Shiro入门
1、导入依赖,要注意将<scope>改为<version>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.5.3</version>
</dependency>
<!-- configure logging -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>1.7.21</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.21</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
</dependencies>
2、导入log4j.properties
和shiro.ini
文件
3、导入Quickstart类
注意将报错代码更换,因为IniSecurityManagerFactory
类已经过期
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
//以上代码更换为以下代码
DefaultSecurityManager securityManager = new DefaultSecurityManager();
IniRealm iniRealm = new IniRealm("classpath:shiro.ini");
securityManager.setRealm(iniRealm);
Quickstart
类
public class Quickstart {
private static final transient Logger log = LoggerFactory.getLogger(Quickstart.class);
public static void main(String[] args) {
//在shiro.ini文件中配置用户、角色、权限等信息,在Quickstart中会读取这些信息
DefaultSecurityManager securityManager = new DefaultSecurityManager();
IniRealm iniRealm = new IniRealm("classpath:shiro.ini");
securityManager.setRealm(iniRealm);
SecurityUtils.setSecurityManager(securityManager);
//获取当前的用户对象
Subject currentUser = SecurityUtils.getSubject();
//通过当前用户获取session对象(Shiro中的session)
Session session = currentUser.getSession();
//从session中存值、取值,并进行比较
session.setAttribute("someKey", "aValue");
String value = (String) session.getAttribute("someKey");
if (value.equals("aValue")) {
log.info("Retrieved the correct value! [" + value + "]");
}
//判断当前用户是否被认证
if (!currentUser.isAuthenticated()) {
//通过账号和密码生成token令牌
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
//开启记住我
token.setRememberMe(true);
try {
currentUser.login(token); //执行登录操作
} catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
log.info("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
log.info("The account for username " + token.getPrincipal() + " is locked. " +
"Please contact your administrator to unlock it.");
}
// ... 可以在以上的catch代码块中自定义异常
catch (AuthenticationException ae) {
//在该代码块中,设置不存在的异常情景<