Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码学和会话管理。使用Shiro的易于理解的API,您可以快速、轻松地获得任何应用程序,从最小的移动应用程序到最大的网络和企业应用程序。
下面我给大家来讲一下shiro的自定义Realm实现认证
引入依赖
<!-- 引入shiro依赖 start-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
1. 写一个类 来继承 AuthorizingRealm接口
重写doGetAuthorizationInfo(授权)doGetAuthenticationInfo(认证)
在doGetAuthenticationInfo里面获得传递过来的值
UsernamePasswordToken usernamePasswordToken=(UsernamePasswordToken) arg0;
String uname=usernamePasswordToken.getUsername();
String password=usernamePasswordToken.getPassword().toString();
String pwd=new Userdao().getpwd(uname);
SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(uname, pwd, "");
2. 再建一个File文件(格式如下)
myRealm=com.shiro.MyRealm(继承AuthorizingRealm的类)
securityManager.realms=$myRealm
3.测试
//获取shior配置文件 获取securitymanager工厂
Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini");
//获得securityManager
SecurityManager securityManager=factory.getInstance();
//把securitymanger加入当前环境里面去
SecurityUtils.setSecurityManager(securityManager);
//获取subijt
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken usernamePasswordToken=new UsernamePasswordToken("pjh", "970804");
subject.login(usernamePasswordToken);
boolean isuser=subject.isAuthenticated();
System.out.println(isuser);
()()lim的