First introduce shiro's identity authentication.
In a system, if users want to log in, they must go through identity authentication. Log in to the system first, and then talk about which roles the user has and which permissions the roles have.
Authentication subject: Subject
Contains the following two types of information:
- Principals: Identity, which can be username, email, mobile phone number, etc., used to identify a login subject identity;
- Credentials: credentials, common passwords, digital certificates, etc.;
Identity authentication process
Quote:
Subject : Subject, representing the current "user", this user is not necessarily a specific person, anything that interacts with the current application is a Subject, such as web crawlers, robots, etc.; that is, an abstract concept; all Subjects are bound to SecurityManager, all interactions with Subject will be delegated to SecurityManager; Subject can be regarded as a facade; SecurityManager is the actual executor;
SecurityManager: Security Manager; that is, all security-related operations will interact with SecurityManager; and it manages all Subjects; it can be seen that it is the core of Shiro, which is responsible for interacting with other components introduced later, if you have learned SpringMVC, You can think of it as a DispatcherServlet front controller;
Realm: domain, Shiro obtains security data (such as users, roles, permissions) from Realm, that is to say, if SecurityManager wants to verify the user's identity, then it needs to obtain the corresponding user from Realm for comparison to determine whether the user's identity is legal; it also needs to obtain the user's identity from Realm. Obtain the user's corresponding role/authority to verify whether the user can operate; Realm can be regarded as a DataSource, that is, a secure data source.
Steps
This time we connect to the database for authorization authentication.
1. First create a database: user
The content inside is the same as the content in the textRealm (shiro.ini) file in the previous blog.
2. Create the Jdbc_realm.ini file
| [main] jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm; dataSource = com.mchange.v2.c3p0.ComboPooledDataSource dataSource.driverClass=com.mysql.jdbc.Driver dataSource.jdbcUrl=jdbc:mysql://localhost:3306/db_shiro dataSource.user=root dataSource.password=123456 jdbcRealm.dataSource=$dataSource securityManager.realms=$jdbcRealm |
3. Create a class with a Main method in it to let Shiro's SecurityManager read the jdbc_realm.ini file. The other content is the same as the main method in the previous blog.
| package com.java1234.shiro;
import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.config.IniSecurityManagerFactory; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.subject.Subject; import org.apache.shiro.util.Factory;
public class JdbcRealmTest { public static void main(String[] args){ //读取配置文件初始化SecurityManager工厂 Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:jdbc_realm.ini"); //获取securityManager实例 SecurityManager securityManager=factory.getInstance(); //把securityManager实例绑定到SecurityUtils SecurityUtils.setSecurityManager(securityManager); //得到当前执行的用户 Subject currentUser=SecurityUtils.getSubject(); //创建token令牌,用户名/密码 UsernamePasswordToken token=new UsernamePasswordToken("java1234", "12345"); try{ //身份认证 currentUser.login(token); System.out.println("身份认证成功!"); }catch(AuthenticationException e){ e.printStackTrace(); System.out.println("身份认证失败!"); } //退出 currentUser.logout(); }
} |
注意:这里如果只在Pom中写shiro相关的dependency是不可以,因为用到了MySQL库,所以得引用MySQL相关的Jar包。
pom文件如下:
| <dependencies> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.2.4</version> </dependency>
<dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> <version>1.7.12</version> </dependency>
<dependency> <groupId>c3p0</groupId> <artifactId>c3p0</artifactId> <version>0.9.1.2</version> </dependency>
<dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency>
<dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.37</version> </dependency> </dependencies> |