一、pom引入maven依赖
junit
junit
4.12
commons-logging
commons-logging
1.2
org.apache.shiro
shiro-core
1.3.2
二、从ini文件获取用户名密码
shiro.ini文件
[users]
admin=123456
单元测试:
@Test
public void demoIni(){
//init配置文件初始化SecurityManager工厂
Factory factory=new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123456");
try{
subject.login(token);
}catch (AuthenticationException ex){
}
org.junit.Assert.assertEquals(true,subject.isAuthenticated());
subject.logout();
}
三、自定义realm
1.自定义myRealm
public class myRealm1 implements Realm {
public String getName() {
return "myRealm1";
}
public boolean supports(AuthenticationToken authenticationToken) {
return authenticationToken instanceof UsernamePasswordToken;
}
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username=(String)token.getPrincipal();
String password=new String((char[])token.getCredentials());
if(!username.equals("admin")){
throw new UnknownAccountException();
}
if(!password.equals("123456")){
throw new IncorrectCredentialsException();
}
return new SimpleAuthenticationInfo(username,password,getName());
}
}
2.shiro-realm.init配置文件
[main]
myrealm=realms.myRealm1
securityManager.realms=$myrealm
说明:
变量名=全限定类名会自动创建一个类实例
变量名.属性=值 自动调用相应的setter方法进行赋值
$变量名 引用之前的一个对象实例
3.单元测试
@Test
public void demoCustomRealm(){
//init配置文件初始化SecurityManager工厂
Factory factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123456");
try{
subject.login(token);
}catch (AuthenticationException ex){
}
org.junit.Assert.assertEquals(true,subject.isAuthenticated());
subject.logout();
}
三、jdbc realm
1.还需要引入依赖
mysql
mysql-connector-java
6.0.6
com.alibaba
druid
1.1.3
2.sql
use cathycms;
create table users (
id bigint auto_increment,
username varchar(100),
password varchar(100),
password_salt varchar(100),
constraint pk_users primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_users_username on users(username);
create table user_roles(
id bigint auto_increment,
username varchar(100),
role_name varchar(100),
constraint pk_user_roles primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_user_roles on user_roles(username, role_name);
create table roles_permissions(
id bigint auto_increment,
role_name varchar(100),
permission varchar(100),
constraint pk_roles_permissions primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_roles_permissions on roles_permissions(role_name, permission);
insert into users(username,password)values('admin','123');
3.ini配置文件
[main]
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/cathycms
dataSource.username=root
dataSource.password=root
jdbcRealm.dataSource=$dataSource
securityManager.realms=$jdbcRealm
4.单元测试
@Test
public void demoJdbcRealm(){
//init配置文件初始化SecurityManager工厂
Factory factory=new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini");
SecurityManager securityManager=factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("admin","123");
try{
subject.login(token);
}catch (AuthenticationException ex){
}
org.junit.Assert.assertEquals(true,subject.isAuthenticated());
subject.logout();
}
参考资料:说起shiro,最好的教程必须是张开涛老师的《跟我学shiro系列》