Realm Description:
Connector data field, and Shiro security data, such connection jdbc database; information acquired by the authentication and authorization realm
realm effect:
Shiro Safety Data from the Realm
The default comes realm:
idae view the realm of inheritance, there is a default realm and implement a custom inherited
Two concepts:
principal: main label, there can be multiple, but needs to have a unique, common user name, phone number, email, etc.
credential: credential, it is the general password
So in general we say principal + credential on account + password
Development, often custom realm, that is integrated AuthorizingRealm
IniRealm:
Mainly through the data stored in a certain format file system: xxxxxx.ini
New shiro.ini file in the resources directory of the project, says:
# = Password format name, role1, role2, ..roleN
[ Users ]
# username = password, which has the role
woxbwo = 456, User
zbbiex = 123, ADMIN, User
# format Role = permission1, permission2 .. .permissionN can also use a wildcard
permission to configure the user # below for all video: Find , video: Buy, if all the video need to configure the operation of crud = user video: *
[ Roles ]
user = video: Find, video: Buy
# 'ADMIN 'Role has All Permissions , Indicated by The wildcard' * '
ADMIN = *
Combat Code:
public class ShiroIniRealmTest {
@Test
public void shiroIniRealmTest () {
// create SecurityManager factory configuration file created by INI
Factory's <SecurityManager> = iniSecurityManagerFactory new new IniSecurityManagerFactory ( "CLASSPATH: shiro.ini" );
SecurityManager instance = iniSecurityManagerFactory.getInstance ();
// will securityManager set to the current operating environment
SecurityUtils.setSecurityManager (instance);
Subject Subject = SecurityUtils.getSubject ();
// account password entered by the user
usernamePasswordToken usernamePasswordToken =new UsernamePasswordToken("woxbwo", "456");
subject.login(usernamePasswordToken);
System.out.println(" 认证结果:"+subject.isAuthenticated());
System.out.println(" 是否有对应的user角色:"+subject.hasRole("user"));
System.out.println(" getPrincipal=" + subject.getPrincipal());
subject.checkRole("user");
subject.checkPermission("video:find");
System.out.println( "是否有video:find 权限:"+ subject.isPermitted("video:find"));
subject.logout();
"after logout authentication result:" +
System.out.println (subject.isAuthenticated());
}
}
Validation results
Certified results: to true
if there is a corresponding user roles: to true
getPrincipal = woxbwo
whether there is video: find rights: to true
01: 18: 42.477 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging OUT Subject with Primary Principal woxbwo
01 : 18 is: 42.477 [main] org.apache.shiro.session.mgt.AbstractSessionManager the DEBUG - Stopping the session with ID [ab545c66-a6f9-43ed-b5f6- 71e37e89c1cb]
after logout authentication result: to false