Any introduction is not as real as the official website: http://shiro.apache.org
This article is just a simple introduction to shiro, configuration instructions
1. mavn dependency
<!-- Dependency of shiro permission control--> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.2.3</version> </dependency> <!-- shiro jdbcRealm test use --> <!-- https://mvnrepository.com/artifact/com.mchange/c3p0 --> <dependency> <groupId>com.mchange</groupId> <artifactId>c3p0</artifactId> <version>0.9.5.2</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging --> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency>
2. Configuration file
shiro.ini
[users] wugong=111111 admin=111111
jdbc_realm.ini
[main] jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm dataSource = com.mchange.v2.c3p0.ComboPooledDataSource dataSource.driverClass=com.mysql.jdbc.Driver dataSource.jdbcUrl=jdbc:mysql://192.168.1.148:3306/vip dataSource.user=root dataSource.password=root jdbcRealm.dataSource=$dataSource securityManager.realms=$jdbcRealm
shiro_role.ini
[users] wugong = 111111, admin, super admin = 111111, admin great=111111,great java1234=111111,role1,role2 jack=111111,role1
shiro_→ini
[users] wugong = 111111, admin, super admin = 111111, admin great=111111,great [roles] admin=user:select super=user:add,user:update,user:delete
3. Test
Tests corresponding to shiro.ini
@Test public void shiroHello(){ Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro/shiro.ini"); SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject currentUser = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("wugong","111111"); try { currentUser.login(token); System.out.println("Authentication successful"); } catch (AuthenticationException e) { e.printStackTrace (); } currentUser.logout(); System.out.println("Exited"); }
jdbc_realm.ini
@Test public void shiroJdbcTest(){ // Subject currentUser = ShiroUtil.login("classpath:shiro/jdbc_realm.ini","wugong","123456"); }
shiro_role.ini
Description: #shiro function demo database#If you use the jdbc_realm function, you must ensure that the users table exists in the database, and the userName password field must exist in this table
#shiro function demo database #If you use the jdbc_realm function, you must ensure that the users table exists in the database, and the userName password field must exist in the table -- ---------------------------- -- Table structure for users -- ---------------------------- DROP TABLE IF EXISTS `users`; CREATE TABLE `users` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `userName` varchar(200) DEFAULT NULL, `password` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of users -- ---------------------------- INSERT INTO `users` VALUES ('1', 'wugong', '123456');
private static String shiroIniPath = "classpath:shiro/shiro_role.ini"; @Test public void shiroRoleTest() { // shiroRoleHasRole("wugong","111111","admin"); shiroRoleHasRoles("wugong", "111111", "admin", "super", "no"); shiroRoleHasAllRoles("wugong", "111111", "admin", "super", "no"); shiroRoleHasAllRoles("wugong", "111111", "admin", "super"); } private void shiroRoleHasRole(String userName, String password, String role) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); System.out.println(currentUser.hasRole(role) ? (userName + "account has" + role + "permission") : (userName + "account does not have" + role + "permission")); } /** * Multiple role verification * * @Author wugong * @Date 2018/2/26 10:16 * @Modify if true,please enter your name or update time * @params */ private void shiroRoleHasRoles(String userName, String password, String... roles) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); List<String> roleList = Arrays.asList(roles); boolean results[] = currentUser.hasRoles(roleList); for (int i = 0; i < results.length; i++) { System.out.println(results[i] ? (userName + "account has" + roleList.get(i) + "permission") : (userName + "account does not have" + roleList.get(i) + "permission") ); } } /** * Verification of all permissions * * @Author wugong * @Date 2018/2/26 10:28 * @Modify if true,please enter your name or update time * @params */ private void shiroRoleHasAllRoles(String userName, String password, String... roles) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); StringBuffer roleStr = new StringBuffer(); for (int i = 0; i < roles.length; i++) { String role = roles[i]; roleStr.append(role); if (i<roles.length-1) roleStr.append(","); } System.out.println(currentUser.hasAllRoles(Arrays.asList(roles)) ? (userName + "account has all" + roleStr + "authority") : (userName + "account does not have all" + roleStr + "authority")) ; }
shiro_→ini
download link:
Project download address: https://pan.baidu.com/s/1gfQ5F7l Password: k2ba
The first build of this project is for the simple function of ssm 1. Database configuration used by ssm jdbc.properties 1.1, ssm contains basic database table CRUD 1.2, including aop transactions 1.3. Custom aop controller method interception com.jie.common.OperationLogger com.jie.common.SysLogAspect com.jie.common.ClassParam 1.4. Simple one-to-many and one-to-one instructions for mybatis 2. The database configuration used by the shiro entry-level tutorial jdbc_realm.ini 2.1. Identity authentication 2.1. Simple use of reading configuration Example child: com.jie.shiro.ShiroHello.shiroHello 2.2. Database users read Realm&JDBC Realm Example child: com.jie.shiro.ShiroJdbcTest 2.2. Authority authentication (authorization) 2.2.1. Programmatic authorization 2.2.1.1 Role-Based Access Control 2.2.1.2 Permission-based access control