搭建shiro环境依赖包:
<dependencies>
<!--引入shiro所需的jar包-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<!--日志-->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.12</version>
</dependency>
</dependencies>
测试类:是否登录成功:
public class ShiroDemo1 {
public static void main(String[] args) {
//创建Factory得到核心类:SecurutyManager;
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
//当前用户Subject——>SecurityUtils
SecurityUtils.setSecurityManager(securityManager);
//当前用户:
Subject user = SecurityUtils.getSubject();
//通过UsernamePasswordToken来模拟html/jsp传递过来的用户名和密码
UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
//通过shiro来判断用户是否登录成功
try {
user.login(token);
System.out.println("登录成功!");
} catch (AuthenticationException e) {
System.out.println("登录失败!");
}
}
}
搭建成功;
ShiroUtil类:
public class ShiroUtil {
public static Subject login(String configPath,String username,String password) {
//创建Factory得到核心类:SecurityManager;
Factory<SecurityManager> factory = new IniSecurityManagerFactory(configPath);
SecurityManager securityManager = factory.getInstance();
//当前用户Subject——>SecurityUtils
SecurityUtils.setSecurityManager(securityManager);
//当前用户:
Subject user = SecurityUtils.getSubject();
//通过UsernamePasswordToken来模拟html/jsp传递过来的用户名和密码
UsernamePasswordToken token = new UsernamePasswordToken(username,password);
//通过shiro来判断用户是否登录成功
try {
user.login(token);
System.out.println("登录成功!");
} catch (AuthenticationException e) {
System.out.println("登录失败!");
}
return user;
}
}
判断用户是否具有某个角色:
ShiroDemo测试:
public class ShiroDemo {
public static void main(String[] args) {
Subject user = ShiroUtil.login("classpath:shiro_role_permission.ini","superbird","123456");
//判断用户是否拥有某个角色
boolean flag1=user.hasRole("system");
System.out.println("flag1="+flag1);
List<String> roles = Arrays.asList("role1","role2","system");
boolean[] flags = user.hasRoles(roles);
System.out.println(Arrays.toString(flags));
}
}
shiro_role_permission.ini配置文件(仅供参考):
[users]
superbird = 123456 ,system
bigbird = 123,role1,role2
[roles]
system = InRoom:select,InRoom:insert,InRoom:xiaofei,InRoom:update,VIP:select,VIP:guanli,VIP:add,
role1 = InRoom:xiaofei
role2 = VIP:select,VIP:add
判断用户是否具有一个或多个权限:
public class ShiroDemo {
public static void main(String[] args) {
Subject user = ShiroUtil.login("classpath:shiro_role_permission.ini","superbird","123456");
//判断用户是否具有某个具体权限
boolean flag1 = user.isPermitted("InRoom:xiaofei");
System.out.println("flag="+flag1);
//判断用户是否具有多个权限
boolean[] flag2 = user.isPermitted("InRoom:xiaofei", "InRoom:update");
System.out.println("flags="+ Arrays.toString(flag2));
}
}
官网学习:
shiro官网:
Apache Shiro | Simple. Java. Security.
http://shiro.apache.org/
视频教程学习:W3Cschool shiro教程