理解:Realm相当于数据源,我们获取的所有管理安全的数据都是从realm中获取的,如用户名密码等。
一、简单配置Realm
创建MyRealm类并且实现Realm接口,
添加实现方法
public String getName() {
System.out.println("MyRealm"); return "MyRealm"; }
public boolean supports(AuthenticationToken authenticationToken) {
return authenticationToken instanceof UsernamePasswordToken; }
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String username=(String)authenticationToken.getPrincipal(); String password=new String((char[])authenticationToken.getCredentials()); if(!"zhang".equals(username)){
throw new UnknownAccountException(); }
if(!"123".equals(password)){
new IncorrectCredentialsException(); }
return new SimpleAuthenticationInfo(username,password,getName()); }
创建配置文件
shiro-realm.ini
myRealm=shiro_demo.MyRealm securityManager.realms=$myRealmshiro-realm-multy.ini
myRealm=shiro_demo.MyRealm myRealmMulty=shiro_demo.MyRealmMulty securityManager.realms=$myRealm,$myRealmMulty
根据该配置文件生成SecurityFactory就ok啦
注:securityManager 会按照声明的realm顺序去验证
securityManager.realms=$myRealm,$myRealmMulty