Shiro 的jdbcRealm
1.第一步当然首先加载依赖:
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<!--junit-->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>compile</scope>
</dependency>
<!--mysql-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.12</version>
</dependency>
<!--druid数据源-->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.0.18</version>
</dependency>
2.配置数据源,这里全是在测试文件中写的,一般在工程里如mybatis是需要单独配置的
//配置数据源
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setDriverClassName("com.mysql.cj.jdbc.Driver");
dataSource.setUrl("jdbc:mysql://localhost:3306/testShiro?useSSL=false&useUnicode=true&characterEncoding=UTF8&serverTimezone=UTC");
dataSource.setUsername("root");
dataSource.setPassword("root");
}
3.实例JdbcRealm,设置数据源,根据数据库字段设置查询语句(不设置会使用默认,但要求数据库和默认字段相同)
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true);//开启权限,就必须要实现查询权限,
//自定义查询语句,shiro默认的查询格式是,字段同的话 就不用自定义
String sql = "select pwd from users where name=?";
jdbcRealm.setAuthenticationQuery(sql);
String roles="select role_name from role where username=?";
jdbcRealm.setUserRolesQuery(roles);
String permissions = "select permission from permissions where rolename = ?";
jdbcRealm.setPermissionsQuery(permissions);
4.还是老几步
//1.构建管理器环境
DefaultSecurityManager securityManager = new DefaultSecurityManager();
//将用户加入进去
securityManager.setRealm(jdbcRealm);
//2.提交认证请求
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//认证
UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
subject.login(token);
5.好吧,整的一个测试文件长这样,理清了就很简单
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class JdbcRealmTest {
//配置数据源 driver可以加, 注意:mysql8.0以后要加几个参数
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setDriverClassName("com.mysql.cj.jdbc.Driver");
dataSource.setUrl("jdbc:mysql://localhost:3306/testShiro?useSSL=false&useUnicode=true&characterEncoding=UTF8&serverTimezone=UTC");
dataSource.setUsername("root");
dataSource.setPassword("root");
}
@Test
public void testShiro(){
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true);//开启权限,就必须要实现查询权限
//自定义查询语句,shiro默认的查询格式是,字段同的话 就不用自定义
String sql = "select pwd from users where name=?";
jdbcRealm.setAuthenticationQuery(sql);
String roles="select role_name from role where username=?";
jdbcRealm.setUserRolesQuery(roles);
String permissions = "select permission from permissions where rolename = ?";
jdbcRealm.setPermissionsQuery(permissions);
//1.构建管理器环境
DefaultSecurityManager securityManager = new DefaultSecurityManager();
//将用户加入进去
securityManager.setRealm(jdbcRealm);
//2.提交认证请求
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//认证
UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
subject.login(token);
System.out.println("isAuthenticated:"+subject.isAuthenticated());
System.out.println("checkeRoles:"+subject.hasRole("admin1"));
System.out.println("hasPermission:"+subject.isPermitted("user:delete"));
}}
6.普通直接的jdbcRealm测试就这样了,后面结合spring,mybaits,就是配置、调用的问题了,然后我是在慕课上学的:讲得挺好:https://www.imooc.com/video/16957