02 shiro读取ini完成Realm权限和角色校验

2024-04-10 12:17:24

本文将介绍shiro依赖Realm完成角色和权限控制的过程。

1、环境约束

  • win10 64位操作系统
  • idea2018.1.5
  • jdk-8u162-windows-x64

  • spring4.2.4

    前提约束

  • 完成shiro读取ini文件 https://www.jianshu.com/p/3c31a55b0f63

    2、操作步骤

    2.1 单Realm完成认证

  • 在src/main/resources文件夹下加入shiro-realm.ini,内容如下:
myRealm=net.wanho.security.MyRealm
  • 在src/main/java文件夹下加入net.wanho.security.MyRealm.java文件,内容如下:
package net.wanho.security;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class MyRealm extends AuthorizingRealm {

    //授权
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;

        String pwd = new String ((char[])token.getCredentials());
        String username =  (String)token.getPrincipal();

        if(pwd.equals("123456"))
        {
            return new SimpleAuthenticationInfo(username,pwd,getName());
        }
        else {
            throw new IncorrectCredentialsException();
        }
    }
}
  • 在src/main/java文件夹下新增TestRealm.java,内容如下:
 @Test
    public void test1() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-realm.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zhangli", "123456");
        try {
            subject.login(token);
        } catch (Exception e) {
            e.printStackTrace();
        }

        System.out.println("123");
    }

2.2 多Realm完成验证

  • 在src/main/resources文件夹下加入shiro-realms.ini文件,内容如下:
allSuccessfulStrategy=org.apache.shiro.authc.pam.AllSuccessfulStrategy
securityManager.authenticator.authenticationStrategy=$allSuccessfulStrategy
myRealm=net.wanho.security.MyRealm
yourRealm=net.wanho.security.YourRealm
securityManager.realms=$myRealm,$yourRealm
  • 在src/main/java文件夹下加入net.wanho.security.YourRealm.java[注意,MyRealm.java已经存在],内容如下:
package net.wanho.security;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class YourRealm extends AuthorizingRealm {

    //授权
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;

        String pwd = new String ((char[])token.getCredentials());
        String username =  (String)token.getPrincipal();

        if(username.equals("zhangli"))
        {
            return new SimpleAuthenticationInfo(username,pwd,getName());
        }
        else {
            throw new UnknownAccountException();
        }
    }
}
  • 在TestRealm.java文件当中加入以下内容:
    @Test
    public void test2() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-realms.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zhangli", "12345");
        subject.login(token);
        System.out.println("123");
    }

2.3 使用jdbc在Realm中完成认证

  • 在src/main/resources文件夹下加入shiro-jdbc-realm.ini,内容如下:
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/shiro
dataSource.username=root
dataSource.password=zhangli
jdbcRealm.dataSource=$dataSource
securityManager.realms=$jdbcRealm
  • 在mysql加入三张表以及数据,sql语句如下:
create database shiro;
use shiro;
create table users(username varchar(20),password varchar(20));
insert into users values('ali','123456');
insert into users values('zhangli','123456');
create table user_roles(role_name varchar(20),username varchar(20));
insert into user_roles(role_name,username) values('admin','ali');
insert into user_roles(role_name,username) values('user','zhangli');
create table roles_permissions(permission varchar(20),role_name varchar(20));
insert into roles_permissions values('update','admin');
insert into roles_permissions values('insert','admin');
insert into roles_permissions values('delete','admin');
insert into roles_permissions values('select','admin');
insert into roles_permissions values('select','user');
  • 在TestRealm.java文件中加入以下内容:
    @Test
    public void test3() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("ali", "123456");
        subject.login(token);
        boolean ret = subject.hasRole("admin");
        boolean isOk = subject.isPermitted("insert");
        System.out.println("123");
    }

以上就是通过ini获取Realm逻辑完成权限和角色校验的过程。

上一篇:android-Realm Java-如何在查询多个ID时保持项目顺序?


下一篇:Shiro -- (二) 身份验证基本流程