十分钟体验Shrio

最新推荐文章于 2021-12-06 16:49:36 发布

Ma__CC

最新推荐文章于 2021-12-06 16:49:36 发布

阅读量104

点赞数

文章标签： shiro

本文链接：https://blog.csdn.net/Ma__CC/article/details/118738624

版权

本文详细介绍了Java安全框架中用户认证与授权的实现过程。通过SecurityUtils获取当前Subject，设置和读取Session属性，判断用户是否已认证，并进行登录操作，包括异常处理。登录成功后，展示用户身份及角色，检查不同级别的权限。最后，演示了注销登录的过程。

摘要由CSDN通过智能技术生成

//获取当前正在执行的用户:
Subject currentUser = SecurityUtils.getSubject();

        // 通过当前Session，拿到Session（存值取值）
        Session session = currentUser.getSession();
        session.setAttribute("someKey", "aValue");
        String value = (String) session.getAttribute("someKey");
        if (value.equals("aValue")) {
            log.info("subject》》？》？Session》》》》》 [" + value + "]");
        }

        // 判断当前用户是否被认证
        if (!currentUser.isAuthenticated()) {
            //Token 令牌
            UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
            //记住我
            token.setRememberMe(true);
            try {
                //执行登录操作
                currentUser.login(token);
            } catch (UnknownAccountException uae) {//用户名不存在
                log.info("There is no user with username of " + token.getPrincipal());
            } catch (IncorrectCredentialsException ice) {//密码不存在
                log.info("Password for account " + token.getPrincipal() + " was incorrect!");
            } catch (LockedAccountException lae) {//五次密码都不对，用户锁住了
                log.info("The account for username " + token.getPrincipal() + " is locked. " +
                        "Please contact your administrator to unlock it.");
            }
            // .在这里捕获更多异常(可能是特定于您的应用程序的自定义异常?
            catch (AuthenticationException ae) {
                //unexpected condition? error?
            }
        }

        //say who they are:
        //print their identifying principal (in this case, a username):
        //用户的认证码
        log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");

        //拥有什么样子的角色
        if (currentUser.hasRole("schwartz")) {
            log.info("May the Schwartz be with you!");
        } else {
            log.info("Hello, mere mortal.");
        }

        //粗粒度筛选权限
        if (currentUser.isPermitted("lightsaber:wield")) {
            log.info("You may use a lightsaber ring. Use it wisely.");
        } else {
            log.info("Sorry, lightsaber rings are for schwartz masters only.");
        }

        //细粒度筛选权限
        if (currentUser.isPermitted("winnebago:drive:eagle5")) {
            log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " +
                    "Here are the keys - have fun!");
        } else {
            log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
        }

//注销
currentUser.logout();

System.exit(0);