zoukankan      html  css  js  c++  java

  • shiro学习

    从Shiro官网的10分钟教程和Get started开始。

    • 了解什么是Shiro?

      英文不好,结合百度翻译,大概了解了一下,powerful,easy to use,java安全框架,提供认证、授权、加密和session管理解决方案。

    • 下载使用

      https://shiro.apache.org/download.html

      使用maven,加载shiro的各个组件。也可以再github直接下载Shiro的全部源码学习。在源码中找到samples文件夹,查看官方提供的demo。

    • quickstart

      新建maven项目,引入shiro-core依赖

      

    <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>com.sun</groupId>
  <artifactId>shiro-quickstart</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <packaging>jar</packaging>

  <name>shiro-quickstart</name>
  <url>http://maven.apache.org</url>

  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <shiro.version>1.4.0</shiro.version>
  </properties>

  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.12</version>
      <scope>test</scope>
    </dependency>
    
    <dependency>
    	<groupId>org.apache.shiro</groupId>
    	<artifactId>shiro-core</artifactId>
    	<version>${shiro.version}</version>
    </dependency>
    <!-- 日志依赖,和shiro本身无关 -->
    <dependency>
	    <groupId>commons-logging</groupId>
	    <artifactId>commons-logging</artifactId>
	    <version>1.2</version>
	</dependency>
	<dependency>  
	    <groupId>org.slf4j</groupId>  
	    <artifactId>slf4j-simple</artifactId>  
	    <version>1.7.25</version>  
	</dependency> 
  </dependencies>
  
  <build>
  	
  	<plugins>
  		<plugin>
  			<artifactId>maven-compiler-plugin</artifactId>
  			<configuration>
  				<source>1.8</source>
  				<target>1.8</target>
  			</configuration>
  		</plugin>
  	</plugins>
  </build>
</project>

      

      新建quickStart类,按照官网实例敲下去,运行:

    1 SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
2 SLF4J: Defaulting to no-operation (NOP) logger implementation
3 SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
4 Exception in thread "main" org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
5     at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
6     at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:626)
7     at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
8     at com.sun.shiro_quickstart.QuickStart.main(QuickStart.java:18)

      没有绑定securityManager,在官方文档的Get started:first shiro application中发现了这个名词。使用shiro,第一件事就是创建一个securityManager,根据教程,我们使用shiro.ini创建securityManager.

    package com.sun.shiro_quickstart;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * 使用shiro.ini创建securityManager
 * @author quietly
 *
 */
public class StartWithSecurityManager {

	public static Logger log = LoggerFactory.getLogger(StartWithSecurityManager.class);
	public static void main(String[] args) {
		
		Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
		
		SecurityManager securityManager = factory.getInstance();
		
		SecurityUtils.setSecurityManager(securityManager);
		
		Subject currentUser = SecurityUtils.getSubject();
		
		if(!currentUser.isAuthenticated()){
			
				//尚未登录:
				UsernamePasswordToken token = new UsernamePasswordToken("root","root");
				token.setRememberMe(true);
				try{
					
					currentUser.login(token);
				}catch(UnknownAccountException e){
					
					//账号不存在
					log.error("用户名不存在:\n" + e.getMessage());
				}catch(IncorrectCredentialsException e){
					
					log.error("凭证(密码)错误:\n" + e.getMessage());
				}
		}else{
			
			log.info("用户已认证");
			log.info("root is Permited by user:select:" + currentUser.isPermitted("user:select"));
			currentUser.logout();
		}
		if(currentUser.isAuthenticated()){
			
			log.info("用户已认证");
			log.info("root is Permited by 'user:select':" + currentUser.isPermitted("user:select"));
			currentUser.logout();
		}
	}
}

      

     
  • 相关阅读:
    [Sql Server 转载]
    [C#][收集整理]
    [Sql Server][原创]
    [Sql Server][原创]
    [Sql Server][原创]
    C#代码验证sql语句是否正确(只验证不执行sql)的方法
    [Sql Server][转载] 数据库表的基本信息,你真的都了解吗?
    [Sql Server][原创] 常用 Sql 查询
    LocalProxy
    通过字符串引入模块下的属性
  • 原文地址:https://www.cnblogs.com/quietly/p/9144754.html
Copyright © 2011-2022 走看看