shiro基于ini文件入门案例

shiro基于ini文件入门案例

1、导包

如果测试类不在测试环境下，则改变依赖作用范围为compile

<dependencies>
    <dependency>
        <groupId>org.apache.shiro</groupId>
        <artifactId>shiro-core</artifactId>
        <version>1.4.1</version>
    </dependency>
    <!-- Shiro uses SLF4J for logging.  We'll use the 'simple' binding
         in this example app.  See http://www.slf4j.org for more info. -->
    <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-simple</artifactId>
        <version>1.7.21</version>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>jcl-over-slf4j</artifactId>
        <version>1.7.21</version>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>commons-logging</groupId>
        <artifactId>commons-logging</artifactId>
        <version>1.2</version>
    </dependency>
</dependencies>

2、创建ini文件

文件放在类路径下

# 配置用户
[users]
yl01=1111,role1
yl02=1111,role2
yl03=1111,role1,role2
yl04=1111,role3

# 配置角色
[roles]
role1=user:query,user:add,user:update,user:delete,user:export
role2=user:query,user:add
role3=*:*

3、测试

package com.yl.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.Arrays;


/**
 * 测试类
 */
public class ShiroTest {
    //日志输出工具
    private static final transient Logger log = LoggerFactory.getLogger(ShiroTest.class);

    public static void main(String[] args) {
        log.info("My First Apache Shiro Application");
        //创建安全管理器的工厂对象
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        //使用工厂创建安全管理器对象
        SecurityManager securityManager = factory.getInstance();
        //把安全管理器绑定到当前线程
        SecurityUtils.setSecurityManager(securityManager);
        //得到主体对象
        Subject currentUser = SecurityUtils.getSubject();
        //封装用户对象
        AuthenticationToken token=new UsernamePasswordToken("yl01","1111");
        //进行认证
        try {
            currentUser.login(token);
            System.out.println("认证通过");
        } catch (AuthenticationException e) {
            System.out.println("用户名或密码错误");
        }

        //判断用户是否认证通过
        boolean authenticated=currentUser.isAuthenticated();

        //单个角色判断
        boolean role2=currentUser.hasRole("role1");
        //批量角色分开判断
        boolean[] booleans=currentUser.hasRoles(Arrays.asList("role1","role2"));
        //批量角色同时判断
        boolean allRoles=currentUser.hasAllRoles(Arrays.asList("role1","role2"));

        //用户单个权限判断
        boolean permitted=currentUser.isPermitted("user:query");
        //用户多个权限分开判断
        boolean[] permitted1=currentUser.isPermitted("user:query","user:add");
        //用户多个权限同时判断
        boolean permittedAll=currentUser.isPermittedAll("user:add","user:add","user:query");

        //用户注销
        currentUser.logout();

    }

}