在yaml中配置数据库,jdbcrealm会自动寻找如下三个表
1.在数据库中创建表,表名必须是users user_roles roles_permissions,建表语句如下
DROP TABLE
IF EXISTS `users`;
CREATE TABLE users (
id INT PRIMARY KEY auto_increment,
username VARCHAR (60) NOT NULL,
PASSWORD VARCHAR (20) NOT NULL,
password_salt VARCHAR (20)
);
INSERT INTO users (username, PASSWORD)
VALUES
('zhangsan', '123');
INSERT INTO users (username, PASSWORD)
VALUES
('lisi', '456');
INSERT INTO users (username, PASSWORD)
VALUES
('wangwu', '789');
DROP TABLE
IF EXISTS `user_roles`;
CREATE TABLE user_roles (
id INT PRIMARY KEY auto_increment,
username VARCHAR (60) NOT NULL,
role_name VARCHAR (100) NOT NULL
);
INSERT INTO user_roles (username, role_name)
VALUES
('zhangsan', 'admin');
INSERT INTO user_roles (username, role_name)
VALUES
('lisi', 'manager');
INSERT INTO user_roles (username, role_name)
VALUES
('wangwu', 'saler');
DROP TABLE
IF EXISTS `roles_permissions`;
CREATE TABLE roles_permissions (
id INT PRIMARY KEY auto_increment,
rolename VARCHAR (60) NOT NULL,
permission VARCHAR (100) NOT NULL
);
INSERT INTO roles_permissions (rolename, permission)
VALUES
('admin', '*');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('manager', 'sys:m:update');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('manager', 'sys:m:select');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('manager', 'sys:m:delete');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('manager', 'sys:m:add');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('saler', 'sys:s:update');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('saler', 'sys:s:delete');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('saler', 'sys:s:add');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('saler', 'sys:s:select');
INSERT INTO roles_permissions (rolename, permission)
VALUES
('saler', 'sys:k:manager');
1.在application.yaml中配置数据库的数据源信息
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://localhost:3306/my_db_01
username: root
password: mysql
2.在shiroconfig中配置 jdbcrealm,并将其作为realm绑定到SecurityManager(前提是数据库的字段 表名要和规定的一致,看上面)
@Autowired
DataSource dataSource;
@Bean
public JdbcRealm getjdbcRealm(){
JdbcRealm jdbcRealm=new JdbcRealm();
// 只需要给数据库,回自动查找三个表
jdbcRealm.setDataSource(dataSource);
// 默认只开启认证功能,手动开启授权功能
jdbcRealm.setPermissionsLookupEnabled(true);
return jdbcRealm;
}
@Bean
public DefaultWebSecurityManager defaultWebSecurityManager() {
DefaultWebSecurityManager SecurityManager = new DefaultWebSecurityManager();
SecurityManager.setRealm(getjdbcRealm());
return SecurityManager;
}
调用不变,更换realm只是后面数据的来源变了,前面验证该怎么用还是怎么用
同样的,登录成功不报错,不成功报错
try {
subject.login(usernamePasswordToken);
return "success";
}
catch (Exception e)
{
System.out.println(e);
System.out.println("拦截到了错误的账号或者密码");
return "error1";
}