某个页面,可以操作某个按钮,是否可以编缉对应的数据等。如何在shiro中使用授权1,使用编程方式判断是否有管理员角色
view sourceprint?
if(currentUser.hasRole("admin")) {
判断用户是否有打印的权限
view sourceprint?
Permission printPermission =newPrinterPermission(“laserjet3000n”,“print”);
If (currentUser.isPermitted(printPermission)) {//doone thing (show the print button?)}else{//don’t show the button?}也可以使用字符串的方式验证
view sourceprint?
String perm = “printer:print:laserjet4400n”;
if(currentUser.isPermitted(perm)){
//show the print button?
}else{
//don’t show the button?
}
2,使用注释方式 判断用户是否有 创建账户权限
view sourceprint?
//Will throw an AuthorizationException if none
//of the caller’s roles imply the Account
//'create' permission\u000B
@RequiresPermissions(“account:create”)
publicvoidopenAccount( Account acct ) {
//create the account
}
判断用户角色,如果符合角色,可以使用对应方法
view sourceprint?
//Throws an AuthorizationException if the caller
//doesn’t have the ‘teller’ role:
@RequiresRoles( “teller” )
publicvoidopenAccount( Account acct ) {
//do something in here that only a teller
//should do
}
3,使用jsp taglib 判断用户是否有管理权限
view sourceprint?
<%@ taglib prefix=“shiro” uri=http://shiro.apache.org/tags %>
<html>
<body>
<shiro:hasPermission name=“users:manage”>
<a href=“manageUsers.jsp”>
Click here to manage users
</a>
</shiro:hasPermission>
<shiro:lacksPermission name=“users:manage”>
No user managementforyou!
</shiro:lacksPermission>
</body>
<ml>
从高的级别来看shiro:看一下官方的图应用程序调用subject(主题),主题可以是一个用户也可以是与系统交互的另一个系统,主题绑定shiro的权限管 理,SecurityManager(安全管理),它控制与有与主题相关的安全操作。Realm(桥梁)它是安全与数据之间的桥,它封装了比如DAO的配 置信息,可以指定连接的数据源,也可使用其它的认证方式,如LDAP等。然后看一下详细的架构图:Subject (org.apache.shiro.subject.Subject)主题:与系统交互的第三方如(用户,cron服务,第三方应用)等。SecurityManager (org.apache.shiro.mgt.SecurityManager)shiro系统的核心,协调主题使用的操作,验证,配置等。Authenticator (org.apache.shiro.authc.Authenticator)身份验证组件,对企图登录系统的用户进行身份的验证。其中包含一个Authentication Strategy (org.apache.shiro.authc.pam.AuthenticationStrategy)组件。配置验证成功与失败的条件。Authorizer (org.apache.shiro.authz.Authorizer)授权组件,指用户访问特定应用程序的机制。SessionManager (org.apache.shiro.session.mgt.SessionManager)管理会话如何创建生命周期。其中包括的sessiondao是管理会议数据的持久操作:SessionDAO (org.apache.shiro.session.mgt.eis.SessionDAO),代表执行sessionManager的CRUD操作。CacheManager (org.apache.shiro.cache.CacheManager)缓存管理模块。Cryptography (org.apache.shiro.crypto.*)加密模块。Realms (org.apache.shiro.realm.Realm)多种方式处理的桥梁。 多种配置方式:与spring,jboss,guice等进行配置。1,编程方式配置例如:
view sourceprint?
Realm realm =//instantiate or acquire a Realm instance. We'll discuss Realms later.
SecurityManager securityManager =newDefaultSecurityManager(realm);
//Make the SecurityManager instance available to the entire application via static memory:
SecurityUtils.setSecurityManager(securityManager);
2,sessionManager对象图如果你想使用sessionManager配置自定义的sessionDao信息,进行自定义会话管理
view sourceprint?
...
DefaultSecurityManager securityManager =newDefaultSecurityManager(realm);
SessionDAO sessionDAO =newCustomSessionDAO();
((DefaultSessionManager)securityManager.getSessionManager()).setSessionDAO(sessionDAO);
...
3,INI配置1) 创建一个INI从SecurityManager可以从多种方式读取INI配置文件的信息,如文件系统,类路径等
view sourceprint?
importorg.apache.shiro.SecurityUtils;
importorg.apache.shiro.util.Factory;
importorg.apache.shiro.mgt.SecurityManager;
importorg.apache.shiro.config.IniSecurityManagerFactory;
...
Factory<SecurityManager> factory =newIniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
2) 通过Ini实例读取类似于Properties的方式
view sourceprint?
importorg.apache.shiro.SecurityUtils;
importorg.apache.shiro.util.Factory;
importorg.apache.shiro.mgt.SecurityManager;
importorg.apache.shiro.config.Ini;
importorg.apache.shiro.config.IniSecurityManagerFactory;
...
Ini ini =newIni();
//populate the Ini instance as necessary
...
Factory<SecurityManager> factory =newIniSecurityManagerFactory(ini);
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
加载之后就可以操作INI的配置了。4,INI配置每一个节点都是单独的,不可以重复,注释可以使用#或者;配置示例
view sourceprint?
# =======================
# Shiro INI configuration
# =======================
[main]
# Objects and their properties are defined here,
# Such as the securityManager, Realms and anything
#elseneeded to build the SecurityManager
[users]
# The'users'section isforsimple deployments
# when you only need a small number of statically-defined
# set of User accounts.
[roles]
# The'roles'section isforsimple deployments
# when you only need a small number of statically-defined
# roles.
[urls]
# The'urls'section is usedforurl-based security
# in web applications. We'll discussthissection in the
# Web documentation
1) [main]配置sessionManager的实例和它的依赖。配置示例
view sourceprint?
[main]
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
myRealm = com.company.security.shiro.DatabaseRealm
myRealm.connectionTimeout =30000
myRealm.username = jsmith
myRealm.password = secret
myRealm.credentialsMatcher = $sha256Matcher
securityManager.sessionManager.globalSessionTimeout =1800000
定义一个对象
view sourceprint?
[main]
myRealm = com.company.shiro.realm.MyRealm
...
简单的属性设置
view sourceprint?
...
myRealm.connectionTimeout =30000
myRealm.username = jsmith
...
配置信息将转入到对应的set方法中
view sourceprint?
...
myRealm.setConnectionTimeout(30000);
myRealm.setUsername("jsmith");
...
参考值你可以使用$符号引用先前定义的一个对象的实例
view sourceprint?
...
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
...
myRealm.credentialsMatcher = $sha256Matcher
...
嵌套属性
view sourceprint?
...
securityManager.sessionManager.globalSessionTimeout =1800000
...
将被注入到下面的程序中
view sourceprint?
securityManager.getSessionManager().setGlobalSessionTimeout(1800000);
引用其它的属性
view sourceprint?
sessionListener1 = com.company.my.SessionListenerImplementation
...
sessionListener2 = com.company.my.other.SessionListenerImplementation
...
securityManager.sessionManager.sessionListeners = $sessionListener1, $sessionListener2
以键值的配置方式
view sourceprint?
object1 = com.company.some.Class
object2 = com.company.another.Class
...
anObject = some.class.with.a.Map.property
anObject.mapProperty = key1:$object1, key2:$object2
2) [users]在用户比较少的情况下这种配置信息是有效的
view sourceprint?
[users]
admin = secret
lonestarr = vespa, goodguy, schwartz
darkhelmet = ludicrousspeed, badguy, schwartz
3) [roles]如果角色信息比较少的情况下可以使用这项配置
view sourceprint?
[roles]
#'admin'role has all permissions, indicated by the wildcard'*'
admin = *
# The'schwartz'role candoanything (*) with any lightsaber:
schwartz = lightsaber:*
# The'goodguy'role is allowed to'drive'(action) the winnebago (type) with
# license plate'eagle5'(instance specific id)
goodguy = winnebago:drive:eagle5
4) [urls]配置url等可访问的资源信息。shiro(3)-shiro核心
身份认证身份认证分三个步骤1)提交主题和凭据2)进行身份认证3)判断是通过,重新提交还是不通过验证顺序1)调用subject的login方法,提交主体和凭据。2)得到对应操作的Security Manager3)通过Sceurity Manager得到对应的Autherticator实例4)根据配置策略查找对应的桥信息5)通过桥信息到对应的配置处理进行身份验证验证器如果你想配置一个自定义的验证器可以在配置文件中使用
[main]...authenticator = com.foo.bar.CustomAuthenticatorsecurityManager.authenticator = $authenticator配置策略信息AtLeastOneSuccessfulStrategy 如果一个验证成功,则验证结果为成功FirstSuccessfulStrategy 只有第一个成功,才算成功AllSuccessfulStrategy 所有的都必须成功对应的在配置文件中的策略使用如下
shiro.ini[main]...authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategysecurityManager.authenticator.authenticationStrategy = $authcStrategy...执行顺序1)隐式顺序
blahRealm = com.company.blah.Realm...fooRealm = com.company.foo.Realm...barRealm = com.company.another.Realm按上下顺序执行2)指定顺序
blahRealm = com.company.blah.Realm...fooRealm = com.company.foo.Realm...barRealm = com.company.another.RealmsecurityManager.realms = $fooRealm, $barRealm, $blahRealm...按指定的顺序执行授权控制谁有权限访问应用程序授权的几个要素:权限,角色和用户。三种权限的判断方式1)编程角色判断
Subject currentUser = SecurityUtils.getSubject();if (currentUser.hasRole("administrator")) { //show the admin button} else { //don't show the button? Grey it out?}hasRole(String roleName) 主题是否已分配给指定的角色hasRoles(List<String> roleNames) 是否包含指定的角色hasAllRoles(Collection<String> roleNames) 是否包含指定的所有角色角色断言
Subject currentUser = SecurityUtils.getSubject();//guarantee that the current user is a bank teller and//therefore allowed to open the account:currentUser.checkRole("bankTeller");openBankAccount();checkRole(String roleName) 断言是否是指定角色checkRoles(Collection<String> roleNames) 断言是否包含以下角色checkRoles(String... roleNames) 断言是否包含所有角色如果判断指定用户是否有权限访问指定名称的打印机那么就会用到下列几个方法
Permission printPermission = new PrinterPermission("laserjet4400n", "print");Subject currentUser = SecurityUtils.getSubject();if (currentUser.isPermitted(printPermission)) { //show the Print button} else { //don't show the button? Grey it out?}isPermitted(Permission p) 判断主题是否允许执行一个动作isPermitted(List<Permission> perms) 是否允许执行一组动作isPermittedAll(Collection<Permission> perms) 是否允许执行所有动作基于字符串的权限检查
Subject currentUser = SecurityUtils.getSubject();if (currentUser.isPermitted("printer:print:laserjet4400n")) { //show the Print button} else { //don't show the button? Grey it out?}也可以如下使用
Subject currentUser = SecurityUtils.getSubject();Permission p = new WildcardPermission("printer:print:laserjet4400n");if (currentUser.isPermitted(p) { //show the Print button} else { //don't show the button? Grey it out?}权限断言类似于角色断言。2)annocation方式TheRequiresAuthenticationannotation
@RequiresAuthenticationpublic void updateAccount(Account userAccount) { //this method will only be invoked by a //Subject that is guaranteed authenticated ...}等同于下述代码
public void updateAccount(Account userAccount) { if (!SecurityUtils.getSubject().isAuthenticated()) { throw new AuthorizationException(...); } //Subject is guaranteed authenticated here ...}TheRequiresGuestannotation
@RequiresGuestpublic void signUp(User newUser) { //this method will only be invoked by a //Subject that is unknown/anonymous ...}等同于
public void signUp(User newUser) { Subject currentUser = SecurityUtils.getSubject(); PrincipalCollection principals = currentUser.getPrincipals(); if (principals != null && !principals.isEmpty()) { /own identity - not a guest: throw new AuthorizationException(...); } //Subject is guaranteed to be a 'guest' here ...}TheRequiresPermissionsannotation
@RequiresPermissions("account:create")public void createAccount(Account account) { //this method will only be invoked by a Subject //that is permitted to create an account ...}等同于
public void createAccount(Account account) { Subject currentUser = SecurityUtils.getSubject(); if (!subject.isPermitted("account:create")) { throw new AuthorizationException(...); } //Subject is guaranteed to be permitted here ...}TheRequiresRolespermission
@RequiresRoles("administrator")public void deleteUser(User user) { //this method will only be invoked by an administrator ...}等同于
public void deleteUser(User user) { Subject currentUser = SecurityUtils.getSubject(); if (!subject.hasRole("administrator")) { throw new AuthorizationException(...); } //Subject is guaranteed to be an 'administrator' here ...}TheRequiresUserannotation
@RequiresUserpublic void updateAccount(Account account) { //this method will only be invoked by a 'user' //i.e. a Subject with a known identity ...}等同于
public void updateAccount(Account account) { Subject currentUser = SecurityUtils.getSubject(); PrincipalCollection principals = currentUser.getPrincipals(); if (principals == null || principals.isEmpty()) { / identity - they're anonymous, not allowed: throw new AuthorizationException(...); } //Subject is guaranteed to have a known identity here ...}授权顺序1)应用程序调用主题,判断hasRole,isPermitted得到角色或者用户权限的列表。2)组成对应的授权方法3)协调如何授权4)通过桥进行各种方式的授权 web应用配置web.xml
<listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener<stener-class><stener>...<filter> <filter-name>ShiroFilter</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class></filter><filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern></filter-mapping>如果你愿意你可以自定义一个web应用
<context-param> <param-name>shiroEnvironmentClass</param-name> <param-value>com.foo.bar.shiro.MyWebEnvironment</param-value></context-param>如果你想改变shiro.ini的位置,那么你可以指定
<context-param> <param-name>shiroConfigLocations</param-name> <param-value>YOUR_RESOURCE_LOCATION_HERE</param-value></context-param>shiro.ini中的[urls]配置例如:
...[urls]/index.html = anon/user/create = anon/user/** = authc/admin/** = authc, roles[administrator]/rest/** = authc, rest/remoting/rpc/** = authc, perms["remote:invoke"]假如你有如下设置
/account/** = ssl, authc/account下的任何应用程序都将触动ssl和authc链在官方的示例中,有一个aspectj的示例,这个是一个银行的示例,简单的做了一下修改,演示一下其中几个方法的使用过程。看以下几个类,包括账户信息,转账信息,以及一些异常处理程序,还包括一个业务操作类Account账户信息类
import org.apache.commons.lang.builder.ToStringBuilder;import org.apache.commons.lang.builder.ToStringStyle;import java.sql.Timestamp;import java.util.ArrayList;import java.util.Date;import java.util.List;public class Account { private static long _SEQUENCE; private long _id; private String _ownerName; private volatile boolean _isActive; private double _balance; private final List<AccountTransaction> _transactions; private String _createdBy; private Date _creationDate; public Account(String anOwnerName) { _id = ++_SEQUENCE; _ownerName = anOwnerName; _isActive = true; _balance = 0.0d; _transactions = new ArrayList<AccountTransaction>(); _createdBy = "unknown"; _creationDate = new Date(); } /** * Returns the id attribute. * * @return The id value. */ public long getId() { return _id; } /** * Returns the ownerName attribute. * * @return The ownerName value. */ public String getOwnerName() { return _ownerName; } /** * Returns the isActive attribute. * * @return The isActive value. */ public boolean isActive() { return _isActive; } /** * Changes the value of the attributes isActive. * * @param aIsActive The new value of the isActive attribute. */ public void setActive(boolean aIsActive) { _isActive = aIsActive; } /** * Changes the value of the attributes ownerName. * * @param aOwnerName The new value of the ownerName attribute. */ public void setOwnerName(String aOwnerName) { _ownerName = aOwnerName; } /** * Returns the balance attribute. * * @return The balance value. */ public double getBalance() { return _balance; } /** * Returns the transactions attribute. * * @return The transactions value. */ public List<AccountTransaction> getTransactions() { return _transactions; } protected void applyTransaction(AccountTransaction aTransaction) throws NotEnoughFundsException, InactiveAccountException { if (!_isActive) { throw new InactiveAccountException("Unable to apply " + aTransaction.getType() + " of amount " + aTransaction.getAmount() + " to account " + _id); } synchronized (_transactions) { if (AccountTransaction.TransactionType.DEPOSIT == aTransaction.getType()) { _transactions.add(aTransaction); _balance += aTransaction.getAmount(); } else if (AccountTransaction.TransactionType.WITHDRAWAL == aTransaction.getType()) { if (_balance < aTransaction.getAmount()) { throw new NotEnoughFundsException("Unable to withdraw " + aTransaction.getAmount() + "$ from account " + _id + " - current balance is " + _balance); } _transactions.add(aTransaction); _balance -= aTransaction.getAmount(); } else { throw new IllegalArgumentException("The transaction passed in has an invalid type: " + aTransaction.getType()); } } } /** * Changes the value of the attributes createdBy. * * @param aCreatedBy The new value of the createdBy attribute. */ protected void setCreatedBy(String aCreatedBy) { _createdBy = aCreatedBy; } /** * Returns the createdBy attribute. * * @return The createdBy value. */ public String getCreatedBy() { return _createdBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /* (non-Javadoc) * @see java.lang.Object#toString() */ public String toString() { return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE). append("id", _id). append("ownerName", _ownerName). append("isActive", _isActive). append("balance", _balance). append("tx.count", _transactions.size()). append("createdBy", _createdBy). append("creationDate", new Timestamp(_creationDate.getTime())). toString(); }}AccountNotFoundException,账号不存在异常
package org.apache.shiro.samples.aspectj.bank;public class AccountNotFoundException extends BankServiceException { public AccountNotFoundException(String aMessage) { super(aMessage); }}AccountTransaction,账号转入与转出
package org.apache.shiro.samples.aspectj.bank;import org.apache.commons.lang.builder.ToStringBuilder;import org.apache.commons.lang.builder.ToStringStyle;import java.sql.Timestamp;import java.util.Date;public class AccountTransaction { private static long _SEQUENCE; public enum TransactionType { DEPOSIT, WITHDRAWAL } private long _id; private TransactionType _type; private long _accountId; private double _amount; private String _createdBy; private Date _creationDate; public static AccountTransaction createDepositTx(long anAccountId, double anAmount) { return new AccountTransaction(TransactionType.DEPOSIT, anAccountId, anAmount); } public static AccountTransaction createWithdrawalTx(long anAccountId, double anAmount) { return new AccountTransaction(TransactionType.WITHDRAWAL, anAccountId, anAmount); } private AccountTransaction(TransactionType aType, long anAccountId, double anAmount) { _id = ++_SEQUENCE; _type = aType; _accountId = anAccountId; _amount = anAmount; _createdBy = "unknown"; _creationDate = new Date(); } /** * Returns the id attribute. * * @return The id value. */ public long getId() { return _id; } /** * Returns the type attribute. * * @return The type value. */ public TransactionType getType() { return _type; } /** * Returns the accountId attribute. * * @return The accountId value. */ public long getAccountId() { return _accountId; } /** * Returns the amount attribute. * * @return The amount value. */ public double getAmount() { return _amount; } /** * Changes the value of the attributes createdBy. * * @param aCreatedBy The new value of the createdBy attribute. */ protected void setCreatedBy(String aCreatedBy) { _createdBy = aCreatedBy; } /** * Returns the createdBy attribute. * * @return The createdBy value. */ public String getCreatedBy() { return _createdBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /* (non-Javadoc) * @see java.lang.Object#toString() */ public String toString() { return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE). append("id", _id). append("type", _type). append("accountId", _accountId). append("amount", _amount). append("createdBy", _createdBy). append("creationDate", new Timestamp(_creationDate.getTime())). toString(); }}BankServerRunner,银行服务运行
package org.apache.shiro.samples.aspectj.bank;public class BankServerRunner { private SecureBankService _bankService; public synchronized void start() throws Exception { if (_bankService == null) { _bankService = new SecureBankService(); _bankService.start(); } } public synchronized void stop() { if (_bankService != null) { try { _bankService.dispose(); } finally { _bankService = null; } } } public BankService getBankService() { return _bankService; } public static void main(String[] args) { try { BankServerRunner server = new BankServerRunner(); server.start(); server.stop(); } catch (Exception e) { e.printStackTrace(); } }} BankService,银行服务接口
package org.apache.shiro.samples.aspectj.bank;import java.util.Date;public interface BankService { public long[] searchAccountIdsByOwner(String anOwnerName); public long createNewAccount(String anOwnerName); public double getBalanceOf(long anAccountId) throws AccountNotFoundException; public String getOwnerOf(long anAccountId) throws AccountNotFoundException; public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException; public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException; public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException; public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException; public boolean isAccountActive(long anAccountId) throws AccountNotFoundException; public static class TxLog { private Date _creationDate; private double _amount; private String _madeBy; public TxLog(Date aCreationDate, double aAmount, String aMadeBy) { super(); _creationDate = aCreationDate; _amount = aAmount; _madeBy = aMadeBy; } /** * Returns the creationDate attribute. * * @return The creationDate value. */ public Date getCreationDate() { return _creationDate; } /** * Returns the amount attribute. * * @return The amount value. */ public double getAmount() { return _amount; } /** * Returns the madeBy attribute. * * @return The madeBy value. */ public String getMadeBy() { return _madeBy; } }}BankServiceException,银行服务异常
package org.apache.shiro.samples.aspectj.bank;public class BankServiceException extends Exception { public BankServiceException(String aMessage) { super(aMessage); } public BankServiceException(String aMessage, Throwable aCause) { super(aMessage, aCause); }}InactiveAccountException,存入账户异常
package org.apache.shiro.samples.aspectj.bank;public class InactiveAccountException extends BankServiceException { public InactiveAccountException(String aMessage) { super(aMessage); }}NotEnoughFundsException,账户不足异常
package org.apache.shiro.samples.aspectj.bank;public class NotEnoughFundsException extends BankServiceException { public NotEnoughFundsException(String aMessage) { super(aMessage); }}SecureBankService,安全银行的服务类,处理各种银行的业务
package org.apache.shiro.samples.aspectj.bank;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authz.annotation.RequiresPermissions;import org.apache.shiro.samples.aspectj.bank.AccountTransaction.TransactionType;import org.apache.shiro.subject.Subject;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import java.util.ArrayList;import java.util.HashMap;import java.util.List;import java.util.Map;public class SecureBankService implements BankService { private static final Logger log = LoggerFactory.getLogger(SecureBankService.class); private volatile boolean _isRunning; private final List<Account> _accounts; private Map<Long, Account> _accountsById; /** * Creates a new {@link SecureBankService} instance. */ public SecureBankService() { _accounts = new ArrayList<Account>(); _accountsById = new HashMap<Long, Account>(); } /** * Starts this service */ public void start() throws Exception { _isRunning = true; log.info("银行服务开始..."); } /** * Stop this service */ public void dispose() { log.info("银行服务停止..."); _isRunning = false; synchronized (_accounts) { _accountsById.clear(); _accounts.clear(); } log.info("银行服务停止!"); } /** * Internal utility method that validate the internal state of this service. */ protected void assertServiceState() { if (!_isRunning) { throw new IllegalStateException("银行的服务没有开始"); } } public int getAccountCount() { return _accounts.size(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#createNewAccount(java.lang.String) */ @RequiresPermissions("bankAccount:create") public long createNewAccount(String anOwnerName) { assertServiceState(); log.info("创建新的账户给 " + anOwnerName); synchronized (_accounts) { Account account = new Account(anOwnerName); account.setCreatedBy(getCurrentUsername()); _accounts.add(account); _accountsById.put(account.getId(), account); log.debug("创建新的账户: " + account); return account.getId(); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#searchAccountIdsByOwner(java.lang.String) */ public long[] searchAccountIdsByOwner(String anOwnerName) { assertServiceState(); log.info("查找已经存在的银行账户为 " + anOwnerName); ArrayList<Account> matchAccounts = new ArrayList<Account>(); synchronized (_accounts) { for (Account a : _accounts) { if (a.getOwnerName().toLowerCase().contains(anOwnerName.toLowerCase())) { matchAccounts.add(a); } } } long[] accountIds = new long[matchAccounts.size()]; int index = 0; for (Account a : matchAccounts) { accountIds[index++] = a.getId(); } log.debug("找到 " + accountIds.length + " 相匹配的账户的名称 " + anOwnerName); return accountIds; } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getOwnerOf(long) */ @RequiresPermissions("bankAccount:read") public String getOwnerOf(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获得银行账户的所有者 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.getOwnerName(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getBalanceOf(long) */ @RequiresPermissions("bankAccount:read") public double getBalanceOf(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("得到账户的余额 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.getBalance(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#depositInto(long, double) */ @RequiresPermissions("bankAccount:operate") public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException { assertServiceState(); log.info("存钱到 " + anAmount + " 这个账户 " + anAccountId); try { Account a = safellyRetrieveAccountForId(anAccountId); AccountTransaction tx = AccountTransaction.createDepositTx(anAccountId, anAmount); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); log.debug("新的账户余额 " + a.getId() + " 存款后 " + a.getBalance()); return a.getBalance(); } catch (NotEnoughFundsException nefe) { throw new IllegalStateException("应该从未发生过", nefe); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#withdrawFrom(long, double) */ @RequiresPermissions("bankAccount:operate") public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException { assertServiceState(); log.info("取款 " + anAmount + " 从账户 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); AccountTransaction tx = AccountTransaction.createWithdrawalTx(anAccountId, anAmount); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); log.debug("新的账户余额 " + a.getId() + " 取款后 " + a.getBalance()); return a.getBalance(); } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#getTxHistoryFor(long) */ @RequiresPermissions("bankAccount:read") public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获取账户交易 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); TxLog[] txs = new TxLog[a.getTransactions().size()]; int index = 0; for (AccountTransaction tx : a.getTransactions()) { log.debug("查过交易 " + tx); if (TransactionType.DEPOSIT == tx.getType()) { txs[index++] = new TxLog(tx.getCreationDate(), tx.getAmount(), tx.getCreatedBy()); } else { txs[index++] = new TxLog(tx.getCreationDate(), -1.0d * tx.getAmount(), tx.getCreatedBy()); } } return txs; } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#closeAccount(long) */ @RequiresPermissions("bankAccount:close") public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException { assertServiceState(); log.info("截止账户 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); if (!a.isActive()) { throw new InactiveAccountException("这个账户 " + anAccountId + " 已经关闭"); } try { AccountTransaction tx = AccountTransaction.createWithdrawalTx(a.getId(), a.getBalance()); tx.setCreatedBy(getCurrentUsername()); log.debug("创建一个新的交易 " + tx); a.applyTransaction(tx); a.setActive(false); log.debug("账户 " + a.getId() + " 现在是关闭的 " + tx.getAmount() + " 针对这个业主"); return tx.getAmount(); } catch (NotEnoughFundsException nefe) { throw new IllegalStateException("应该从来不发生", nefe); } } /* (non-Javadoc) * @see com.connectif.trilogy.root.security.BankService#isAccountActive(long) */ @RequiresPermissions("bankAccount:read") public boolean isAccountActive(long anAccountId) throws AccountNotFoundException { assertServiceState(); log.info("获取账户的活动状态 " + anAccountId); Account a = safellyRetrieveAccountForId(anAccountId); return a.isActive(); } /** * Internal method that safelly (concurrency-wise) retrieves an account from the id passed in. * * @param anAccountId The identifier of the account to retrieve. * @return The account instance retrieved. * @throws AccountNotFoundException If no account is found for the provided identifier. */ protected Account safellyRetrieveAccountForId(long anAccountId) throws AccountNotFoundException { Account account = null; synchronized (_accounts) { account = _accountsById.get(anAccountId); } if (account == null) { throw new AccountNotFoundException("没有找到ID为 " + anAccountId + " 的账户"); } log.info("检查账户 " + account); return account; } /** * Internal utility method to retrieve the username of the current authenticated user. * * @return The name. */ protected String getCurrentUsername() { Subject subject = SecurityUtils.getSubject(); if (subject == null || subject.getPrincipal() == null || !subject.isAuthenticated()) { throw new IllegalStateException("无法检索当前验证的主题"); } return SecurityUtils.getSubject().getPrincipal().toString(); }}在配置文件中配置了三组账户
[users]root = secret, adminsally = 1234, superviserdan = 123, user用户 root 密码secret 角色admin用户 sally 密码1234 角色superviser用户 dan密码123 角色user角色信息包括
[roles]admin = bankAccount:*superviser = bankAccount:create, bankAccount:read bankAccount:closeuser = bankAccount:create, bankAccount:read, bankAccount:operate包括种种操作的权限分配使用junit测试
@BeforeClass public static void setUpClass() throws Exception { BasicConfigurator.resetConfiguration(); BasicConfigurator.configure(); logger = Logger.getLogger(SecureBankServiceTest.class.getSimpleName()); Factory<SecurityManager> factory = new IniSecurityManagerFactory( "classpath:shiroBankServiceTest.ini"); SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); service = new SecureBankService(); service.start(); }加载对应的ini中的信息,在每次运行之前登录用户的操作方法
// 作为用户登录,不能关闭账户 protected void loginAsUser() { if (_subject == null) { _subject = SecurityUtils.getSubject(); } // use dan to run as a normal user (which cannot close an account) _subject.login(new UsernamePasswordToken("dan", "123")); } // 作为超级用户登录,不能操作账户 protected void loginAsSuperviser() { if (_subject == null) { _subject = SecurityUtils.getSubject(); } // use sally to run as a superviser (which cannot operate an account) _subject.login(new UsernamePasswordToken("sally", "1234")); }给张三创建账户,并且检查账户的情况
@Test public void testCreateAccount() throws Exception { loginAsUser(); createAndValidateAccountFor("张三"); }protected long createAndValidateAccountFor(String anOwner) throws Exception { long createdId = service.createNewAccount(anOwner); assertAccount(anOwner, true, 0.0d, 0, createdId); return createdId; }public static void assertAccount(String eOwnerName, boolean eIsActive, double eBalance, int eTxLogCount, long actualAccountId) throws Exception { Assert.assertEquals(eOwnerName, service.getOwnerOf(actualAccountId)); Assert.assertEquals(eIsActive, service.isAccountActive(actualAccountId)); Assert.assertEquals(eBalance, service.getBalanceOf(actualAccountId)); Assert.assertEquals(eTxLogCount, service.getTxHistoryFor(actualAccountId).length); }看打印出来的信息
1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...62 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.122 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.123 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...132 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 张三203 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]206 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan206 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [66208001-e91d-4625-938f-1b1c08b2645c]208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!创建张三的用户信息并且检查张三的账户的情况。第二个测试创建账户李四并且存入250到账户里,用户有创建和操作的权限,所以可以操作
@Test public void testDepositInto_singleTx() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("李四"); makeDepositAndValidateAccount(accountId, 250.00d, "李四"); }protected double makeDepositAndValidateAccount(long anAccountId, double anAmount, String eOwnerName) throws Exception { double previousBalance = service.getBalanceOf(anAccountId); int previousTxCount = service.getTxHistoryFor(anAccountId).length; double newBalance = service.depositInto(anAccountId, anAmount); Assert.assertEquals(previousBalance + anAmount, newBalance); assertAccount(eOwnerName, true, newBalance, 1 + previousTxCount, anAccountId); return newBalance; }运行后的结果
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...56 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...59 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison115 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]171 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 李四188 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 250.0 这个账户 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013]196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 250.0196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013]196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan197 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [3b53dc16-67d5-4730-ae8a-872d113c7546]198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!创建账户王五并且存入多笔款项
@Test public void testDepositInto_multiTxs() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("王五"); makeDepositAndValidateAccount(accountId, 50.00d, "王五"); makeDepositAndValidateAccount(accountId, 300.00d, "王五"); makeDepositAndValidateAccount(accountId, 85.00d, "王五"); assertAccount("王五", true, 435.00d, 3, accountId); }一共存入三笔,最后得到的数据的总和为435看日志打出来的信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...49 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...62 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...129 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 王五204 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 300.0 这个账户 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 350.0211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 85.0 这个账户 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 435.0212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1d66c2ec-a668-478a-8f30-e3c65f80a16d]216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!创建账户贾六并且取款,因为账户为空所以会抛出异常
@Test(expected = NotEnoughFundsException.class) public void testWithdrawFrom_emptyAccount() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("贾六"); service.withdrawFrom(accountId, 100.00d); }看执行的结果
1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]15 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...60 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...63 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison128 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]128 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.129 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.130 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.132 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...145 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 贾六205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 20:56:05.047]210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [05f3559d-d0c4-458c-a220-31389550576f]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!得到期望的NotEnoughFundsException,运行通过然后创建账户周七,先存入50,然后取100,结果得到的与面相同,余额不足异常
@Test(expected = NotEnoughFundsException.class) public void testWithdrawFrom_notEnoughFunds() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("周七"); makeDepositAndValidateAccount(accountId, 50.00d, "周七"); service.withdrawFrom(accountId, 100.00d); }看打印出的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...61 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...131 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]179 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 周七196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955]200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0200 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:01:30.956]202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [a85a89c7-a805-4086-bd5b-109a0d54086c]203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!再测试先存后取,先存入500,后取100,最后得到的结果为400
@Test public void testWithdrawFrom_singleTx() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("国八"); makeDepositAndValidateAccount(accountId, 500.00d, "国八"); makeWithdrawalAndValidateAccount(accountId, 100.00d, "国八"); assertAccount("国八", true, 400.00d, 2, accountId); }看打印出的结果
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]11 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...59 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison116 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 国八185 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]193 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan193 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [192dddd6-7090-435c-bb65-b3b64a73d667]195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!存入一笔取多笔
@Test public void testWithdrawFrom_manyTxs() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Zoe Smith"); makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 100.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 75.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 125.00d, "Zoe Smith"); assertAccount("Zoe Smith", true, 200.00d, 4, accountId); }查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]53 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...57 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...72 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...76 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison133 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.134 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.135 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...143 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 75.0 从账户 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 325.0215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 125.0 从账户 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 200.0216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1221 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]221 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan221 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1ecbe8f2-f2f5-468b-af2b-d82d6b1267fa]223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!存多少取多少
@Test public void testWithdrawFrom_upToZero() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Zoe Smith"); makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith"); makeWithdrawalAndValidateAccount(accountId, 500.00d, "Zoe Smith"); assertAccount("Zoe Smith", true, 0.00d, 2, accountId); }查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...58 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison114 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.115 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.116 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...125 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith186 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 500.0 从账户 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 0.0193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]194 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan195 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [12aeb47c-f3c1-46c1-baec-78da03762422]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!关闭账户余额为0的账户,普通用户没有权限,所以需要转到另外一个角色的账户进行操作
@Test public void testCloseAccount_zeroBalance() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Chris Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(0.00d, closingBalance); assertAccount("Chris Smith", false, 0.00d, 1, accountId); }查看打印出来的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]14 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...61 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...63 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.123 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.124 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...133 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith207 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [c4adc0a6-987c-4c94-ad38-d13f683c7f1d]211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison211 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.211 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516]213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516]214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [f0988257-3441-489a-859c-538043ead6e3]215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!创建用户并且存入350,然后对这个用户进行关闭操作
@Test public void testCloseAccount_withBalance() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Gerry Smith"); makeDepositAndValidateAccount(accountId, 385.00d, "Gerry Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(385.00d, closingBalance); assertAccount("Gerry Smith", false, 0.00d, 2, accountId); }查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...58 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...61 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison118 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.118 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.119 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...128 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]173 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Gerry Smith190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 385.0 这个账户 1193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 385.0195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan196 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [b2e689a3-cd4a-4785-962b-0df77758533b]197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison197 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.197 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674]197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 385.0 针对这个业主197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674]198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [6ffa0d67-7510-4205-9fa8-01b6bb9793f5]199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!创建用户并且关闭正活动的账户
@Test(expected = InactiveAccountException.class) public void testCloseAccount_alreadyClosed() throws Exception { loginAsUser(); long accountId = createAndValidateAccountFor("Chris Smith"); logoutCurrentSubject(); loginAsSuperviser(); double closingBalance = service.closeAccount(accountId); Assert.assertEquals(0.00d, closingBalance); assertAccount("Chris Smith", false, 0.00d, 1, accountId); service.closeAccount(accountId); }查看打印的日志信息
0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...57 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...60 [main] INFO SecureBankServiceTest - ############################ 开始测试用例 1117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison117 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.119 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.120 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...127 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]178 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [8ff8f7c8-5d03-4e4f-b47d-0414cd43111d]198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison199 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.199 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777]201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777]202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [53286615-5b71-4642-b3e8-916fb77fba60]203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!其中判断权限使用的是annocation的方式@RequiresPermissions("bankAccount:create") 是否有用户创建权限@RequiresPermissions("bankAccount:read") 读权限@RequiresPermissions("bankAccount:operate") 操作权限@RequiresPermissions("bankAccount:close") 关闭权限根据以上几个标签就可以得到对应的权限信息