SimpleAccountRealm
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;
public class AuthenticationTest {
//简单帐号管理Realm
SimpleAccountRealm simpleAccountRealm=new SimpleAccountRealm();
@Before
public void addUser(){
//管理一个帐号名为Mark,密码为123456,角色为admin的用户(角色可以设置多种)
simpleAccountRealm.addAccount("Mark", "123456", "admin");
}
@Test
public void testAuthentication(){
//1.构建securityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
defaultSecurityManager.setRealm(simpleAccountRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token =new UsernamePasswordToken("Mark", "123456");
subject.login(token);
//判断是否认证
System.out.println("isAuthenticated "+subject.isAuthenticated());
/**
*
* 角色登出
subject.logout();
System.out.println("isAuthenticated "+subject.isAuthenticated());
**/
//检查角色是否正确
subject.checkRoles("admin");
}
}
IniRealm
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class IniReamlTest {
@Test
public void testAuthentication(){
IniRealm iniRealm=new IniRealm("classpath:user.ini");
//1.构建securityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
defaultSecurityManager.setRealm(iniRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token =new UsernamePasswordToken("Mark", "123456");
subject.login(token);
System.out.println("isAuthenticated "+subject.isAuthenticated());
subject.checkRole("admin");
//检查是否有用户删除的权限
subject.checkPermission("user:delete");
}
}
user.ini
[users]
Mark=123456,admin
[roles]
admin=user:delete,user:update
JdbcRealm
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.45</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.6</version>
</dependency>
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
import com.alibaba.druid.pool.DruidAbstractDataSource;
import com.alibaba.druid.pool.DruidDataSource;
public class JdbcReamlTest {
DruidDataSource dataSource=new DruidDataSource();
{
dataSource.setUrl("jdbc:mysql://localhost:3306/test");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}
@Test
public void testAuthentication(){
JdbcRealm jdbcRealm=new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//开启权限开关
jdbcRealm.setPermissionsLookupEnabled(true);
//自己写SQL
String sql="select password from test_user where username=?";
jdbcRealm.setAuthenticationQuery(sql);
//1.构建securityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token =new UsernamePasswordToken("xiaocheng", "123");
subject.login(token);
System.out.println("isAuthenticated "+subject.isAuthenticated());
//
// subject.checkRole("admin");
//
// subject.checkPermission("user:select");
}
}
JdbcRealm中默认的几个SQL
对应表
/*
Navicat MySQL Data Transfer
Source Server : xiaocheng
Source Server Version : 50559
Source Host : localhost:3306
Source Database : test
Target Server Type : MYSQL
Target Server Version : 50559
File Encoding : 65001
Date: 2018-09-20 16:44:16
*/
SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for `roles_permissions`
-- ----------------------------
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`role_name` varchar(255) DEFAULT NULL,
`permission` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of roles_permissions
-- ----------------------------
INSERT INTO `roles_permissions` VALUES ('1', 'admin', 'user:select');
-- ----------------------------
-- Table structure for `test_user`
-- ----------------------------
DROP TABLE IF EXISTS `test_user`;
CREATE TABLE `test_user` (
`username` varchar(255) DEFAULT NULL,
`password` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of test_user
-- ----------------------------
INSERT INTO `test_user` VALUES ('xiaocheng', '123');
-- ----------------------------
-- Table structure for `users`
-- ----------------------------
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(255) DEFAULT NULL,
`password` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES ('1', 'Mark', '123456');
-- ----------------------------
-- Table structure for `user_roles`
-- ----------------------------
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(255) DEFAULT NULL,
`role_name` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of user_roles
-- ----------------------------
INSERT INTO `user_roles` VALUES ('1', 'Mark', 'admin');
自定义Realm
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
public class CustomerRealm extends AuthorizingRealm{
//模拟数据库
Map<String,String> userMap=new HashMap<String, String>();
{
userMap.put("Mark", "f51703256a38e6bab3d9410a070c32ea");
super.setName("customerRealm");
}
//用来做授权的
@Override
protected AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals) {
String userName=(String) principals.getPrimaryPrincipal();
//从数据库中或者缓存中获取角色数据
Set<String> roles=getRolesByUserName(userName);
//从数据库中或者缓存中获取权限数据
Set<String> permissions=getPermissionsByUserName(userName);
SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
authorizationInfo.setStringPermissions(permissions);
authorizationInfo.setRoles(roles);
return authorizationInfo;
}
private Set<String> getPermissionsByUserName(String userName) {
Set<String> sets=new HashSet<String>();
sets.add("user:select");
sets.add("user:add");
return sets;
}
private Set<String> getRolesByUserName(String userName) {
Set<String> sets=new HashSet<String>();
sets.add("user");
sets.add("admin");
return sets;
}
//用来做认证的
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken token) throws AuthenticationException {
//1.从主体传过来的认证信息中,获得用户名
String username =(String) token.getPrincipal();
//2.通过用户名到数据库中获取凭证
String password=getPasswordByUserName(username);
if(password==null){
return null;
}
SimpleAuthenticationInfo authenticationInfo=new SimpleAuthenticationInfo("Mark",password,"customerRealm");
authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("salt"));
return authenticationInfo;
}
private String getPasswordByUserName(String username) {
return userMap.get(username);
}
public static void main(String[] args) {
Md5Hash md5Hash=new Md5Hash("123456","salt");
System.out.println(md5Hash.toString());
}
}
测试自定义Realm
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class CustomerRealmTest {
@Test
public void testAuthentication(){
CustomerRealm customerRealm=new CustomerRealm();
//1.构建securityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
defaultSecurityManager.setRealm(customerRealm);
//2.设置加密
HashedCredentialsMatcher credentialsMatcher=new HashedCredentialsMatcher();
//md5加密
credentialsMatcher.setHashAlgorithmName("md5");
//加密1次
credentialsMatcher.setHashIterations(1);
customerRealm.setCredentialsMatcher(credentialsMatcher);
//3.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token =new UsernamePasswordToken("Mark", "123456");
subject.login(token);
System.out.println("isAuthenticated "+subject.isAuthenticated());
/**
*
* 角色登出
subject.logout();
System.out.println("isAuthenticated "+subject.isAuthenticated());
**/
//检查角色是否正确
subject.checkRole("admin");
subject.checkPermission("user:add");
}
}