【Shiro】IniRealm和JdbcRealm
本文最后更新于 349 天前,其中的信息可能已经有所发展或是发生改变。

[successbox title=”不同的Realm”]
就是不同的认证数据源。
[/successbox]

一、IniRealm。
1.导入Maven。
[sourcecode language=”xml” title=”pom.xml”]
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
</dependencies>
[/sourcecode]
2.在资源文件夹内创建user.ini。
[sourcecode language=”xml” title=”resources/user.ini”]
[users]
BenZhu=123456,admin
[roles]
admin=user:delete
[/sourcecode]
3.编写测试类。
[sourcecode language=”java” title=”IniRealmTest.java”]
package com.benzhu.test;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;

public class IniRealmTest {

@Test
public void tsetAuthentication(){

IniRealm iniRealm = new IniRealm("classpath:user.ini");

//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(iniRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("BenZhu","123456");
try {
subject.login(token);
try {
subject.checkRoles("admin");
subject.checkPermission("user:delete");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败!");
}

}catch (AuthenticationException e){
System.out.println("认证失败!");
}

System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.logout();
System.out.println("isAuthenticated:"+subject.isAuthenticated());
}
}
[/sourcecode]
二、默认JdbcRealm。
1.导入Maven。
[sourcecode language=”xml” title=”pom.xml”]
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.45</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.6</version>
</dependency>
</dependencies>
[/sourcecode]
2.创建数据库表(我的数据库是5.7)。


3.编写测试类。
[sourcecode language=”java” title=”JdbcRealmTest.java”]
package com.benzhu.test;

import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class JdbcRealmTest {

DruidDataSource dataSource = new DruidDataSource();

{
dataSource.setUrl("jdbc:mysql://localhost:3306/shiro?&useSSL=false&serverTimezone=GMT%2B8&characterEncoding=utf8");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}

@Test
public void tsetAuthentication(){

JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true); //开启权限授权

//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("benzhu","123456");
try {
subject.login(token);
try {
subject.checkRole("admin");
subject.checkPermission("user:update");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败!");
}

}catch (AuthenticationException e){
System.out.println("认证失败!");
}

System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.logout();
System.out.println("isAuthenticated:"+subject.isAuthenticated());
}
}
[/sourcecode]
三、自定义JdbcRealm。
1.如同二一样先导入Maven。
2.编写自定义的数据库(参照如下图)。


3.编写测试类。
[sourcecode language=”java” title=”JdbcRealmTest.java”]
package com.benzhu.test;

import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class JdbcRealmTest {

DruidDataSource dataSource = new DruidDataSource();

{
dataSource.setUrl("jdbc:mysql://localhost:3306/shiro?&useSSL=false&serverTimezone=GMT%2B8&characterEncoding=utf8");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}

@Test
public void tsetAuthentication(){

JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
jdbcRealm.setPermissionsLookupEnabled(true);

//编写自定义Sql认证语句
String sql = "select password from test_user where username = ?";
jdbcRealm.setAuthenticationQuery(sql);

//编写自定义Sql角色授权语句
String rolesql = "select role from test_user_roles where username = ?";
jdbcRealm.setUserRolesQuery(rolesql);

//编写自定义Sql权限授权语句
String permissionssql = "select permission from test_permissions where role = ?";
jdbcRealm.setPermissionsQuery(permissionssql);

//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("benzhu","666666");
try {
subject.login(token);
try {
subject.checkRole("zhu");
subject.checkPermission("select");
}catch (UnauthorizedException exception){
System.out.println("角色授权或者权限授权失败!");
}

}catch (AuthenticationException e){
System.out.println("认证失败!");
}

System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.logout();
System.out.println("isAuthenticated:"+subject.isAuthenticated());
}
}
[/sourcecode]

效果图(三个都一样滴):

暂无评论

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
上一篇
下一篇