Shiro的权限认证 : 编程式授权 :
基于角色的访问控制
基于权限的访问控制
注解式授权
jsp标签授权
①第一步封装一个ShiroUtil
public class ShiroUtil {
/**
* 登录方法
* @param configFile textRealm的路径
* @param username 用户名
* @param password 密码
* @return
*/
public static Subject login(String configFile,String username,String password){
Factory<SecurityManager> factory = new IniSecurityManagerFactory(configFile);
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try{
currentUser.login(token);
System.out.println("登录成功");
}catch(AuthenticationException e){
e.printStackTrace();
System.out.println("登录失败");
}
return currentUser;
}
}
基于角色的访问控制:
shiro_role.ini:
主要是几个方法
currentUser.hasRole()
currentUser.hasRoles()
currentUser.hasAllRoles()
返回true/false
currentUser.checkRole()
currentUser.checkRoles()
没有返回值 若没有当前的权限则报错。
/**
* 测试currentUser.hasRole()
*/
@Test
public void testHasRole(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
System.out.println(currentUser.hasRole("role1")?"有role1的权限":"没有role1的权限");
currentUser.logout();
}
/**
* currentUser.hasRoles() 传入参数为一个List 返会一个boolean的数组
*/
@Test
public void testHasRoles(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
boolean[] results = currentUser.hasRoles(Arrays.asList("role1","role2","role3"));
System.out.println(results[0]?"有role1的权限":"没有role1的权限");
System.out.println(results[1]?"有role2的权限":"没有role2的权限");
System.out.println(results[2]?"有role3的权限":"没有role3的权限");
currentUser.logout();
}
/**
* currentUser.hasAllRoles() 传入参数为一个List 都有则返回true
*/
@Test
public void testHasAllRoles(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
System.out.println(currentUser.hasAllRoles(Arrays.asList("role1","role2","role3"))?"有role1,role2,role3的权限":"不全有role1,role2,role3的权限");
currentUser.logout();
}
/**
* checkRole()没有返回值 传入一个参数 如有此权限则继续 没有则报错
*/
@Test
public void testCheckRole(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRole("role1");
currentUser.logout();
}
/**
* checkRoles()没有返回值 传入一个list 如有此权限则继续 没有则报错
*/
@Test
public void testCheckRoles1(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRoles(Arrays.asList("role1","role2","role3"));
currentUser.logout();
}
/**
* checkRoles() 传入多个字符串参数 没有返回值 不都有则报错
*/
@Test
public void testCheckRoles2(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRoles("role1","role2","role3");
currentUser.logout();
}
基于权限的访问控制:
currentUser.isPermitted()
currentUser.isPermittedAll()
currentUser.checkPermission()
currentUser.checkPermissions()
shiro_permission.ini
/**
* 测试currentUser.isPermitted()
*/
@Test
public void testIsPermitted(){
//Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "jack", "123");
System.out.println(currentUser.isPermitted("user:select")? "有user:select的权限":"没有user:select的权限");
currentUser.logout();
}
/**
* currentUser.isPermitted() 可以传入多个字符串来判断
*/
@Test
public void testIsPermitted2(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
boolean[] results = currentUser.isPermitted("user:select","user:add","user:delete");
System.out.println(results[0]?"有user:select的权限":"没有user:select的权限");
System.out.println(results[1]?"有user:add的权限":"没有user:add的权限");
System.out.println(results[2]?"有user:delete的权限":"没有user:delete的权限");
currentUser.logout();
}
/**
* currentUser.isPermittedAll() 传入参数为一个List或多个字符串 都有则返回true
*/
@Test
public void testIsPermittedAll(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
System.out.println(currentUser.isPermittedAll("user:select","user:asss")?"有user:select,user:asss的权限":"不全有user:select,user:asss的权限");
currentUser.logout();
}
/**
* checkPermission()没有返回值 传入一个字符串获多个字符串 如有此权限则继续 没有则报错
*/
@Test
public void testCheckPermission(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "jack", "123");
currentUser.checkPermission("user:add");
currentUser.logout();
}
/**
* checkPermission()没有返回值 传入一个字符串获多个字符串 如有此权限则继续 没有则报错
*/
@Test
public void testCheckPermission1(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
currentUser.checkPermissions("user:add","user:delete","user:update");
currentUser.logout();
}