shiro权限认证Realm的四大用法

一、SimpleAccountRealm 

public class AuthenticationTest {

    

    SimpleAccountRealm sar=new SimpleAccountRealm();

    

    @Before

    public void addUser() {

        sar.addAccount("mark", "123456","admin","user");

    }

    

    @Test

    public void testAuthentication() {

        //1.构建seruritymanager环境

        DefaultSecurityManager dsm=new DefaultSecurityManager();

        dsm.setRealm(sar);

        

        //2.主题提交认证请求

        SecurityUtils.setSecurityManager(dsm);

        Subject subject=SecurityUtils.getSubject();

        

        UsernamePasswordToken token=new UsernamePasswordToken("mark","123456");

        subject.login(token);

        

        System.out.println("isAuthenticated:"+subject.isAuthenticated());

        

        subject.checkRoles("admin","user");

    }

 

二.IniRealm

public class IniRealmTest {

 

    

    @Test

    public void testIniRealm() {

        IniRealm realm=new IniRealm("classpath:user.ini");

        DefaultSecurityManager defaultSerurityManager=new DefaultSecurityManager();

        defaultSerurityManager.setRealm(realm);

        

        SecurityUtils.setSecurityManager(defaultSerurityManager);

        Subject subject = SecurityUtils.getSubject();

        

        UsernamePasswordToken upt=new UsernamePasswordToken("mark","123456");

        

        subject.login(upt);

        

        System.out.println("isAuthentication:"+subject.isAuthenticated());

        

        subject.checkRole("admin");

        

        subject.checkPermission("user:update");

        

    }

}

三、JDBCRealm

public class JDBCRealmTest {

    

    DruidDataSource dataSource=new DruidDataSource();

    {

        dataSource.setUrl("jdbc:mysql://localhost:3306/xxxx");

        dataSource.setUsername("root");

        dataSource.setPassword("root");

    }

    

    @Test

    public void testJDBCRealm() {

        JdbcRealm realm=new JdbcRealm();

        realm.setDataSource(dataSource);

        realm.setPermissionsLookupEnabled(true);

        //如果不用自己的sql，数据库表名必须与shiro默认的查询语句中的一致，一般情况下都是使用自定义的sql，如下：

        String sql="select password from test_user where user_name=?";

        realm.setAuthenticationQuery(sql);

        String roleSql="select role_name from test_user_roles where user_name=?";

        realm.setUserRolesQuery(roleSql);

        String permissionSql="select permission from test_roles_permissions where role_name=?";

        realm.setPermissionsQuery(permissionSql);

        

        DefaultSecurityManager dsm=new DefaultSecurityManager();

        dsm.setRealm(realm);

        

        SecurityUtils.setSecurityManager(dsm);

        Subject subject = SecurityUtils.getSubject();

        

        UsernamePasswordToken token=new UsernamePasswordToken("xm","123");

        subject.login(token);

        

        System.out.println("isAuthencation:"+subject.isAuthenticated());

        

        subject.checkRole("admin");

        subject.checkRoles("admin","user");

        subject.checkPermission("user:delete");

    }

 

}

四、自定义Realm

public class customRealmTest {

    

    @Test

    public void testCustomRealm() {

        CustomRealm realm=new CustomRealm();

        

        DefaultSecurityManager sdm=new DefaultSecurityManager();

        sdm.setRealm(realm);

        

        HashedCredentialsMatcher hcm=new HashedCredentialsMatcher();

        hcm.setHashAlgorithmName("md5");

        hcm.setHashIterations(1);

        

        realm.setCredentialsMatcher(hcm);

        

        SecurityUtils.setSecurityManager(sdm);

        Subject subject = SecurityUtils.getSubject();

        

        UsernamePasswordToken token=new UsernamePasswordToken("mark","123456");

        subject.login(token);

        System.out.println("isAuthencation:"+subject.isAuthenticated());

        

        subject.checkRole("admin");

        subject.checkRoles("admin","user");

        

        subject.checkPermission("user:delete");

    }

 

}

 

public class CustomRealm extends AuthorizingRealm {

    

    Map<String, String> userMap=new HashMap<>();

    

    {

        //模拟数据库中查询出的数据

        userMap.put("mark", "73bea81c6c06bacab41a995495239545");

        super.setName("customReal");

    }

 

    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

 

        String userName = (String) principals.getPrimaryPrincipal();

        //通过用户名获取数据库或缓存中的角色

        Set<String> roles=getRolesByUserName(userName);

        Set<String> premissions=getpremissionsByUserName(userName);

        SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();

        info.setStringPermissions(premissions);

        info.setRoles(roles);

        return info;

    }

 

    private Set<String> getpremissionsByUserName(String userName) {

        Set<String> permission=new HashSet<>();

        permission.add("user:delete");

        return permission;

    }

 

    private Set<String> getRolesByUserName(String userName) {

        Set<String> roles=new HashSet<>();

        roles.add("admin");

        roles.add("user");

        return roles;

    }

 

    @Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        //1.通过主体传过来的信息获取用户名

        String userName=(String) token.getPrincipal();

        //2.通过用户名去数据库获取凭证

        String password=getPassowrdByUserName(userName);

        if(password==null) {

            return null;

        }

        

        SimpleAuthenticationInfo info=new SimpleAuthenticationInfo("mark",password,"customReal");

        //加盐--如果数据库中密码是加盐密文，此处应该设置盐的值

        info.setCredentialsSalt(ByteSource.Util.bytes("mark"));

        return info;

    }

 

    private String getPassowrdByUserName(String userName) {

        //实际中去查数据库   这个方便演示

        return userMap.get(userName);

    }

 

    public static void main(String[] args) {

        System.out.println((int)(1+Math.random()*10));

//        Md5Hash hsh=new Md5Hash("123456");  //md5加密

        Md5Hash hsh=new Md5Hash("123456","mark");  //MD5加密并加盐    更安全

        System.out.println(hsh);

    }

    

 

}