JDBC Realm (注:如果查询权限需要开启权限查询,jdbcRealm.setPermissionsLookupEnabled(true);默认为关闭状态)。
JDBC Realm 定义很多SQL语句如果感觉不够,也可以自定义SQL。
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class JdbcRealmTest {
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setUrl("jdbc:mysql://localhost:3306/test");
dataSource.setUsername("root");
dataSource.setPassword("password");
}
//测试登录认证
@Test
public void testAuthentication(){
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//自定义 sql 语句,非自定义 这块代码为无
String sql = "select password from account where name = ?";
jdbcRealm.setAuthenticationQuery(sql);
//~设置查询权限的开关
jdbcRealm.setPermissionsLookupEnabled(true);
//构建SecurityManager
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
//主体提交认证请求
UsernamePasswordToken token = new UsernamePasswordToken("yan","123");
subject.login(token);
/*System.out.println(subject.isAuthenticated());
subject.checkRole("admin");
subject.checkPermission("user:delete");*/
}
}
数据库:
USE `test`;
/*Table structure for table `account` */
DROP TABLE IF EXISTS `account`;
CREATE TABLE `account` (
`ID` bigint(10) NOT NULL,
`name` varchar(256) DEFAULT NULL,
`password` varchar(256) DEFAULT NULL,
PRIMARY KEY (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*Data for the table `account` */
insert into `account`(`ID`,`name`,`password`) values (1,'yan','123');
/*Table structure for table `permission` */
DROP TABLE IF EXISTS `permission`;
CREATE TABLE `permission` (
`ID` bigint(10) NOT NULL,
`name` varchar(256) DEFAULT NULL,
PRIMARY KEY (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*Data for the table `permission` */
insert into `permission`(`ID`,`name`) values (1,'read'),(2,'write');
/*Table structure for table `role` */
DROP TABLE IF EXISTS `role`;
CREATE TABLE `role` (
`ID` bigint(10) NOT NULL,
`name` varchar(256) DEFAULT NULL,
PRIMARY KEY (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*Data for the table `role` */
insert into `role`(`ID`,`name`) values (1,'admin');
/*Table structure for table `roles_permissions` */
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`role_name` varchar(50) DEFAULT '0',
`permission` varchar(50) DEFAULT '0',
PRIMARY KEY (`id`),
KEY `id` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
/*Data for the table `roles_permissions` */
insert into `roles_permissions`(`id`,`role_name`,`permission`) values (1,'admin','user:delete');
/*Table structure for table `user_roles` */
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) DEFAULT NULL,
`role_name` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `id` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
/*Data for the table `user_roles` */
insert into `user_roles`(`id`,`username`,`role_name`) values (1,'yan','admin');
/*Table structure for table `users` */
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) DEFAULT NULL COMMENT 'username',
`password` varchar(50) DEFAULT NULL COMMENT 'password',
PRIMARY KEY (`id`),
KEY `id` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
/*Data for the table `users` */
insert into `users`(`id`,`username`,`password`) values (1,'yan','admin');
JDBC 部分源码。
/**
* The default query used to retrieve account data for the user.
*/
protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password from users where username = ?";
/**
* The default query used to retrieve account data for the user when {@link #saltStyle} is COLUMN.
*/
protected static final String DEFAULT_SALTED_AUTHENTICATION_QUERY = "select password, password_salt from users where username = ?";
/**
* The default query used to retrieve the roles that apply to a user.
*/
protected static final String DEFAULT_USER_ROLES_QUERY = "select role_name from user_roles where username = ?";
/**
* The default query used to retrieve permissions that apply to a particular role.
*/
protected static final String DEFAULT_PERMISSIONS_QUERY = "select permission from roles_permissions where role_name = ?";