创建maven 项目
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
</dependencies>
目录结构
为了简单,不使用用数据库,在resources目录下创建一个user.ini,使用简单的文件来做数据库。
[users]
zll=123,admin
[roles]
admin=user:del,user:update
测试代码如下
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class AuthenticationTest {
@Test
public void testAuthentication(){
//读取resource 目录下的配置用户配置文件,
IniRealm realm = new IniRealm("classpath:user.ini");
DefaultSecurityManager manager = new DefaultSecurityManager();
manager.setRealm(realm);
SecurityUtils.setSecurityManager(manager);
Subject subject = SecurityUtils.getSubject();
//创建一个用户
UsernamePasswordToken token = new UsernamePasswordToken("zll","123","admin");
//尝试登陆,如果密码出错,会抛异常。
subject.login(token);
//检查是否登录,如果登录,那么返回true
System.out.println(subject.isAuthenticated());
//检查是否拥有admin 角色,没有就会抛异常
subject.checkRole("admin");
//检查是否拥有删除权限,没有抛出异常
subject.checkPermission("user:del");
//检查多个权限方法,没有则抛出异常
subject.checkPermissions("user:del","user:update");
//退出
subject.logout();
//检查是否登录状态,如果退出,那么返回false
System.out.println(subject.isAuthenticated());
}
}
好了一个简答的shiro入门完毕