本文将介绍第一个shiro相关的demo。
1、环境约束
- win10 64位操作系统
- idea2018.1.5
- jdk-8u162-windows-x64
spring4.2.4
前提约束
完成创建一个基于maven的web工程
2、操作步骤
2.1 ini中配置账号密码
- 在pom.xml中加入以下依赖
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro‐web</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro‐ehcache</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro‐spring</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j‐log4j12</artifactId>
<version>1.7.2</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.1</version>
</dependency>
- 在src/main/resources文件夹下加入shiro.ini文件,内容如下:
[users]
zhang=123
注意:"zhang"是账号,"123"是密码。
- 在src/main/java文件夹下加入TestIni.java,内容如下:
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.junit.Test;
public class TestIni {
@Test
public void test1() throws Exception {
//1、获取SecurityManager工厂,此处使用Ini配置文件初始化SecurityManager
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
//2、得到SecurityManager实例 并绑定给SecurityUtils
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
//3、得到Subject及创建用户名/密码身份验证Token(即用户身份/凭证)
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123");
//4、登录,即身份验证
subject.login(token);
System.out.println(subject.isAuthenticated());
// 6、退出
subject.logout();
}
}
2.2 ini中配置角色
- 在src/main/resources文件夹下加入shiro-role.ini文件,内容如下
[users]
zhangli=123,role1
wang=456,role2,role3
注意,wang,456,role2,role3分别对应账号,密码,该账号的角色,该账号的另一个角色
- 在src/main/java文件夹的TestIni.java中加入测试方法:
@Test
public void test2() {
SecurityManager securityManager =
new IniSecurityManagerFactory("classpath:shiro-role.ini").getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("wang", "456");
subject.login(token);
subject.checkRoles(Arrays.asList(new String[]{"role3"}));//验证role3成功
subject.checkRoles(Arrays.asList(new String[]{"role2"}));//验证role3成功
subject.checkRoles(Arrays.asList(new String[]{"role2", "role3"}));//验证role2, role3成功
try {
subject.checkRoles(Arrays.asList(new String[]{"role1", "role3"}));//验证role1, role3失败
}
catch(Exception e)
{
e.printStackTrace();
}
}
2.3 ini中配置权限
- 在src/main/resources文件夹下加入shiro-permissions.ini文件,内容如下:
[users]
zhangli=123,role1
wang=456,role2,role3
li=789,role4
[roles]
role1=user:insert,user:update
role2=user:select
role3=user:insert,user:delete,user:update,abc~efg
role4=user:*
注意:[roles]指的是角色的配置,role4=user:*指的是role4具备所有以"user:"开始的权限。
在src/main/java文件夹的TestIni.java中加入测试方法:
@Test
public void test3() {
SecurityManager securityManager =
new IniSecurityManagerFactory("classpath:shiro-permissions.ini").getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("li", "789");
subject.login(token);
boolean ret = subject.isPermitted("user:update");
System.out.println("123");
}
以上就是shiro读取ini完成角色和权限控制的过程。