版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/EndTheme_Xin/article/details/83787837
一、简介
JDBCRealm是对接数据库数据作用户,角色,权限查询的Realm
若用户不提供查询语句,则默认从users、user_roles、roles_permissions这三张表中查询。
下面是它的部分源码
public class JdbcRealm extends AuthorizingRealm {
protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password from users where username = ?";
protected static final String DEFAULT_SALTED_AUTHENTICATION_QUERY = "select password, password_salt from users where username = ?";
protected static final String DEFAULT_USER_ROLES_QUERY = "select role_name from user_roles where username = ?";
protected static final String DEFAULT_PERMISSIONS_QUERY = "select permission from roles_permissions where role_name = ?";
private static final Logger log = LoggerFactory.getLogger(JdbcRealm.class);
protected DataSource dataSource;
protected String authenticationQuery = "select password from users where username = ?";
protected String userRolesQuery = "select role_name from user_roles where username = ?";
protected String permissionsQuery = "select permission from roles_permissions where role_name = ?";
二、maven依赖,pom.xml
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.24</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.6</version>
</dependency>
三、数据库创建表,添加数据
create table user_roles
(
id bigint auto_increment
primary key,
username varchar(100) null,
role_name varchar(100) null,
constraint idx_user_roles
unique (username, role_name)
)
engine = InnoDB
charset = utf8;
create table users
(
id bigint auto_increment
primary key,
username varchar(100) null,
password varchar(100) null,
password_salt varchar(100) null,
constraint idx_users_username
unique (username)
)
engine = InnoDB
charset = utf8;
create table roles_permissions
(
id bigint auto_increment
primary key,
role_name varchar(100) null,
permission varchar(100) null,
constraint idx_roles_permissions
unique (role_name, permission)
)
engine = InnoDB
charset = utf8;
创建表之后,自行添加一些测试数据
四、JdbcRealm测试类
/**
* @program: shiro
* @description: JdbcRealm
* @author: Irving Wei
* @create: 2018-11-06 15:20
**/
public class JdbcRealmTests {
DruidDataSource druidDataSource = new DruidDataSource();
{
druidDataSource.setUrl("jdbc:mysql://localhost:3306/shiro");
druidDataSource.setUsername("root");
}
@Test
public void contextLoads() {
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(druidDataSource);
// 开启权限认证,默认是false,即认证权限的时候必定抛异常
jdbcRealm.setPermissionsLookupEnabled(true);
// 这里是自定义查询语句
// String sql = "select password from test_user where username = ?";
// 使用自定义语句进行查询
// jdbcRealm.setAuthenticationQuery(sql);
// 构建DefaultSecurityManager
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
// 设置Realm
defaultSecurityManager.setRealm(jdbcRealm);
// 设置构建DefaultSecurityManager
SecurityUtils.setSecurityManager(defaultSecurityManager);
// 创建验证对象
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("admin", "123456");
// 创建subject对象并提交登陆token请求
Subject subject = SecurityUtils.getSubject();
subject.login(usernamePasswordToken);
System.out.println("验证是否有权限:" + subject.isAuthenticated());
// 验证用户是否有user角色,若没有改权限会抛出 UnauthorizedException 异常
// 同时checkRoles 可以传多个参数,同时验证多个角色
subject.checkRoles("user");
subject.checkPermissions("delete");
}
}