shiro权限校验步骤
- 构建 SecurityManager 环境
- 设置 realm
- 通过用户登录的用户名密码生成token
- 校验token是否正确
简单示例
package com.lhw.shiro_demo.chart4_2;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;
public class QuickStartTest {
private SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm();
private DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
@Before
public void init(){
simpleAccountRealm.addAccount("lhw", "123");
simpleAccountRealm.addAccount("cd", "456");
defaultSecurityManager.setRealm(simpleAccountRealm);
}
@Test
public void testAuthentication() {
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("lhw", "1234");
subject.login(usernamePasswordToken);
System.out.println(subject.isAuthenticated());
}
}