【Shiro】IniRealm和JdbcRealm

本文最后更新于 1532 天前，其中的信息可能已经有所发展或是发生改变。

[successbox title=”不同的Realm”]
就是不同的认证数据源。
[/successbox]

一、IniRealm。
1.导入Maven。
[sourcecode language=”xml” title=”pom.xml”]
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
</dependencies>
[/sourcecode]
2.在资源文件夹内创建user.ini。
[sourcecode language=”xml” title=”resources/user.ini”]
[users]
BenZhu=123456,admin
[roles]
admin=user:delete
[/sourcecode]
3.编写测试类。
[sourcecode language=”java” title=”IniRealmTest.java”]
package com.benzhu.test;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;

public class IniRealmTest {

@Test
public void tsetAuthentication(){

IniRealm iniRealm = new IniRealm("classpath:user.ini");

//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(iniRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("BenZhu","123456");
try {
subject.login(token);
try {
subject.checkRoles("admin");
subject.checkPermission("user:delete");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败！");
}

}catch (AuthenticationException e){
System.out.println("认证失败！");
}

System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.logout();
System.out.println("isAuthenticated:"+subject.isAuthenticated());
}
}
[/sourcecode]
二、默认JdbcRealm。
1.导入Maven。
[sourcecode language=”xml” title=”pom.xml”]
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.45</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.6</version>
</dependency>
</dependencies>
[/sourcecode]
2.创建数据库表（我的数据库是5.7）。

3.编写测试类。
[sourcecode language=”java” title=”JdbcRealmTest.java”]
package com.benzhu.test;

import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class JdbcRealmTest {

DruidDataSource dataSource = new DruidDataSource();

{
dataSource.setUrl("jdbc:mysql://localhost:3306/shiro?&useSSL=false&serverTimezone=GMT%2B8&characterEncoding=utf8");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}

@Test
public void tsetAuthentication(){

JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true); //开启权限授权

//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("benzhu","123456");
try {
subject.login(token);
try {
subject.checkRole("admin");
subject.checkPermission("user:update");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败！");
}

}catch (AuthenticationException e){
System.out.println("认证失败！");
}

3.编写测试类。
[sourcecode language=”java” title=”JdbcRealmTest.java”]
package com.benzhu.test;

public class JdbcRealmTest {

DruidDataSource dataSource = new DruidDataSource();

{
dataSource.setUrl("jdbc:mysql://localhost:3306/shiro?&useSSL=false&serverTimezone=GMT%2B8&characterEncoding=utf8");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}

@Test
public void tsetAuthentication(){

JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true);

//编写自定义Sql认证语句
String sql = "select password from test_user where username = ?";
jdbcRealm.setAuthenticationQuery(sql);

//编写自定义Sql角色授权语句
String rolesql = "select role from test_user_roles where username = ?";
jdbcRealm.setUserRolesQuery(rolesql);

//编写自定义Sql权限授权语句
String permissionssql = "select permission from test_permissions where role = ?";
jdbcRealm.setPermissionsQuery(permissionssql);

UsernamePasswordToken token = new UsernamePasswordToken("benzhu","666666");
try {
subject.login(token);
try {
subject.checkRole("zhu");
subject.checkPermission("select");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败！");
}

}catch (AuthenticationException e){
System.out.println("认证失败！");
}

System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.logout();
System.out.println("isAuthenticated:"+subject.isAuthenticated());
}
}
[/sourcecode]

效果图（三个都一样滴）：

登陆

功能

分类目录

文章归档

发送评论编辑评论

发送评论 编辑评论

推荐文章

发送评论编辑评论