1、Maven依赖

 <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.7.1</version>
        </dependency>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-web</artifactId>
            <version>1.7.1</version>
        </dependency>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.7.1</version>
        </dependency>
        <dependency>
            <groupId> org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
            <version>1.7.21</version>
        </dependency>
        <dependency>
            <groupId> log4j</groupId>
            <artifactId>log4j</artifactId>
            <version>1.2.17</version>
        </dependency>
        <dependency>
            <groupId> org.slf4j</groupId>
            <artifactId>slf4j-log4j12</artifactId>
            <version>1.7.12 </version>
        </dependency>
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>

2、在resource目录下新建shiro.ini文件存放账号信息

#配置用户
[users]
#用户名=密码
xiangwen=123456
xiangwu= 123

3、新建ShiroTest类

package com.xiangwen.test;

import org.apache.commons.collections.bag.SynchronizedSortedBag;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;


public class ShiroTest {
    public static void main(String[] args) {
        //1、读取配置文件，创建安全管理器：SecurityManager
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager=factory.createInstance();
        //2、将工厂对象和当前线程绑定
        SecurityUtils.setSecurityManager(securityManager);
        //3、从当前线程获取主体对象
        Subject subject=SecurityUtils.getSubject();

        //5、判断是否认证
        boolean authentic=subject.isAuthenticated();
        System.out.println("认证前："+authentic);
        //6、开始认证
        if(!authentic){
            //4、创建token令牌：封装身份（账号）和凭证（密码）
            AuthenticationToken token=new UsernamePasswordToken("xiangwen","123456");

            try {
                subject.login(token);
                authentic=subject.isAuthenticated();
            }catch (UnknownAccountException e){
                System.out.println("无效账号");
            }catch (IncorrectCredentialsException e){
                System.out.println("无效密码");
            }
            System.out.println("认证后："+authentic);

        }
        //7、获取认证信息
        Object person=subject.getPrincipal();
        System.out.println("person:"+person);
        //8、退出登录
        subject.logout();
        authentic=subject.isAuthenticated();
        System.out.println("退出认证后："+authentic);
    }
}