本篇博客学习Shiro的IiRealm和jdbcRealm
内置Realm
IniRealm
jdbcRealm
IniRealm
测试类代码
package com.imooc.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-18 21:39
*/
public class IniRealmTest {
@Test
public void testAuthentication(){
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路径
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(iniRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
//验证角色
subject.checkRole("admin");
//验证权限
subject.checkPermission("user:update");
}
}
user.ini代码
[users]
Mark=123456,admin
[roles]
admin=user:delete,user:update
详细步骤如下:
1.首先创建一个IniRealmTest测试类
package com.imooc.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-18 21:39
*/
public class IniRealmTest {
@Test
public void testAuthentication(){
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路径
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
}
}
2…在测试类里面先创建一个IniRealm对象。
IniRealm iniRealm = new IniRealm("classpath:user.ini"); //IniRealm文件路径
3.新建一个resources并设置为资源文件
4.在resources下建一个user.ini
[users]
Mark=123456
5.在测试类中设置到SecurityManager环境中
defaultSecurityManager.setRealm(iniRealm);
6.运行
7.设置错误用户名
会报org.apache.shiro.authc.UnknownAccountException 异常
8.授权
在user.ini文件中进行授权
[users]
Mark=123456,admin
[roles]
admin=user:delete
在IniRealmTest检测用户是否具备admin角色
subject.checkRole("admin");
9.运行
10.设置错误用户名
报 org.apache.shiro.authz.UnauthorizedException: Subject does not have role [admin1]
11.是否具备用户删除权限
测试类添加代码
subject.checkPermission("user:delete");
运行
没问题
12.是否具备用户修改权限
测试类添加代码
subject.checkPermission("user:update");
运行
报org.apache.shiro.authz.UnauthorizedException: Subject does not have permission [user:update] 错误
在user.ini中添加update权限
admin=user:delete,user:update
运行
jdbcRealm
数据库表(5张表)如图:
测试类代码:
package com.imooc.test;
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
/**
*
* @author 宋政宏
* @date 2019-06-20
*/
public class JdbcRealmTest {
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setUrl("jdbc:mysql://localhost:3306/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC");
dataSource.setUsername("root");
dataSource.setPassword("root");
}
@Test
public void testAuthentication(){
//创建JdbcRealm对象
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//设置权限开关
jdbcRealm.setPermissionsLookupEnabled(true);
//创建sql语句
//用户查询语句
String sql ="select password from test_user where user_name = ?";
jdbcRealm.setAuthenticationQuery(sql);
//角色查询语句
String roleSql = "select role_name from test_user_role where user_name = ?";
jdbcRealm.setUserRolesQuery(roleSql);
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","654321");
subject.login(token);
System.out.println("isAuthenticated:"+ subject.isAuthenticated());
/* //验证角色
subject.checkRole("admin");
subject.checkRoles("admin","user");
//验证权限
subject.checkPermission("user:select");*/
subject.checkRole("user");
}
}
pom.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>imooc-shiro</artifactId>
<groupId>com.szh</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>shiro-test</artifactId>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.16</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.12</version>
</dependency>
</dependencies>
</project>
详细步骤如下:
1.首先创建一个JdbcRealmTest类
2.pom文件要引入mysql驱动包和数据源
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>imooc-shiro</artifactId>
<groupId>com.szh</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>shiro-test</artifactId>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.16</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.12</version>
</dependency>
</dependencies>
</project>
3.进入JdbcRealmle类查看默认查询语句(可根据默认sql语句创建数据表)
4.运行 认证和验证角色
成功!
数据库添加两个角色
验证两个角色
5.验证权限
数据库 添加权限信息
运行
报错org.apache.shiro.authz.UnauthorizedException: Subject does not have permission [user:select] 没有user:select权限
设置权限开关为true,它的默认值是false
再运行
成功
6.使用动态sql 认证
使用另一个表test_user
创建sql语句 jdbcRealm使用
记得将认证用户和密码换成xiaoming,654321
运行
7.使用动态sql 进行角色验证
再创建一个表test_user_role 如图:
再测试类写角色查询语句
验证是否拥有普通用户user的角色
成功