Shiro认证过程 创建SecurityManager---》主体提交认证---》SecurityManager认证---》Authenticsto认证---》Realm验证 Shiro授权过程 创建SecurityManager---》主体授权---》ecurityManager授权---》Authorizer授权---》Realm获取角色权限数据
1.pom.xml
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <parent> <artifactId>ylht-shiro</artifactId> <groupId>com.ylht</groupId> <version>1.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>shiro-test</artifactId> <dependencies> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.0</version> </dependency> <!-- https://mvnrepository.com/artifact/junit/junit --> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.7</version> <scope>test</scope> </dependency> <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.45</version> </dependency> <!-- https://mvnrepository.com/artifact/com.alibaba/druid --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.6</version> </dependency> </dependencies> </project>
2.创建数据库表(为什么要这么创建,可以看看源码,当然也可以自定义表)
CREATE TABLE `users` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `username` varchar(100) DEFAULT NULL, `password` varchar(100) DEFAULT NULL, `password_salt` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `idx_users_username` (`username`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8; CREATE TABLE `user_roles` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `username` varchar(100) DEFAULT NULL, `role_name` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `idx_user_roles` (`username`,`role_name`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE TABLE `roles_permissions` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `role_name` varchar(100) DEFAULT NULL, `permission` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `idx_roles_permissions` (`role_name`,`permission`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
3.测试类(我这里自指定了表,没有使用默认表,要特别注意红色的一行代码,这个是开启jdbcRealm授权验证,没有开启会一直出现异常)
package com.ylht.shiro.test; import com.alibaba.druid.pool.DruidDataSource; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.subject.Subject; import org.junit.Test; public class JdbcRealTest { //新建数据源 DruidDataSource datasource = new DruidDataSource(); //设置数据源属性 { datasource.setUrl("jdbc:mysql://localhost:3306/test"); datasource.setUsername("root"); datasource.setPassword("root"); } @Test public void testJDBCReal() { //创建JdbcRealm对象 JdbcRealm jdbcRealm = new JdbcRealm(); //设置JdbcRealm属性 jdbcRealm.setDataSource(datasource); jdbcRealm.setPermissionsLookupEnabled(true); //使用自定义的sql(自定义的表来进行用户认证) String userSql = "select password from test_user where username = ?"; jdbcRealm.setAuthenticationQuery(userSql); //使用自定义的sql(自定义的表来进行用户角色验证) String roleSql = "SELECT role FROM test_user_roles WHERE username = ?"; jdbcRealm.setUserRolesQuery(roleSql); //1.创建SecurityManager对象 DefaultSecurityManager securityManager = new DefaultSecurityManager(); //securityManager对象设置realm securityManager.setRealm(jdbcRealm); //2.主题提交认证 SecurityUtils.setSecurityManager(securityManager); Subject subject = SecurityUtils.getSubject(); //token UsernamePasswordToken token = new UsernamePasswordToken("kk", "123456", false); //认证 subject.login(token); boolean flag = subject.isAuthenticated(); if (flag) { System.out.println("用户认证通过"); } else { System.out.println("用户认证失败"); } //角色验证 try { subject.checkRole("admin"); System.out.println("角色验证通过"); } catch (AuthorizationException e) { System.out.println("角色验证失败"); e.printStackTrace(); } //角色权限验证 try { subject.checkPermission("user:select"); System.out.println("角色权限验证通过"); } catch (AuthorizationException e) { System.out.println("角色权限验证失败"); e.printStackTrace(); } } }