【shiro】shiro 学习笔记4-初识shiro授权

最新推荐文章于 2021-12-06 09:06:15 发布

KIWI的碎碎念

最新推荐文章于 2021-12-06 09:06:15 发布

阅读量440

点赞数 1

文章标签： shiro

本文链接：https://blog.csdn.net/u011719271/article/details/50687267

版权

Java 同时被 2 个专栏收录

20 篇文章 0 订阅

订阅专栏

shiro

4 篇文章 0 订阅

订阅专栏

权限架构一般分为两个模块：认证与授权，前面三篇主要讲的就是认证的内容，现在开始授权

环境：

pom.xml

    <dependencies>

        <!-- shiro -->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.2.4</version>
        </dependency>

        <!--日志问题的解决-->
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-log4j12</artifactId>
            <version>1.7.15</version>
        </dependency>

        <!--日志-->
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>

        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
            <scope>test</scope>
        </dependency>

    </dependencies>

目录结构：

目录地址

代码：

log4j.properties

log4j.rootLogger=DEBUG, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%t] - %m%n

shiro-realm-authz.ini

[main]
#注入自定义realm给securityManager
myRealm = xyz.mrwood.study.realm.MyRealm
securityManager.realms = $myRealm

MyRealm.java

package xyz.mrwood.study.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.Arrays;
import java.util.HashMap;

/**
 * Created by Administrator on 2016/2/18.
 */
public class MyRealm extends AuthorizingRealm {

//    授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        这里应该从数据库获得权限
        info.addStringPermissions(Arrays.asList("user:create", "user:update"));
        return info;
    }

//    认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String principal = (String) token.getPrincipal();

        //        模拟数据库
        HashMap<String, Object> users = new HashMap<>();
        users.put("kiwi", "123456");
        users.put("fly", "123");

        if (users.containsKey(principal)) {

            return new SimpleAuthenticationInfo(principal, users.get("kiwi").toString(), getName());
        }

        return null;
    }

}

AuthzTest.java

package xyz.mrwood.study.authorization;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.junit.Test;

/**
 * Created by Administrator on 2016/2/18.
 */
public class AuthzTest {

    @Test
    public void testCustomAuthz(){

//        构建SecurityManager环境
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro-realm-authz.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);

//        认证
        AuthenticationToken token = new UsernamePasswordToken("kiwi", "123456");
        Subject subject = SecurityUtils.getSubject();

        try {
            subject.login(token);
        } catch (AuthenticationException e) {
            System.out.println("帐号或密码错误！");
        }

        System.out.println("认证：" + subject.isAuthenticated());

//        授权
        if (subject.isAuthenticated()){

            /*
            is开头的是判断资源，
            has开头的是角色，
            check开头的不返回boolean,如果没有权限就拖异常
             */

            System.out.println("用户修改权限：" + subject.isPermitted("user:update:1"));
            try {
                subject.checkPermission("user:create");
            } catch (AuthorizationException e) {
                System.out.println("权限不足！");
            }
            System.out.println("用户创建权限：" );
        }
    }
}

总结：

1. 在shiro中realm其实就相当于数据源
2. 在授权中有基于角色也有基于资源的

KIWI的碎碎念

关注

1
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
【shiro】shiro 学习笔记4-初识shiro授权

权限架构一般分为两个模块：认证与授权，前面三篇主要讲的就是认证的内容，现在开始授权环境：pom.xml <dependencies>  <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</arti
复制链接

扫一扫

专栏目录