Shiro框架的用法

一、创建一个Maven项目

二、在pom.xml文件中加入依赖

pom.xml代码：

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.yzx</groupId>
    <artifactId>Shiro</artifactId>
    <version>1.0-SNAPSHOT</version>

    <dependencies>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.3.2</version>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
        </dependency>
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.1.47</version>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-jdbc</artifactId>
            <version>5.1.10.RELEASE</version>
        </dependency>
    </dependencies>

</project>

三、在resources文件夹下写入shiro.ini文件

shiro.ini代码：

[users]
zhangsan=123456, guest, admin
lisi=888888, guest
[roles]
admin=select, update, delete, save
guest=select

四、编写测试类

package com.yzx.test;


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Scanner;


/**
 * Created by yzx on 2020-08-07.
 */
public class TestShiro01 {
    //@Test
    public static void main(String[] args) {
        //  1.  创建IniSecurityManagerFactory对象
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory();

        //  2.  使用IniSecurityManagerFactory对的getInstance（）方法获得SecurityManager对象
        SecurityManager manager = factory.getInstance();

        //  3.  使用SecurityUtils工具类的的setSecurityManager（）方法将上一步得到的SecurityManager对象放入进来
        SecurityUtils.setSecurityManager(manager);

        //  4.  使用SecurityUtils工具类获得Subject“主体”对象
        Subject subject = SecurityUtils.getSubject();

        Scanner input = new Scanner(System.in);

        System.out.println("请输入用户名：");
        String username = input.next();

        System.out.println("请输入密码：");
        String password = input.next();

        //  5.  收集用户输入的用户名和密码封装为一个Token对象
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        //异常判断
        try {
            //  6.  使用Subject对象在指定的Token之上来进行登录
            subject.login(token);
        } catch (UnknownAccountException e) {
            System.out.println("账户不存在");
            e.printStackTrace();
        } catch (AuthenticationException e) {
            e.printStackTrace();
        }

        if (subject.isAuthenticated()) {
            System.out.println("login success!");
            //subject.hasRole("admin"):是否有admin角色，返回值为boolean
            System.out.println("admin:" + subject.hasRole("admin"));
            //subject.hasRole("guest"):是否有guest角色，返回值为boolean
            System.out.println("guest:" + subject.hasRole("guest"));

            Collection<String> c = new ArrayList<>();

            c.add("admin");
            c.add("guest");

            System.out.println("admin, guest:" + subject.hasAllRoles(c));
            
            //checkPermission("select")：检查是否有select权限
            subject.checkPermission("select");

            subject.checkPermissions("select","delete");
        } else {
            System.out.println("login failed!");
        }

    }


}

五、运行结果