shiro提供jdbcRealm连接数据库
- 这里要连接数据库所有要依赖一些jar包
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.45</version>
</dependency>
<!-- 阿里巴巴开源的连接池 功能强大 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.6</version>
</dependency>
既然要使用jdbcRealm,可以看看它的结构
可以发现里面有默认的sql语句,我们可以通过这些语句来对数据库操作。
数据库表名和字段名与默认的sql一致,字段可以多不能少
连接数据库查询认证、角色、权限
public class JdbcRealmTest {
//加载数据源
DruidDataSource dataSource = new DruidDataSource();
{
dataSource.setUrl("jdbc:mysql://localhost:3306/shiro");
dataSource.setUsername("root");
dataSource.setPassword("123456");
}
@Test
public void testAuthentication(){
JdbcRealm jdbcRealm=new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//jdbcReal可以设置权限开关,默认是false 需要手动改为true
jdbcRealm.setPermissionsLookupEnabled(true);
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
//把jdbcRealm设置到DefaultSecurityManager
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject= SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.checkRole("admin");
//多角色检查
subject.checkRoles("admin");
subject.checkPermission("user:select");
}
默认的SQL语句可能不是我们想要的,我们可以自己写sql查询语句
表名前面加test
代码如下:
@Test
public void testAuthentication2(){
JdbcRealm jdbcRealm=new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
//jdbcReal可以设置权限开关,默认是false 需要手动改为true
jdbcRealm.setPermissionsLookupEnabled(true);
//自己写sql查询语句
String sql="select password from test_user where user_name=?";
//认证
jdbcRealm.setAuthenticationQuery(sql);
String roleSql ="select role_name from test_user_roles where user_name=?";
//角色
jdbcRealm.setUserRolesQuery(roleSql);
String perSql="select permission from test_roles_permissions where role_name = ?";
//权限
jdbcRealm.setPermissionsQuery(perSql);
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject= SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken("maniy","123456");
subject.login(token);
System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.checkRole("admin");
subject.checkPermission("user:select");
}