1、创建一个包存放我们自定义的realm文件:
创建一个类名为CustomRealm继承AuthorizingRealm并实现父类AuthorizingRealm的方法,最后重写:
CustomRealm代码:
package com.shiro.myrealm; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.crypto.hash.Hash; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import java.util.HashMap; import java.util.HashSet; import java.util.Map; import java.util.Set; public class CustomRealm extends AuthorizingRealm { //认证方法 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { /** * 重写认证方法 */ //1、从主体传过来的认证信息中获取用户名 String username = (String) authenticationToken.getPrincipal(); //2、通过用户名到数据库获取凭证 String password = getPassWordByUsername(username); if (password == null) { return null; } SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo("miyue", password, "test"); return simpleAuthenticationInfo; } //授权方法 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { /** * 重新授权方法 */ String username = (String) principalCollection.getPrimaryPrincipal(); //从角色和缓存中获取角色数据 Set<String> roles = getRolesByUsername(username); //从角色和缓存中获取权限数据 Set<String> permission = getPermissionsByUsername(username); SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo(); simpleAuthorizationInfo.setRoles(roles); simpleAuthorizationInfo.setStringPermissions(permission); return simpleAuthorizationInfo; } //下面使用map,set模拟数据库数据返回 Map<String, String> map = new HashMap<String, String>(); { map.put("miyue", "houru"); } private String getPassWordByUsername(String username) { return map.get(username) == null ? null : map.get(username); } private Set<String> getRolesByUsername(String username) { Set<String> set = new HashSet<>(); set.add("admin"); set.add("user"); return set; } private Set<String> getPermissionsByUsername(String username) { Set<String> set = new HashSet<>(); set.add("user:delete"); set.add("user:add"); return set; } }
新建一个测试类MyrealmTest,测试我们自定义的realm:
package com.shiro.shiroframe; import com.shiro.myrealm.CustomRealm; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.subject.Subject; import org.junit.jupiter.api.Test; public class MyrealmTest { //引入我们自定义的realm CustomRealm customRealm = new CustomRealm(); @Test public void MyrealmTest() { DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager(); defaultSecurityManager.setRealm(customRealm); SecurityUtils.setSecurityManager(defaultSecurityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("miyue", "houru"); subject.login(usernamePasswordToken); System.err.println(subject.isAuthenticated()); subject.checkRoles("admin"); subject.checkPermission("user:add"); } }
上面测试类,验证通过,则控制台不报错,否则报错;