zoukankan      html  css  js  c++  java
  • Apache-shiro的内置Realm之jdbcRealm

    Realm简介:

    重要的事再说一遍,数据域,Shiro和安全数据的连接器,好比jdbc连接数据库; 通过realm获取认证授权相关信息

    realm作用:

    Shiro 从 Realm 获取安全数据

    默认自带的realm:

    idae查看realm继承关系,有默认实现和自定义继承的realm

    两个概念:

    principal : 主体的标示,可以有多个,但是需要具有唯一性,常见的有用户名,手机号,邮箱等

    credential:凭证, 一般就是密码

    所以一般我们说 principal + credential 就账号 + 密码

    开发中,往往是自定义realm , 即集成 AuthorizingRealm

    JdbcRealm:

    创建jdbcRealm数据库表:

    sql语句:

    SET NAMES utf8mb4;
    SET FOREIGN_KEY_CHECKS = 0;
    
    -- ----------------------------
    -- Table structure for roles_permissions
    -- ----------------------------
    DROP TABLE IF EXISTS `roles_permissions`;
    CREATE TABLE `roles_permissions`  (
      `id` bigint(20) NOT NULL AUTO_INCREMENT,
      `role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      `permission` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      PRIMARY KEY (`id`) USING BTREE,
      UNIQUE INDEX `idx_roles_permissions`(`role_name`, `permission`) USING BTREE
    ) ENGINE = InnoDB AUTO_INCREMENT = 6 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
    
    -- ----------------------------
    -- Records of roles_permissions
    -- ----------------------------
    INSERT INTO `roles_permissions` VALUES (4, 'admin', 'video:*');
    INSERT INTO `roles_permissions` VALUES (3, 'role1', 'video:buy');
    INSERT INTO `roles_permissions` VALUES (2, 'role1', 'video:find');
    INSERT INTO `roles_permissions` VALUES (5, 'role2', '*');
    INSERT INTO `roles_permissions` VALUES (1, 'root', '*');
    
    -- ----------------------------
    -- Table structure for user_roles
    -- ----------------------------
    DROP TABLE IF EXISTS `user_roles`;
    CREATE TABLE `user_roles`  (
      `id` bigint(20) NOT NULL AUTO_INCREMENT,
      `username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      `role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      PRIMARY KEY (`id`) USING BTREE,
      UNIQUE INDEX `idx_user_roles`(`username`, `role_name`) USING BTREE
    ) ENGINE = InnoDB AUTO_INCREMENT = 5 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
    
    -- ----------------------------
    -- Records of user_roles
    -- ----------------------------
    INSERT INTO `user_roles` VALUES (1, 'woxbwo', 'role1');
    INSERT INTO `user_roles` VALUES (2, 'woxbwo', 'role2');
    INSERT INTO `user_roles` VALUES (4, 'zbbiex', 'admin');
    INSERT INTO `user_roles` VALUES (3, 'zbbiex', 'root');
    
    -- ----------------------------
    -- Table structure for users
    -- ----------------------------
    DROP TABLE IF EXISTS `users`;
    CREATE TABLE `users`  (
      `id` bigint(20) NOT NULL AUTO_INCREMENT,
      `username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      `password` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      `password_salt` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
      PRIMARY KEY (`id`) USING BTREE,
      UNIQUE INDEX `idx_users_username`(`username`) USING BTREE
    ) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
    
    -- ----------------------------
    -- Records of users
    -- ----------------------------
    INSERT INTO `users` VALUES (1, 'woxbwo', '456', NULL);
    INSERT INTO `users` VALUES (2, 'zbbiex', '123', NULL);
    
    SET FOREIGN_KEY_CHECKS = 1;

    1、方式一: 

    创建jdbcrealm.ini文件,放到resource目录下,文件内容为:

    #注意 文件格式必须为ini,编码为ANSI
    
    #声明Realm,指定realm类型
    jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
    
    #配置数据源
    #dataSource=com.mchange.v2.c3p0.ComboPooledDataSource
    
    dataSource=com.alibaba.druid.pool.DruidDataSource
    
    # mysql-connector-java 5 用的驱动url是com.mysql.jdbc.Driver,mysql-connector-java6以后用的是com.mysql.cj.jdbc.Driver
    dataSource.driverClassName=com.mysql.cj.jdbc.Driver
    
    #避免安全警告
    dataSource.url=jdbc:mysql://127.0.0.1:3306/is-shiro-test?characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
    
    dataSource.username=root
    
    dataSource.password=123456
    
    #指定数据源
    jdbcRealm.dataSource=$dataSource
    
    #开启查找权限
    jdbcRealm.permissionsLookupEnabled=true
    
    #指定SecurityManager的Realms实现,设置realms,可以有多个,用逗号隔开
    securityManager.realms=$jdbcRealm

    上代码:

        @Test
        public void shiroJdbcRealmTest(){
            //创建SecurityManager工厂,通过配置文件ini创建
            Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:jdbcrealm.ini");
    
            SecurityManager securityManager = factory.getInstance();
    
            //将securityManager 设置到当前运行环境中
            SecurityUtils.setSecurityManager(securityManager);
    
            Subject subject = SecurityUtils.getSubject();
    
            //用户输入的账号密码
            UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("woxbwo", "456");
    
            subject.login(usernamePasswordToken);
    
            //org.apache.shiro.realm.jdbc.JdbcRealm
    
            System.out.println(" 认证结果:"+subject.isAuthenticated());
    
            System.out.println(" 是否有对应的role1角色:"+subject.hasRole("role1"));
    
            System.out.println("是否有video:find权限:"+ subject.isPermitted("video:find"));
    
        }

    测试结果:

    认证结果:true
    02:34:43.991 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set.  Checking for a cacheManager...
    02:34:43.992 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set.  Authorization cache cannot be obtained.
    是否有对应的role1角色:true
    02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set.  Checking for a cacheManager...
    02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set.  Authorization cache cannot be obtained.
    是否有video:find权限:true

     

    方式二 :

    上代码:

    @Test
        public void shiroJdbcRealmTest2(){
            String driveName = "com.mysql.cj.jdbc.Driver";
            String dbUrl = "jdbc:mysql://127.0.0.1:3306/is-shiro-test?characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false";
            String userName = "root";
            String pwd = "123456";
            DefaultSecurityManager securityManager = new DefaultSecurityManager();
            DruidDataSource ds = new DruidDataSource();
            ds.setDriverClassName(driveName);
            ds.setUrl(dbUrl);
            ds.setUsername(userName);
            ds.setPassword(pwd);
    
            JdbcRealm jdbcRealm = new JdbcRealm();
            jdbcRealm.setPermissionsLookupEnabled(true);
            jdbcRealm.setDataSource(ds);
    
            securityManager.setRealm(jdbcRealm);
    
            SecurityUtils.setSecurityManager(securityManager);
            Subject subject = SecurityUtils.getSubject();
    
            //用户输入的账号密码
            UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("zbbiex", "123");
    
            subject.login(usernamePasswordToken);
    
    
            System.out.println(" 认证结果:"+subject.isAuthenticated());
    
            System.out.println(" 是否有对应的role1角色:"+subject.hasRole("role1"));
    
            System.out.println("是否有video:find权限:"+ subject.isPermitted("video:find"));
    
            System.out.println("是否有任意权限:"+ subject.isPermitted("aaaa:xxxxxxxxx"));
        }

     测试结果:

    认证结果:true
    02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set.  Checking for a cacheManager...
    02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set.  Authorization cache cannot be obtained.
    是否有对应的role1角色:false
    02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set.  Checking for a cacheManager...
    02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set.  Authorization cache cannot be obtained.
    是否有video:find权限:true
    02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set.  Checking for a cacheManager...
    02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set.  Authorization cache cannot be obtained.
    是否有任意权限:true
  • 相关阅读:
    javascript--Date
    PL/SQL的命令行窗口中执行脚本
    关于资产新增接口问题描述
    ORA-00600: internal error code, arguments: [kqludp2], [0x08D226918], [0], [], [], [], [], [], [], [], [], []
    Oracle 表空间扩容
    EBS 创建会计科目 小结
    EBS AP 创建会计科目失败
    EBS GL 日记账行“账户说明”段说明显示不全
    EBS 修改系统名称
    EBS 修改系统颜色
  • 原文地址:https://www.cnblogs.com/woxbwo/p/11280139.html
Copyright © 2011-2022 走看看