一、shiro介绍
1.实现权限的几种方式
(1)通过表来实现
(2)shiro框架
(3)Spring Security框架
2.shiro有哪些主要功能
3.搭建shiro环境(*)
(1)在pom.xml文件配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>shiro1</groupId>
<artifactId>shiro_dome1</artifactId>
<version>1.0-SNAPSHOT</version>
<dependencies>
<!-- 引入shiro所需jar包 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.4</version>
</dependency>
<!-- 日志 -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.25</version>
</dependency>
</dependencies>
</project>
(2)新建shiro.ini文件(文明名称可去其它名称)用户信息
[users]
admin=123456
lisi=123
4.shiro核心类SecurityManager与Subject(*)
(1)SecurityManager
(2)Subject
package cn.java.shiro;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
/**
* @ClassName: ShiroDemo1
* @Author Ming
* @Date 2018/8/1614:47
**/
public class ShiroDemo1 {
public static void main(String[] args){
//核心类 SecurutyManager --> Factory
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
//ctrl_alt+v :快速生成变量及对应的数据类型
SecurityManager securityManager = factory.getInstance();
//当前用户:Subject --->SecurityUtil
SecurityUtils.setSecurityManager(securityManager);
//当前用户
Subject user = SecurityUtils.getSubject();
//通过UserNamePasswordToken来模拟html/jsp传递过来的用户名与密码
UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
//通过shiro来判断用户是否登录成功:ctrl+alt+t(捕获异常)
try {
user.login(token);
System.out.println("登录成功");
} catch (AuthenticationException e) {
System.out.println("登录失败");
// e.printStackTrace();
}
}
}
5.坑点总结(*)
(1)开发环境是否与视频一样:jdk(jdk5、jdk6、jdk7、jdk8、..jdk11等)
(2)开发工具:idea2017
(3)maven依赖问题:
(4)导包问题:
二、通过JDBC_Reaml来连接数据库
(1)pom.xml配置需要的jar包
<!--mysql的驱动包-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.46</version>
</dependency>
<!--数据库连接池:c3p0、dbcp、druid-->
<!-- https://mvnrepository.com/artifact/com.alibaba/druid -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.10</version>
</dependency>
<!--日志-->
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
(2)新建数据库shiro
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` bigint(20) NOT NULL,
`username` varchar(50) DEFAULT NULL,
`password` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `users` VALUES ('1', 'sa', '123');
INSERT INTO `users` VALUES ('2', 'admin', '123456');
(3)新建jdbc_realm.ini文件配置如下:
#声明一个realm
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
#声明一个数据库连接池 并设置好参数
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/shiro
dataSource.username=root
dataSource.password=root
#将dataSource设置给jdbcRealm $:引用
jdbcRealm.dataSource=$dataSource
#将jdbcRealm设置给securityManager.realms
securityManager.realms=$jdbcRealm
(4)新建一个类测试
package cn.java.shiro;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
/**
* @ClassName: ShiroDemo2
* @Author Ming
* @Date 2018/8/1615:54
**/
public class ShiroDemo2 {
public static void main(String[] args){
//核心类 SecurutyManager --> Factory 找资源:ctrl+shift+n
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:jdbc_realm.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
//当前用户
Subject user = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("sa","123");
//通过shiro来判断用户是否登录成功:ctrl+alt+t(捕获异常)
try {
user.login(token);
System.out.println("登录成功");
} catch (AuthenticationException e) {
System.out.println("登录失败");
// e.printStackTrace();
}
}
}