1.添加环境
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.11</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.5</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>4.3.3.RELEASE</version>
</dependency>
2.添加相关配置文件
(1)spring-jdbc.xml
<!--配置相关连接池-->
<beanclass="com.alibaba.druid.pool.DruidDataSource"id="dataSource">
<propertyname="url"value="jdbc:mysql://localhost:3306/shiro_test?serverTimezone=UTC"/>
<propertyname="username"value="root"/>
<propertyname="password"value="root"/>
</bean>
<!--实例化jdbcTemplate-->
<beanclass="org.springframework.jdbc.core.JdbcTemplate"id="jdbcTemplate">
<propertyname="dataSource"ref="dataSource"/>
</bean>
3.自定义realm重写用户认证及权限认证方法
Publicclass MyRealm extends AuthorizingRealm{
@Resource
Private UserDao userDao;
@Override
Protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection){
//根据用户名获取相关角色以及权限
Stringusername=(String)principalCollection.getPrimaryPrincipal();
Stringrole=userDao.getRoleByUsername(username);
Set<String>roles=newHashSet<String>();
roles.add(role);
SimpleAuthorizationInfo simpleAuthorizationInfo=newSimpleAuthorizationInfo();
simpleAuthorizationInfo.setRoles(roles);
Return simpleAuthorizationInfo;
}
@Override
Protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)throws AuthenticationException{
/*自定义realm验证用户名和密码*/
Stringusername=(String)authenticationToken.getPrincipal();
Stringpassword=newString((char[])authenticationToken.getCredentials());
Useruser=userDao.getUserPassword(username);
if(user!=null){
if(!user.getPassword().equals(password)){
System.out.println("用户密码错误");
Throw new IncorrectCredentialsException();
}
}else{
System.out.println("用户不存在");
Throw new UnknownAccountException();
}
Return new SimpleAuthenticationInfo(username,password,getName());
}
}