Shrio学习总结（三）--自定义Realm以及连接数据库Realm

自定义Realm：

第一步：新建一个包，com.shiro.realm下面新建一个CustomRealm.java

1. package com.shiro.realm;
3. import org.apache.shiro.authc.AuthenticationException;
4. import org.apache.shiro.authc.AuthenticationInfo;
5. import org.apache.shiro.authc.AuthenticationToken;
6. import org.apache.shiro.authc.SimpleAuthenticationInfo;
7. import org.apache.shiro.authc.UsernamePasswordToken;
8. import org.apache.shiro.authz.AuthorizationInfo;
9. import org.apache.shiro.realm.AuthorizingRealm;
10. import org.apache.shiro.subject.PrincipalCollection;
12. public class CustomRealm extends AuthorizingRealm {
14. @Override
15. public String getName() {
16. return "CustomRealm";
17. }
19. //支持UsernamePasswordToken
20. @Override
21. public boolean supports(AuthenticationToken token) {
22. return token instanceof UsernamePasswordToken;
23. }
25. //认证
26. @Override
27. protected AuthenticationInfo doGetAuthenticationInfo(
28. AuthenticationToken token) throws AuthenticationException {
30. //从token中 获取用户身份信息
31. String username = (String) token.getPrincipal();
32. //拿username从数据库中查询
33. //....
34. //如果查询不到则返回null
35. if(!username.equals("taojian")){//这里模拟查询不到
36. return null;
37. }
39. //获取从数据库查询出来的用户密码
40. String password = "123456";//这里使用静态数据模拟。。
42. //返回认证信息由父类AuthenticatingRealm进行认证
43. SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
44. username, password, getName());
46. return simpleAuthenticationInfo;
47. }
49. //授权
50. @Override
51. protected AuthorizationInfo doGetAuthorizationInfo(
52. PrincipalCollection principals) {
53. // TODO Auto-generated method stub
54. return null;
55. }
57. }

第二步：修改配置文件，取名shiro-realm.ini

1. [main]
2. #自定义 realm
3. customRealm=com.shiro.realm.CustomRealm
4. #将realm设置到securityManager
5. securityManager.realms=$customRealm

第三步：测试

1. package com.shiro.hello;
2. import org.apache.shiro.SecurityUtils;
3. import org.apache.shiro.authc.AuthenticationException;
4. import org.apache.shiro.authc.UsernamePasswordToken;
5. import org.apache.shiro.config.IniSecurityManagerFactory;
6. import org.apache.shiro.mgt.SecurityManager;
7. import org.apache.shiro.subject.Subject;
8. import org.apache.shiro.util.Factory;
9. public class HelleWorld {
10. public static void main(String[] args) {
11. // 读取配置文件，初始化SecurityManager工厂
12. Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini");
13. // 获取securityManager实例
14. SecurityManager securityManager=factory.getInstance();
15. // 把securityManager实例绑定到SecurityUtils
16. SecurityUtils.setSecurityManager(securityManager);
17. // 得到当前执行的用户
18. Subject currentUser=SecurityUtils.getSubject();
19. // 创建token令牌，用户名/密码
20. UsernamePasswordToken token=new UsernamePasswordToken("taojian", "123456");
21. try{
22. // 身份认证
23. currentUser.login(token);
24. System.out.println("身份认证成功！");
25. }catch(AuthenticationException e){
26. e.printStackTrace();
27. System.out.println("身份认证失败！");
28. }
29. // 退出
30. currentUser.logout();
31. }
32. }

出现异常信息：

1. Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory
2. at org.apache.commons.beanutils.ConvertUtilsBean.<init>(ConvertUtilsBean.java:157)

解决方法：在pom.xml中添加jar文件

1. <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging -->
2. <dependency>
3. <groupId>commons-logging</groupId>
4. <artifactId>commons-logging</artifactId>
5. <version>1.1.1</version>
6. </dependency>

连接数据库：

第一步：新建jdbc_realm.ini文件：

1. [main]
2. jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
3. dataSource=com.mchange.v2.c3p0.ComboPooledDataSource
4. dataSource.driverClass=com.mysql.jdbc.Driver
5. dataSource.jdbcUrl=jdbc:mysql://localhost:3306/db_shiro
6. dataSource.user=root
7. dataSource.password=123
8. jdbcRealm.dataSource=$dataSource
9. securityManager.realms=$jdbcRealm

第二步：在数据中建表，表的字段是username和password

第三步：测试

1. Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:jdbc_realm.ini");

出现异常：

1. Exception in thread "main" org.apache.shiro.config.ConfigurationException: Unable to instantiate class
2. [com.mchange.v2.c3p0.ComboPooledDataSource] 
3. for object named 'dataSource'. 
4. Please ensure you've specified the fully qualified class name correctly.
5. at org.apache.shiro.config.ReflectionBuilder.createNewInstance(ReflectionBuilder.java:151)
6. at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:119)
7. at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:161)
8. at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:124)

解决异常：缺少jar包，在pom.xml添加：

1. <dependency>
2. <groupId>c3p0</groupId>
3. <artifactId>c3p0</artifactId>
4. <version>0.9.1.2</version>
5. </dependency>
7. <dependency>
8. <groupId>commons-logging</groupId>
9. <artifactId>commons-logging</artifactId>
10. <version>1.2</version>
11. </dependency>
13. <dependency>
14. <groupId>mysql</groupId>
15. <artifactId>mysql-connector-java</artifactId>
16. <version>5.1.37</version>
17. </dependency>