-
authenticate
该方法是实现认证逻辑的。
如果验证成功,将返回AuthenticationInfo验证信息;此信息中包含了身份及凭证;如果验证失败将抛出相应的 AuthenticationException 实现 -
ModularRealmAuthenticator
认证策略接口,自定义认证策略时只需要继承该类即可一般使用默认的三种策略即可
三种策略- FirstSuccessfulStrategy:只要有一个Realm验证成功即可,只返回第一个Realm身份验证 成功的认证信息,其他的忽略;
- AtLeastOneSuccessfulStrategy:只要有一个Realm验证成功即可,和FirstSuccessfulStrategy 不同,返回所有 Realm 身份验证成功的认证信息;
- AllSuccessfulStrategy:所有Realm验证成功才算成功,且返回所有Realm身份验证成功的 认证信息,如果有一个失败就失败了。
- 注意:ModularRealmAuthenticator 默认使用 AtLeastOneSuccessfulStrategy 策略。
-
环境搭建
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.0</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> </dependency>
-
自定义Realm
实现Realm接口-
MyRealm01
import org.apache.shiro.authc.*; import org.apache.shiro.realm.Realm; /** * Realm01 * @author * @create 2019-01-21 16:21 */ public class MyRealm01 implements Realm { /** 用户名 */ public static final String USERNAME = "fury1"; /** 用户密码 */ public static final String PASSWORD = "111111"; public String getName() { return "MyRealm01"; } public boolean supports(AuthenticationToken token) { if (token instanceof UsernamePasswordToken) { return true; } return false; } public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = (String) token.getPrincipal(); String password = new String((char[]) token.getCredentials()); if (USERNAME.equals(username) && PASSWORD.equals(password)) { return new SimpleAuthenticationInfo(username, password, getName()); } else { throw new RuntimeException("MyRealm01 - 用户名或者密码错误"); } } }
-
MyRealm02
import org.apache.shiro.authc.*; import org.apache.shiro.realm.Realm; /** * Realm02 * @author * @create 2019-01-21 16:21 */ public class MyRealm02 implements Realm { /** 用户名 */ public static final String USERNAME = "fury2"; /** 用户密码 */ public static final String PASSWORD = "222222"; public String getName() { return "MyRealm02"; } public boolean supports(AuthenticationToken token) { if (token instanceof UsernamePasswordToken) { return true; } return false; } public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = (String) token.getPrincipal(); String password = new String((char[]) token.getCredentials()); if (USERNAME.equals(username) && PASSWORD.equals(password)) { return new SimpleAuthenticationInfo(username, password, getName()); } else { throw new RuntimeException("MyRealm02 - 用户名或者密码错误"); } } }
-
步骤:
- 实例化Realm
- 实例化SecurityManager
- 实例化ModularRealmAuthenticator
- 实例化FirstSuccessfulStrategy
- 给ModularRealmAuthenticator对象设置认证策略
- 给SecurityManager设置认证对象
- 给SecurityManager设置Realm对象
- 注意:SecurityManager必须先设置Authenticator再设置Realm,否则会报错
import com.xunyji.shirotest.realm.MyRealm01;
import com.xunyji.shirotest.realm.MyRealm02;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.pam.AllSuccessfulStrategy;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.FirstSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
/**
* @author
* @create 2019-01-21 16:26
*/
public class TestDemo {
@Test
public void test01() {
// 01 获取Realm对象
MyRealm01 myRealm01 = new MyRealm01();
MyRealm02 myRealm02 = new MyRealm02();
// 02 获取SecurityManager对象
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
// 03 设置SecurityManager对象的认证策略
ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
modularRealmAuthenticator.setAuthenticationStrategy(new FirstSuccessfulStrategy());
// modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy());
defaultSecurityManager.setAuthenticator(modularRealmAuthenticator);
// 04 设置SecurityManager的Realm
// defaultSecurityManager.setRealm(myRealm01);
// defaultSecurityManager.setRealm(myRealm02);
Set<Realm> realmHashSet = new HashSet<Realm>();
realmHashSet.add(myRealm01);
realmHashSet.add(myRealm02);
defaultSecurityManager.setRealms(realmHashSet);
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("fury1", "111111");
// UsernamePasswordToken token = new UsernamePasswordToken("fury2", "222222");
subject.login(token);
System.out.println(String.format("认证结果为:%s", subject.isAuthenticated()));
subject.logout();
System.out.println(String.format("认证结果为:%s", subject.isAuthenticated()));
}
}