public class TestAuthentication {
public static void main(String[] args) {
//1、创建ini类型的工厂对象
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
//2、构造一个主体(用户)对象
SecurityManager instance = factory.getInstance();
SecurityUtils.setSecurityManager(instance);
//主体
Subject subject = SecurityUtils.getSubject();
/*try {
//3、主体认证(重点)
//令牌
UsernamePasswordToken token = new UsernamePasswordToken("admin123", "admin");
subject.login(token);//IncorrectCredentialsException\UnknownAccountException
//4、其他操作
System.out.println("登录成功!");
System.out.println(subject.isAuthenticated());
} catch (IncorrectCredentialsException ex) {
System.out.println("密码错误!");
} catch (UnknownAccountException ex) {
System.out.println("用户不存在!");
} catch (LockedAccountException ex) {
System.out.println("账号被锁定!");
}*/
try {
//1.认证
UsernamePasswordToken token = new UsernamePasswordToken("admin", "admin");
subject.login(token);
System.out.println("登录成功!");
} catch (AuthenticationException ex) {
ex.printStackTrace();
System.out.println("登录失败!");
}
//2.授权
if (subject.isAuthenticated()) {//判断用户是否已经认证
//2.1 判断角色
// System.out.println(subject.hasRole("role4"));//返回的是boolean
//UnauthorizedException
try {
subject.checkRoles(Arrays.asList("role1", "role2", "role3", "role4"));//抛出异常
System.out.println("拥有全部角色");
//2.2 判断权限
boolean result = subject.isPermitted("product:insert");//返回的是boolean类型
System.out.println(result ? "有权限" : "无权操作!");
subject.checkPermission("product:delete");
} catch (UnauthorizedException e) {
System.out.println("缺少权限!"+e.getMessage());
}
}
}
}
shiro认证和授权
最新推荐文章于 2023-04-13 11:38:34 发布