创建Maven项目,添加依赖
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<!-- shrio依赖 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.1</version>
</dependency>
<!--用于slf4j与log4j2保持桥接 -->
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j-impl</artifactId>
<version>2.12.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.4.1</version>
</dependency>
<dependency>
<groupId>org.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>3.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
</dependencies>
配置文件
log4j2.xml
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<!--先定义所有的appender-->
<appenders>
<!--输出控制台的配置-->
<console name="Console" target="SYSTEM_OUT">
<!--输出日志的格式-->
<!--<patternlayout pattern="%d{yyyy-MM-dd HH:mm:ss} [%p] %c %m %n"/>-->
<patternlayout pattern="[%p] %m %n"/>
</console>
</appenders>
<!-- 然后定义logger,只有定义了logger并引入的appender,appender才会生效-->
<!-- 日志级别以及优先级排序: OFF > FATAL > ERROR > WARN > INFO > DEBUG > TRACE > ALL -->
<loggers>
<root level="DEBUG">
<!--输出到控制台-->
<appender-ref ref="Console"/>
</root>
<!--org.springframework
<logger name="org.springframework" level="INFO"/>-->
</loggers>
</configuration>
shiro.ini
[users]
zhangsan=123456,admin
lisi=654321,public
[roles]
admin=product:view,product:create,product:update,product:delete
public=product:view
测试:
@Test
public void test01() {
//1.初始化shiro的安全管理器
DefaultSecurityManager securityManager = new DefaultSecurityManager();
//2.设置用户的权限信息到安全管理器
Realm realm = new IniRealm("classpath:shiro.ini");
securityManager.setRealm(realm);
//3. 使用SecurityUtils将securityManager设置到运行环境中
SecurityUtils.setSecurityManager(securityManager);
//4. 创建一个Subject实例
Subject subject = SecurityUtils.getSubject();
//5. 创建用于认证的认证的token,记录用户认证的身份和凭证即账号和密码
AuthenticationToken token =
new UsernamePasswordToken("zhangsan", "123456");
System.out.println("用户认证状态:" + subject.isAuthenticated());
//6.主体要进行登录,登录的时候进行认证检查
subject.login(token);
// 用户认证状态
System.out.println("用户认证状态:" + subject.isAuthenticated());
//7.检查角色的授权状态
System.out.println("是否拥有admin角色: " + subject.hasRole("admin"));
System.out.println("是否拥有public角色: " + subject.hasRole("public"));
//8.检查权限的授权状态
System.out.println("product:view: " + subject.isPermitted("product:view"));
System.out.println("product:view: " + subject.isPermitted("product:view", "product:update2")[1]);
//退出
subject.logout();
System.out.println("用户认证状态:" + subject.isAuthenticated());
}
输出:
[DEBUG] Opening resource from class path [shiro.ini]
[DEBUG] Parsing [users]
[DEBUG] Parsing [roles]
[DEBUG] Discovered the [roles] section. Processing...
[DEBUG] Discovered the [users] section. Processing...
用户认证状态:false
[DEBUG] Looked up AuthenticationInfo [zhangsan] from doGetAuthenticationInfo
[DEBUG] AuthenticationInfo caching is disabled for info [zhangsan]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false].
[DEBUG] Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
[DEBUG] Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
[DEBUG] Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false]. Returned account [zhangsan]
[DEBUG] No sessionValidationScheduler set. Attempting to create default instance.
[INFO] Enabling session validation scheduler...
[DEBUG] Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
用户认证状态:true
是否拥有admin角色: true
是否拥有public角色: false
product:view: true
product:view: false
[DEBUG] Logging out subject with primary principal zhangsan
[DEBUG] Stopping session with id [35cdf553-7b6b-4537-bb5a-1d502d42c17a]
用户认证状态:false
