导入
shiro
的坐标
<
dependency
>
<
groupId
>
org.apache.shiro
groupId
>
<
artifactId
>
shiro
-all
artifactId
>
dependency
>
定义
Realm
public class MyRealm extends AuthorizingRealm{
//编写授权逻辑
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
System.out.println("执行授权逻辑...");
return null;
}
//编写认证逻辑
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throwsAuthenticationException {
System.out.println("执行认证逻辑...");
return null;
}
}
配置shiro.ini文件
myRealm=com.itheima.bos.web.realms.MyRealm
securityManager.realm=$myRealm
编写认证执行代码
public class ShiroDemo {
public static void main(String[] args) {
//1.创建安全管理器工厂
Factoryfactory = new IniSecurityManagerFactory("classpath:shiro.ini");
//2.从工厂创建安全管理器
//注意:SecurityManager必须是org.apache.shiro.mgt.SecurityManager
//SecurityManagersecurityManager = (SecurityManager) factory.getInstance();
SecurityManagersecurityManager = factory.getInstance();
//3.初始化SecurityUtils
SecurityUtils.setSecurityManager(securityManager);
//4.从SecurityUtils拿到Subject
Subjectsubject = SecurityUtils.getSubject();
//5.调用认证方法
//AuthenticationToken: 封装用户输入的用户名和密码
AuthenticationTokentoken = new UsernamePasswordToken("eric", "123456");
try {
subject.login(token);
//获取realm的返回的pricipal
Objectprincipal = subject.getPrincipal();
System.out.println(principal);
System.out.println("登录成功");
} catch (UnknownAccountException e) {
System.out.println("用户不存在");
} catch (IncorrectCredentialsException e) {
System.out.println("密码错误");
}
}
}
更多技术咨询可关注:gzitcast