shiro成熟的例子还是很少,貌似springSide4 有个完整的例子。附件有简单数据库设计。
package com.myShiro.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import com.mysql.jdbc.jdbc2.optional.MysqlDataSource;
public class JdbcReamTest {
public static void main(String[] args) {
System.out.println("Hello shiro!");
MysqlDataSource datasource = new MysqlDataSource();
datasource.setUser("root");
datasource.setPassword("root");
datasource.setServerName("localhost");
// datasource.setDriverClassName("com.mysql.jdbc.Driver");
datasource.setUrl("jdbc:mysql://localhost:3306/test");
// datasource.setMaxActive(10);
org.apache.shiro.realm.jdbc.JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(datasource);
jdbcRealm.setPermissionsLookupEnabled(true);
jdbcRealm
.setAuthenticationQuery("SELECT PASSWORD FROM account WHERE name = ?");
jdbcRealm
.setUserRolesQuery("SELECT NAME FROM role WHERE id =(SELECT roleId FROM account_role WHERE userId = (SELECT id FROM account WHERE NAME = ?))");
jdbcRealm
.setPermissionsQuery("SELECT NAME FROM permission WHERE id in (SELECT permissionId FROM permission_role WHERE (SELECT id FROM role WHERE NAME = ?))");
DefaultSecurityManager security = new DefaultSecurityManager(jdbcRealm);
SecurityUtils.setSecurityManager(security);
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("ynp",
"111111");
token.setRememberMe(true);
try {
currentUser.login(token);
System.out.println("login successfully");
} catch (UnknownAccountException uae) {
System.out.println("There is no user with username of "
+ token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
System.out.println("Password for account "
+ token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
System.out.println("The account for username "
+ token.getPrincipal() + " is locked. " +
"Please contact your administrator to unlock it.");
}
// ... catch more exceptions here (maybe custom ones specific to
// your application?
catch (AuthenticationException ae) {
// unexpected condition? error?
}
}
// say who they are:
// print their identifying principal (in this case, a username):
System.out.println("User [" + currentUser.getPrincipal()
+ "] logged in successfully.");
// test a role:
if (currentUser.hasRole("admin")) {
System.out.println("May the admin be with you!");
} else {
System.out.println("Hello, mere mortal.");
}
// test a typed permission (not instance-level)
if (currentUser.isPermitted("write")) {
System.out.println("You can write!.");
} else {
System.out.println("Sorry, lightsaber rings are for schwartz masters only.");
}
// a (very powerful) Instance Level permission:
if (currentUser.isPermitted("winnebago:drive:eagle5")) {
System.out
.println("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. "
+
"Here are the keys - have fun!");
} else {
System.out
.println("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
}
// all done - log out!
currentUser.logout();
}
}