shiro_01_shiro简介

最新推荐文章于 2021-06-02 04:23:04 发布

一夏洛克一

最新推荐文章于 2021-06-02 04:23:04 发布

阅读量177

点赞数

分类专栏： shiro 文章标签： shiro简介

本文链接：https://blog.csdn.net/qq_27163329/article/details/81806060

版权

shiro 专栏收录该内容

9 篇文章 0 订阅

订阅专栏

百度百科

介绍文档

Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码学和会话管理。使用Shiro的易于理解的API,您可以快速、轻松地获得任何应用程序,从最小的移动应用程序到最大的网络和企业应用程序。

三个核心组件：Subject, SecurityManager 和 Realms.

Subject：即“当前操作用户”。但是，在Shiro中，Subject这一概念并不仅仅指人，也可以是第三方进程、后台帐户（Daemon Account）或其他类似事物。它仅仅意味着“当前跟软件交互的东西”。但考虑到大多数目的和用途，你可以把它认为是Shiro的“用户”概念。
　　Subject代表了当前用户的安全操作，SecurityManager则管理所有用户的安全操作。
　　SecurityManager：它是Shiro框架的核心，典型的Facade模式，Shiro通过SecurityManager来管理内部组件实例，并通过它来提供安全管理的各种服务。
　　Realm： Realm充当了Shiro与应用安全数据间的“桥梁”或者“连接器”。也就是说，当对用户执行认证（登录）和授权（访问控制）验证时，Shiro会从应用配置的Realm中查找用户及其权限信息。
　　从这个意义上讲，Realm实质上是一个安全相关的DAO：它封装了数据源的连接细节，并在需要时将相关数据提供给Shiro。当配置Shiro时，你必须至少指定一个Realm，用于认证和（或）授权。配置多个Realm是可以的，但是至少需要一个。
　　Shiro内置了可以连接大量安全数据源（又名目录）的Realm，如LDAP、关系数据库（JDBC）、类似INI的文本配置资源以及属性文件等。如果缺省的Realm不能满足需求，你还可以插入代表自定义数据源的自己的Realm实现。

shiro的使用

引入的依赖：

	<!-- 引入shiro-core -->
	<dependency>
	    <groupId>org.apache.shiro</groupId>
	    <artifactId>shiro-core</artifactId>
	    <version>1.2.4</version>
	</dependency>

  	<!-- slf4j-log4j12 -->
	<dependency>
	    <groupId>org.slf4j</groupId>
	    <artifactId>slf4j-log4j12</artifactId>
	    <version>1.7.25</version>
	    <!-- <scope>test</scope> -->
	</dependency>
  </dependencies>

shiro.ini文件：

[users]
java=1234
12=12

main:

public class HelloWorld {

	public static void main(String[] args) {
		//读取配置文件，初始化SecurityManager工厂
		Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
		//获取SecurityManager实例
		SecurityManager securityManager = factory.getInstance();
		//把securityManager实例绑定到SecurityUtils
		SecurityUtils.setSecurityManager(securityManager);
		//得到当前执行的用户
		Subject currentUser = SecurityUtils.getSubject();
		//创建Token令牌，用户/密码
		UsernamePasswordToken token = new UsernamePasswordToken("java","1234");
		try {
			//身份认证
			currentUser.login(token);
			System.out.println("身份认证成功！");
		}catch(AuthenticationException e) {
			e.printStackTrace();
			System.out.println("身份认证失败！");
		}
		currentUser.logout();
	}
}

运行：

2018-08-18 10:29:00,622 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini] 
2018-08-18 10:29:00,636 DEBUG [org.apache.shiro.config.Ini] - Parsing [users] 
2018-08-18 10:29:00,638 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: java=1234 
2018-08-18 10:29:00,639 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: 12=12 
2018-08-18 10:29:00,640 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users] 
2018-08-18 10:29:00,640 TRACE [org.apache.shiro.config.Ini] - Specified name was null or empty.  Defaulting to the default section (name = "") 
2018-08-18 10:29:00,680 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section.  Processing... 
2018-08-18 10:29:00,691 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance.  Returning. 
2018-08-18 10:29:00,691 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No identity (PrincipalCollection) found in the context.  Looking for a remembered identity. 
2018-08-18 10:29:00,691 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No remembered identity found.  Returning original context. 
2018-08-18 10:29:00,693 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,693 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,693 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,694 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,694 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,694 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,694 TRACE [org.apache.shiro.authc.AbstractAuthenticator] - Authentication attempt received for token [org.apache.shiro.authc.UsernamePasswordToken - java, rememberMe=false] 
2018-08-18 10:29:00,694 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [java] from doGetAuthenticationInfo 
2018-08-18 10:29:00,694 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [java].  Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - java, rememberMe=false]. 
2018-08-18 10:29:00,694 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 
2018-08-18 10:29:00,694 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays.  Performing array equals comparison 
2018-08-18 10:29:00,695 DEBUG [org.apache.shiro.authc.AbstractAuthenticator] - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - java, rememberMe=false].  Returned account [java] 
2018-08-18 10:29:00,695 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map.  Falling back to SecurityUtils.getSecurityManager() lookup. 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance.  Returning. 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map.  Falling back to SecurityUtils.getSecurityManager() lookup. 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,695 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false 
2018-08-18 10:29:00,696 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = true; session is null = true; session has id = false 
2018-08-18 10:29:00,696 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - Starting session for host null 
2018-08-18 10:29:00,697 DEBUG [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - No sessionValidationScheduler set.  Attempting to create default instance. 
2018-08-18 10:29:00,697 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Created default SessionValidationScheduler instance of type [org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler]. 
2018-08-18 10:29:00,697 INFO [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Enabling session validation scheduler... 
2018-08-18 10:29:00,701 TRACE [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating session for host null 
2018-08-18 10:29:00,701 DEBUG [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 
2018-08-18 10:29:00,833 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,833 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
2018-08-18 10:29:00,833 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,833 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - This org.apache.shiro.mgt.DefaultSecurityManager instance does not have a [org.apache.shiro.mgt.RememberMeManager] instance configured.  RememberMe services will not be performed for account [java]. 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
身份认证成功！
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,834 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Logging out subject with primary principal java 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.realm.CachingRealm] - Cleared cache entries for account with principals [java] 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
2018-08-18 10:29:00,834 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,835 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,835 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
2018-08-18 10:29:00,835 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key org.apache.shiro.session.mgt.DefaultSessionKey@d4342c2 
2018-08-18 10:29:00,835 DEBUG [org.apache.shiro.session.mgt.AbstractSessionManager] - Stopping session with id [e4d6e262-7d14-45fc-a621-3c52e0d7aa1e]