AuthenticatingRealm类是用来获取数据的类,是一个抽象类,默认获取配置文件中的数据的子类为SimpleAccountRealm,想要获取数据库中的数据需要自己定义一个实现类extends AuthenticatingRealm,该类中只有认证方式。想要即有认证方法,也存在授权方法,需要去继承 AuthorizingRealm 类,该类实现了 AuthenticatingRealm,也是一个抽象类,所以存在两个抽象方法(认证、授权)需要去实现。
AuthonticatingRealm抽象类中存在一个抽象方法doGetAuthenticationInfo用该方法获取数据
实现方式:
- 默认实现SimpleAccountRealm,获取配置文件中的用户数据
- 自定义实现:获取数据库中的数据
SimpleAccountRealm:本身不做数据比对,只获取数据
AuthonticatingRealm存在一个进行数据比对的属性:CredentialsMatcher是一个接口,该接口的实现类SimpleCredentialsMatch通过equals方法进行数据比对,由于用户输入的密码,和数据库中通过加盐加密散列的密码一定不会相同,所以不能用equals方法进行比对,需要将默认的比对器转换为HashedCredentialsMatcher比对器
Shiro默认执行SimpleAccountRealm获取配置文件数据,想要获取数据库中的数据步骤:
- 开发自定义realm extends AuthonticatingRealm
- 告知shiro使用自定义Realm
- Shiro集成数据库时需要导入commons-logging包
注意:添加缓存时,需要导入encache自身的依赖
<dependency>
<groupId>org.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>3.6.3</version>
</dependency>
Shiro过滤器
@Configuration
public class ShiroFilterConf {
@Bean//Shiro过滤器 判断请求是否认证成功 该方法由工厂调用,该形参存在在工厂中,所以可直接注入类型即可
public ShiroFilterFactoryBean getShiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
//过滤器拦截请求 默认不拦截,所以需要进行相关拦截配置
Map<String, String> map = new HashMap<String, String>();
map.put("/main/main.jsp", "authc");//添加认证过滤器 拦截所有的请求 没有认证则跳转到登录界面
map.put("/**", "anon");
shiroFilterFactoryBean.setSuccessUrl("/main/main.jsp");
shiroFilterFactoryBean.setFilterChainDefinitionMap(map);//定义过滤器链(多个过滤器)
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager getSecurityManager(Realm myRealm, CacheManager cacheManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setCacheManager(cacheManager);
securityManager.setRealm(myRealm);
return securityManager;
}
@Bean
public Realm getRealm(CredentialsMatcher hashedCredentialsMatcher) {
MyRealm myRealm = new MyRealm();
myRealm.setCredentialsMatcher(hashedCredentialsMatcher);
return myRealm;
}
@Bean
public CredentialsMatcher getCredentialsMatcher() {
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");
hashedCredentialsMatcher.setHashIterations(1024);
return hashedCredentialsMatcher;
}
@Bean
public CacheManager getCacheManager() {
EhCacheManager ehCacheManager = new EhCacheManager();
return ehCacheManager;
}
}
自定义Realm
public class MyRealm extends AuthorizingRealm {
@Autowired
AdminMapper adminMapper;
@Autowired
RoleMapper roleMapper;
@Override //授权
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
String primaryPrincipal = (String) principalCollection.getPrimaryPrincipal();//获得用户名
//通过该用户名查询该用户的角色
List<Role> roleList = roleMapper.queryAllRoleByName(primaryPrincipal);
AuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();//授权信息 添加权限
//通过角色获取到权限,将权限添加至授权信息中
if (!roleList.isEmpty()) {
for (Role role : roleList) {
List<Authority> authorities = roleMapper.queryAllAuthorityByRole(role.getName());
((SimpleAuthorizationInfo) authorizationInfo).addRole(role.getName());
if (!authorities.isEmpty()) {
for (Authority authority : authorities) {
//将权限添加到授权信息中
((SimpleAuthorizationInfo) authorizationInfo).addStringPermission(authority.getAuthority());
}
}
}
}
return authorizationInfo;
}
@Override //认证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String username = (String) authenticationToken.getPrincipal();//获取身份信息
Admin admin = new Admin();
admin.setName(username);
Admin admin1 = adminMapper.selectOne(admin);
AuthenticationInfo authenticationInfo = null;
if (admin1 != null) {//认证器
authenticationInfo = new SimpleAuthenticationInfo(admin1.getName(), admin1.getPassword(), ByteSource.Util.bytes(admin1.getSalt()), this.getName());
}
return authenticationInfo;
}
}