本篇博客學習Shiro的IiRealm和jdbcRealm
內置Realm
IniRealm
jdbcRealm
IniRealm
測試類代碼
package com.imooc.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-18 21:39
*/
public class IniRealmTest {
@Test
public void testAuthentication(){
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路徑
//1.構建SecurityManager環境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(iniRealm);
//2.主體提交認證請求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
//驗證角色
subject.checkRole("admin");
//驗證權限
subject.checkPermission("user:update");
}
}
user.ini代碼
[users]
Mark=123456,admin
[roles]
admin=user:delete,user:update
詳細步驟如下:
1.首先創建一個IniRealmTest測試類
package com.imooc.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-18 21:39
*/
public class IniRealmTest {
@Test
public void testAuthentication(){
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路徑
//1.構建SecurityManager環境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
//2.主體提交認證請求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
}
}
2…在測試類裏面先創建一個IniRealm對象。
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路徑
3.新建一個resources並設置爲資源文件
4.在resources下建一個user.ini
[users]
Mark=123456
5.在測試類中設置到SecurityManager環境中
defaultSecurityManager.setRealm(iniRealm);
6.運行
7.設置錯誤用戶名
會報org.apache.shiro.authc.UnknownAccountException 異常
8.授權
在user.ini文件中進行授權
[users]
Mark=123456,admin
[roles]
admin=user:delete
在IniRealmTest檢測用戶是否具備admin角色
subject.checkRole("admin");
9.運行
10.設置錯誤用戶名
報 org.apache.shiro.authz.UnauthorizedException: Subject does not have role [admin1]
11.是否具備用戶刪除權限
測試類添加代碼
subject.checkPermission("user:delete");
運行
沒問題
12.是否具備用戶修改權限
測試類添加代碼
subject.checkPermission("user:update");
運行
報org.apache.shiro.authz.UnauthorizedException: Subject does not have permission [user:update] 錯誤
在user.ini中添加update權限
admin=user:delete,user:update
運行
jdbcRealm
數據庫表(5張表)如圖:
測試類代碼:
package com.imooc.test;
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-20
*/
public class JdbcRealmTest {
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setUrl("jdbc:mysql://localhost:3306/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC");
dataSource.setUsername("root");
dataSource.setPassword("root");
}
@Test
public void testAuthentication(){
//創建JdbcRealm對象
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//設置權限開關
jdbcRealm.setPermissionsLookupEnabled(true);
//創建sql語句
//用戶查詢語句
String sql ="select password from test_user where user_name = ?";
jdbcRealm.setAuthenticationQuery(sql);
//角色查詢語句
String roleSql = "select role_name from test_user_role where user_name = ?";
jdbcRealm.setUserRolesQuery(roleSql);
//1.構建SecurityManager環境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主體提交認證請求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","654321");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
/* //驗證角色
subject.checkRole("admin");
subject.checkRoles("admin","user");
//驗證權限
subject.checkPermission("user:select");*/
subject.checkRole("user");
}
}
pom.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>imooc-shiro</artifactId>
<groupId>com.szh</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>shiro-test</artifactId>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.16</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.12</version>
</dependency>
</dependencies>
</project>
詳細步驟如下:
1.首先創建一個JdbcRealmTest類
2.pom文件要引入mysql驅動包和數據源
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>imooc-shiro</artifactId>
<groupId>com.szh</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>shiro-test</artifactId>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.16</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.12</version>
</dependency>
</dependencies>
</project>
3.進入JdbcRealmle類查看默認查詢語句(可根據默認sql語句創建數據表)
4.運行 認證和驗證角色
成功!
數據庫添加兩個角色
驗證兩個角色
5.驗證權限
數據庫 添加權限信息
運行
報錯org.apache.shiro.authz.UnauthorizedException: Subject does not have permission [user:select] 沒有user:select權限
設置權限開關爲true,它的默認值是false
再運行
成功
6.使用動態sql 認證
使用另一個表test_user
創建sql語句 jdbcRealm使用
記得將認證用戶和密碼換成xiaoming,654321
運行
7.使用動態sql 進行角色驗證
再創建一個表test_user_role 如圖:
再測試類寫角色查詢語句
驗證是否擁有普通用戶user的角色
成功