Realm Description:
The important thing Again, data fields, Shiro and secure data connector, like jdbc connection to the database; authentication and authorization to obtain information through the realm
realm effect:
Shiro Safety Data from the Realm
The default comes realm:
idae view the realm of inheritance, there is a default realm and implement a custom inherited
Two concepts:
principal: main label, there can be multiple, but needs to have a unique, common user name, phone number, email, etc.
credential: credential, it is the general password
So in general we say principal + credential on account + password
Development, often custom realm, that is integrated AuthorizingRealm
JdbcRealm:
JdbcRealm create a database table:
sql statement:
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for roles_permissions
-- ----------------------------
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`permission` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_roles_permissions`(`role_name`, `permission`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 6 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of roles_permissions
-- ----------------------------
INSERT INTO `roles_permissions` VALUES (4, 'admin', 'video:*');
INSERT INTO `roles_permissions` VALUES (3, 'role1', 'video:buy');
INSERT INTO `roles_permissions` VALUES (2, 'role1', 'video:find');
INSERT INTO `roles_permissions` VALUES (5, 'role2', '*');
INSERT INTO `roles_permissions` VALUES (1, 'root', '*');
-- ----------------------------
-- Table structure for user_roles
-- ----------------------------
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_user_roles`(`username`, `role_name`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 5 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of user_roles
-- ----------------------------
INSERT INTO `user_roles` VALUES (1, 'woxbwo', 'role1');
INSERT INTO `user_roles` VALUES (2, 'woxbwo', 'role2');
INSERT INTO `user_roles` VALUES (4, 'zbbiex', 'admin');
INSERT INTO `user_roles` VALUES (3, 'zbbiex', 'root');
-- ----------------------------
-- Table structure for users
-- ----------------------------
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`password` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`password_salt` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_users_username`(`username`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES (1, 'woxbwo', '456', NULL);
INSERT INTO `users` VALUES (2, 'zbbiex', '123', NULL);
SET FOREIGN_KEY_CHECKS = 1;
1, way:
Created under jdbcrealm.ini file into the resource directory, file content:
Note that the file format must be # ini, encoded as the ANSI
# Realm declaration specifies the type of realm
JDBCRealm = org.apache.shiro.realm.jdbc.JdbcRealm
# configuration data source
#dataSource = com.mchange.v2.c3p0.ComboPooledDataSource
the dataSource = COM .alibaba.druid.pool.DruidDataSource
# MySQL-Connector-Java . 5 driven by the url com.mysql.jdbc.Driver, after mysql-connector-java6 with the com.mysql.cj.jdbc.Driver
dataSource.driverClassName = com.mysql.cj.jdbc.Driver
# avoid security warnings
dataSource.url = jdbc: MySQL: //127.0.0.1: 3306 / IS-shiro-characterEncoding the Test = UTF-8 & serverTimezone & useSSL UTC = =? false
dataSource.username = root
dataSource.password = 123456
# specified data source
jdbcRealm.dataSource = $ dataSource
# turn on Find privileges
jdbcRealm.permissionsLookupEnabled = to true
# specify the SecurityManager Realms achieve, set realms, there can be multiple, separated by commas
securityManager.realms JDBCRealm = $
On the code:
@Test
public void shiroJdbcRealmTest () {
// create SecurityManager factory configuration file created by INI
Factory's <SecurityManager> Factory = new new IniSecurityManagerFactory ( "CLASSPATH: jdbcrealm.ini" );
SecurityManager securityManager = factory.getInstance ();
// The securityManager set to the current operating environment
SecurityUtils.setSecurityManager (securityManager);
Subject Subject = SecurityUtils.getSubject ();
// entered by the user account password
UsernamePasswordToken usernamePasswordToken = new new UsernamePasswordToken ( "woxbwo", "456" );
subject.login (usernamePasswordToken);
// org.apache.shiro.realm.jdbc.JdbcRealm
System.out.println ( "authentication result:" + subject.isAuthenticated ());
System.out.println ( "whether there is a corresponding role1 role: "+ subject.hasRole (" role1 " ));
System.out.println ( " Is there a video: find authority: "+ subject.isPermitted (" video: find " ));
}
Test Results:
认证结果:true
02:34:43.991 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
02:34:43.992 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
是否有对应的role1角色:true
02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
是否有video:find权限:true
Second way:
On the code:
@Test
public void shiroJdbcRealmTest2(){
String driveName = "com.mysql.cj.jdbc.Driver";
String dbUrl = "jdbc:mysql://127.0.0.1:3306/is-shiro-test?characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false";
String userName = "root";
String pwd = "123456";
DefaultSecurityManager securityManager = new DefaultSecurityManager();
DruidDataSource ds = new DruidDataSource();
ds.setDriverClassName(driveName);
ds.setUrl(dbUrl);
ds.setUsername(userName);
ds.setPassword(pwd);
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setPermissionsLookupEnabled(true);
jdbcRealm.setDataSource(ds);
securityManager.setRealm(jdbcRealm);
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//用户输入的账号密码
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("zbbiex", "123");
subject.login(usernamePasswordToken);
System.out.println("Authentication result:" + subject.isAuthenticated());
System.out.println ( "Is there a corresponding role1 role:" + subject.hasRole ( "role1" ));
System.out.println ( "Is there a video: find authority:" + subject. isPermitted ( "Video: Find" ));
System.out.println ( "whether any permission:" + subject.isPermitted ( "AAAA: xxxxxxxxx" ));
}
Test Results:
认证结果:true
02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
是否有对应的role1角色:false
02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
是否有video:find权限:true
02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
是否有任意权限:true