一、创建一个Maven项目
二、在pom.xml文件中加入依赖
pom.xml代码:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.yzx</groupId>
<artifactId>Shiro</artifactId>
<version>1.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.47</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>5.1.10.RELEASE</version>
</dependency>
</dependencies>
</project>
三、在resources文件夹下写入shiro.ini文件
shiro.ini代码:
[users]
zhangsan=123456, guest, admin
lisi=888888, guest
[roles]
admin=select, update, delete, save
guest=select
四、编写测试类
package com.yzx.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Scanner;
/**
* Created by yzx on 2020-08-07.
*/
public class TestShiro01 {
//@Test
public static void main(String[] args) {
// 1. 创建IniSecurityManagerFactory对象
IniSecurityManagerFactory factory = new IniSecurityManagerFactory();
// 2. 使用IniSecurityManagerFactory对的getInstance()方法获得SecurityManager对象
SecurityManager manager = factory.getInstance();
// 3. 使用SecurityUtils工具类的的setSecurityManager()方法将上一步得到的SecurityManager对象放入进来
SecurityUtils.setSecurityManager(manager);
// 4. 使用SecurityUtils工具类获得Subject“主体”对象
Subject subject = SecurityUtils.getSubject();
Scanner input = new Scanner(System.in);
System.out.println("请输入用户名:");
String username = input.next();
System.out.println("请输入密码:");
String password = input.next();
// 5. 收集用户输入的用户名和密码封装为一个Token对象
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
//异常判断
try {
// 6. 使用Subject对象在指定的Token之上来进行登录
subject.login(token);
} catch (UnknownAccountException e) {
System.out.println("账户不存在");
e.printStackTrace();
} catch (AuthenticationException e) {
e.printStackTrace();
}
if (subject.isAuthenticated()) {
System.out.println("login success!");
//subject.hasRole("admin"):是否有admin角色,返回值为boolean
System.out.println("admin:" + subject.hasRole("admin"));
//subject.hasRole("guest"):是否有guest角色,返回值为boolean
System.out.println("guest:" + subject.hasRole("guest"));
Collection<String> c = new ArrayList<>();
c.add("admin");
c.add("guest");
System.out.println("admin, guest:" + subject.hasAllRoles(c));
//checkPermission("select"):检查是否有select权限
subject.checkPermission("select");
subject.checkPermissions("select","delete");
} else {
System.out.println("login failed!");
}
}
}