1 自定义realm
首先定义 user.ini 文件
[users]
uname=123456,admin
[roles]
admin=user:create,user:delete
其次,创建自定义realm类
package simplecount01;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
public class ThirdRealm {
public boolean customRealm(){
// 设置自定义realm
IniRealm realm=new IniRealm("classpath:user.ini");
// 创建管理器
DefaultSecurityManager manager=new DefaultSecurityManager();
// 设置realm
manager.setRealm(realm);
// 通过工具类设置manager
SecurityUtils.setSecurityManager(manager);
// 通过工具类获取subject
Subject subject = SecurityUtils.getSubject();
// 创建本地用户账号信息
UsernamePasswordToken token=new UsernamePasswordToken("uname","123456");
// 通过subject验证
subject.login(token);
// 通过subject检查权限信息
subject.checkRole("admin");
try {
subject.checkPermissions("user:create","user:delete");
return true;
}catch (AuthorizationException e) {
e.printStackTrace();
}
return false;
}
}
2 自定义jdbcRealm
2.1 在test库中创建用户表信息如下
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`username` varchar(20) NOT NULL,
`password` varchar(50) DEFAULT NULL,
PRIMARY KEY (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES ('abc', '123');
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
`userid` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) NOT NULL,
`role_name` varchar(50) DEFAULT NULL,
PRIMARY KEY (`userid`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of user_roles
-- ----------------------------
INSERT INTO `user_roles` VALUES ('1', 'abc', 'admin');
INSERT INTO `user_roles` VALUES ('2', 'abc', 'user');
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
`uid` int(11) NOT NULL AUTO_INCREMENT,
`role_name` varchar(50) DEFAULT NULL,
`permission` varchar(50) DEFAULT NULL,
PRIMARY KEY (`uid`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of roles_permissions
-- ----------------------------
INSERT INTO `roles_permissions` VALUES ('1', 'admin', 'create');
INSERT INTO `roles_permissions` VALUES ('2', 'admin', 'delete');
2.2 导入依赖包
<properties>
<slf4j.version>1.7.2</slf4j.version>
<mysql.version>5.1.40</mysql.version>
<druid.version>1.1.10</druid.version>
</properties>
<dependencies>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.version}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>${druid.version}</version>
</dependency>
</dependencies>
2.3 创建自定义类
package simplecount01;
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
public class FourRealm {
public boolean isJdbcRealm(){
// 1 设置数据源
DruidDataSource dataSource=new DruidDataSource();
dataSource.setDriverClassName("com.mysql.jdbc.Driver");
dataSource.setUrl("jdbc:mysql://localhost:3306/test?useUnicode=true");
dataSource.setUsername("root");
dataSource.setPassword("root");
// 2 创建jdbcRealm
JdbcRealm realm=new JdbcRealm();
// *** 验证权限必须设置该项为true
realm.setPermissionsLookupEnabled(true);
realm.setDataSource(dataSource);
// 3 创建manager对象
DefaultSecurityManager manager=new DefaultSecurityManager();
manager.setRealm(realm);
// 4 通过工具类设置manager
SecurityUtils.setSecurityManager(manager);
// 5 通过工具类获取subject
Subject subject=SecurityUtils.getSubject();
// 6 创建测试账号信息
UsernamePasswordToken token=new UsernamePasswordToken("abc","123");
// 7 进行验证
subject.login(token);
System.out.println("authenticated:"+subject.isAuthenticated());
// 8 验证角色
subject.checkRoles("admin");
// 9 验证权限
subject.checkPermissions("create","delete");
return true;
}
}