Shiro学习笔记（三）--- JdbcRealm

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/EndTheme_Xin/article/details/83787837

一、简介

JDBCRealm是对接数据库数据作用户，角色，权限查询的Realm

若用户不提供查询语句，则默认从users、user_roles、roles_permissions这三张表中查询。

下面是它的部分源码

public class JdbcRealm extends AuthorizingRealm {
    protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password from users where username = ?";
    protected static final String DEFAULT_SALTED_AUTHENTICATION_QUERY = "select password, password_salt from users where username = ?";
    protected static final String DEFAULT_USER_ROLES_QUERY = "select role_name from user_roles where username = ?";
    protected static final String DEFAULT_PERMISSIONS_QUERY = "select permission from roles_permissions where role_name = ?";
    private static final Logger log = LoggerFactory.getLogger(JdbcRealm.class);
    protected DataSource dataSource;
    protected String authenticationQuery = "select password from users where username = ?";
    protected String userRolesQuery = "select role_name from user_roles where username = ?";
    protected String permissionsQuery = "select permission from roles_permissions where role_name = ?";

二、maven依赖，pom.xml

        <dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
			<version>5.1.24</version>
		</dependency>
		<dependency>
			<groupId>com.alibaba</groupId>
			<artifactId>druid-spring-boot-starter</artifactId>
			<version>1.1.6</version>
		</dependency>

三、数据库创建表，添加数据

create table user_roles
(
  id        bigint auto_increment
    primary key,
  username  varchar(100) null,
  role_name varchar(100) null,
  constraint idx_user_roles
  unique (username, role_name)
)
  engine = InnoDB
  charset = utf8;

create table users
(
  id            bigint auto_increment
    primary key,
  username      varchar(100) null,
  password      varchar(100) null,
  password_salt varchar(100) null,
  constraint idx_users_username
  unique (username)
)
  engine = InnoDB
  charset = utf8;

create table roles_permissions
(
  id         bigint auto_increment
    primary key,
  role_name  varchar(100) null,
  permission varchar(100) null,
  constraint idx_roles_permissions
  unique (role_name, permission)
)
  engine = InnoDB
  charset = utf8;

创建表之后，自行添加一些测试数据

四、JdbcRealm测试类

/**
 * @program: shiro
 * @description: JdbcRealm
 * @author: Irving Wei
 * @create: 2018-11-06 15:20
 **/
public class JdbcRealmTests {
    DruidDataSource druidDataSource = new DruidDataSource();
    {
        druidDataSource.setUrl("jdbc:mysql://localhost:3306/shiro");
        druidDataSource.setUsername("root");
    }
    @Test
    public void contextLoads() {
        JdbcRealm jdbcRealm = new JdbcRealm();
        jdbcRealm.setDataSource(druidDataSource);
        // 开启权限认证，默认是false，即认证权限的时候必定抛异常
        jdbcRealm.setPermissionsLookupEnabled(true);

        // 这里是自定义查询语句
        // String sql = "select password from test_user where username = ?";
        // 使用自定义语句进行查询
        // jdbcRealm.setAuthenticationQuery(sql);

        // 构建DefaultSecurityManager
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        // 设置Realm
        defaultSecurityManager.setRealm(jdbcRealm);
        // 设置构建DefaultSecurityManager
        SecurityUtils.setSecurityManager(defaultSecurityManager);

        // 创建验证对象
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("admin", "123456");
        // 创建subject对象并提交登陆token请求
        Subject subject = SecurityUtils.getSubject();
        subject.login(usernamePasswordToken);

        System.out.println("验证是否有权限:" + subject.isAuthenticated());

        // 验证用户是否有user角色，若没有改权限会抛出 UnauthorizedException 异常
        // 同时checkRoles 可以传多个参数，同时验证多个角色
        subject.checkRoles("user");

        subject.checkPermissions("delete");
    }
}