自定义Realm (Shiro)

package com.qr.shiro;


import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
* 自定义 Realm 实现 将认证/授权数据的来源为数据库的实现
*
* @author LiuQi
*/
public class CustomRealm extends AuthorizingRealm {

//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}

//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

//在token中获取用户名
String principal = (String) authenticationToken.getPrincipal();

System.out.println(principal);
//根据身份信息使用jdbc ,mybatis 查询相关数据库

if("程梦梦".equals(principal))
{
//SimpleAuthenticationInfo代表数据库里面的数据内容(这只是个例子不是真的数据库内容)
//参数一:返回数据库中正确的用户名 参数二: 返回数据库中正确的密码 参数三:提供当前realm的名字,this,getName();
SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(principal,"MM",this.getName());
return simpleAuthenticationInfo;
}


return null;
}








package com.qr.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
/**
* 认证测试
*
* @author LiuQi
*/
public class AuthenticatDemo
{

public static void main(String[] args) {
//创建DefaultSecurityManager安全管理器对象
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
//给defaultSecurityManager安全管理器设置Realm
defaultSecurityManager.setRealm(new CustomRealm());
//将安全工具类设置安全管理器
SecurityUtils.setSecurityManager(defaultSecurityManager);
//通过安全工具类获取subjec
Subject subject = SecurityUtils.getSubject();
//创建token
UsernamePasswordToken token=new UsernamePasswordToken("程梦梦","MM");


try {
subject.login(token);
System.out.println("认证状态:"+subject.isAuthenticated());
System.out.println("认证成功:登录中!");
}catch (UnknownAccountException e)
{
e.printStackTrace();
System.out.println("认证失败:用户名不存在!");
}catch (IncorrectCredentialsException e){
e.printStackTrace();
System.out.println("认证失败:密码错误!");
}
}


}








}
上一篇:realm数据库报错:Changing Realm data can only be done from inside a transaction.


下一篇:Shiro源码分析----登录流程