Shiro achieves authentication_ini

 1. Basic concepts

1. Identity verification

        In the application, who can prove that he is himself. Generally provide some identification information such as their identity ID to indicate that he is himself,

        Such as providing ID card, username / password to prove.

        In shiro, users need to provide principals and credentials to shiro so that the application can verify the user's identity:

2，principals 

        Identity, that is, the identification attribute of the subject, can be anything, such as user name, mailbox, etc., which can be unique.

       A principal can have multiple principals, but there is only one Primary principals, generally user name / password / mobile phone number.

3，credentials 

        Proof / Certificate, that is, a security value known only by the subject, such as a password / digital certificate.

        The most common combination of principals and credentials is the username / password. Next, perform a basic identity authentication.

---

---

2. Certification process

3. Use s hiro 's i ni file to complete the authentication function

---

---

TestAuthenticationApp.java

package com.sxt.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * shiro的认证使用shiro.ini文件
 */
@SuppressWarnings("deprecation")
public class TestAuthenticationApp {
	// 日志输出工具
	private static final transient Logger log = LoggerFactory.getLogger(TestAuthenticationApp.class);

	public static void main(String[] args) {

		String username = "zhangsan";
		String password = "123456";

		log.info("My First Apache Shiro Application");
		// 1，创建安全管理器的工厂对象 org.apache.shiro.mgt.SecurityManager;  不能使用java.lang.SecurityManager
		Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
		// 2,使用工厂创建安全管理器
		SecurityManager securityManager = factory.getInstance();
		// 3,把当前的安全管理器绑定当到线的线程
		SecurityUtils.setSecurityManager(securityManager);
		// 4,使用SecurityUtils.getSubject得到主体对象
		Subject subject = SecurityUtils.getSubject();
		// 5，封装用户名和密码
		AuthenticationToken token = new UsernamePasswordToken(username, password);
		// 6,得到认证
		try {
			subject.login(token);
			System.out.println("认证通过");
		} catch (AuthenticationException e) {
			System.out.println("用户名或密码不正确");
		} 
		/*} catch (IncorrectCredentialsException e) {
			System.out.println("密码不正确");
		} catch (UnknownAccountException e) {
			System.out.println("用户名不存在");
		}*/
		
		Subject subject2 = SecurityUtils.getSubject();
		
		System.out.println(subject);
		System.out.println(subject2);
		
		aaaa();

	}
	
	public static void aaaa() {
		Subject subject2 = SecurityUtils.getSubject();
		System.out.println(subject2);
	}

}