Learning -3- Shiro shiro frame built realm

1.  shiro default comes realm and common usage

• realm effect: Shiro Safety Data from the Realm
• The default comes realm: idae view the realm of inheritance, there is a default realm and implement a custom inherited
• Two concepts
  • principal: main label, there can be multiple, but needs to have a unique, common user name, phone number, email, etc.
  • credential: credential, it is the general password
  • So in general we say principal + credential on account + password
• Development, often custom realm, that is integrated AuthorizingRealm, rewrite AuthorizingRealm method of getAuthorizationInfo
• 

2.  Shiro built-ini realm operation

Creating shiro.ini configuration file in the resource directory springboot resources, the contents will be copied into the following

. 1  [Users]
 2 # = format name password, role1, role2, .. Rolen
 . 3  Jack = 456, User
 . 4  xdclass = 123, the root, ADMIN
 . 5 # format = Role permission1, permission2 ... permissionN can use wildcards
 6 # permissions the following configured user for all video: find, video: buy, if you need to configure video all operations crud the user = video: *
 7  [the roles]
 8  user = video: the Find, video: Buy
 9  # the following defines the visitor role has All rights merchandise modules inquiries, purchase rights and the comments module
 10  visitor = Good: the Find, Good: Buy, the comment: *
 11 # 'ADMIN' Role has All the permissions, Indicated by at the wildcard '*'
 12  ADMIN = *

xdclass = 123, root, admin represents, xdclass the user password 123, having a root and admin two roles,

user = video:find,video:buy 表示，普通用户角色具有视频的查看，购买权限，

admin = *  表示admin角色具有所有的权限

测试代码：

 1 package net.xdclass.xdclassshiro;
 2 
 3 import org.apache.shiro.SecurityUtils;
 4 import org.apache.shiro.authc.UsernamePasswordToken;
 5 import org.apache.shiro.config.IniSecurityManagerFactory;
 6 import org.apache.shiro.mgt.DefaultSecurityManager;
 7 import org.apache.shiro.mgt.SecurityManager;
 8 import org.apache.shiro.realm.SimpleAccountRealm;
 9 import org.apache.shiro.subject.Subject;
10 import org.apache.shiro.util.Factory;
11 import org.junit.Before;
12 import org.junit.Test;
13 
14 /**
15  * iniRealm操作
16  */
17 public class QuicksStratTest5_2 {
18 
19     @Test
20     public void testAuthentication() {
21         //通过配置文件创建SecurityManager工厂
22         Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
23        // 获取SecurityManager实例
24         SecurityManager securityManager = factory.getInstance();
25         //设置当前上下文
26         SecurityUtils.setSecurityManager(securityManager);
27 
28         //获取当前subject(application应用的user)
29         Subject subject = SecurityUtils.getSubject();
30         // 模拟用户输入
31         UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("jack","456");
32         //
33         subject.login(usernamePasswordToken);
34         System.out.println("认证结果(是否已授权)：" + subject.isAuthenticated());  //认证结果(是否已授权)：true
35         //最终调用的是org.apache.shiro.authz.ModularRealmAuthorizer.hasRole方法
36         System.out.println("是否有对应的角色：" + subject.hasRole("root"));  //是否有对应的角色：false
37         //获取登录 账号
38         System.out.println("getPrincipal():" + subject.getPrincipal());  //getPrincipal():jack
39         //校验角色，没有返回值，校验不通过，直接跑出异常
40         subject.checkRole("user");
41         // user jack有video的find权限，执行通过
42         subject.checkPermission("video:find");
43         // 是否有video:find权限：true
44         System.out.println("是否有video:find权限：" + subject.isPermitted("video:find"));
45         //   是否有video:delete权限：false
46         System.out.println("是否有video:delete权限：" + subject.isPermitted("video:delete"));
47         //user jack没有video的删除权限，执行会报错：org.apache.shiro.authz.UnauthorizedException: Subject does not have permission [video:delete]
48         subject.checkPermission("video:delete");
49 //        subject.logout();
50 //        System.out.println("logout后认证结果：" + subject.isAuthenticated());
51     }
52 
53     @Test
54     public void testAuthentication2() {
55         //通过配置文件创建SecurityManager工厂
56         Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
57         // 获取SecurityManager实例
58         SecurityManager securityManager = factory.getInstance();
59         //设置当前上下文
60         SecurityUtils.setSecurityManager(securityManager);
61         //获取当前subject(application应用的user)
62         Subject subject = SecurityUtils.getSubject();
63         // 模拟用户输入
64         UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("xdclass","123");
65         subject.login(usernamePasswordToken);
66         System.out.println("认证结果(是否已授权)：" + subject.isAuthenticated()); // 认证结果(是否已授权)：true
67         //最终调用的是org.apache.shiro.authz.ModularRealmAuthorizer.hasRole方法
68         System.out.println("是否有admin角色：" + subject.hasRole("admin")); //是否有admin角色：true
69         System.out.println("是否有root角色：" + subject.hasRole("root"));  //是否有root角色：true
70         //获取登录 账号
71         System.out.println("getPrincipal():" + subject.getPrincipal());  //getPrincipal():xdclass
72         // admin角色具有所有权限
73         subject.checkPermission("video:find");
74         // 是否有video:find权限：true
75         System.out.println("是否有video:find权限：" + subject.isPermitted("video:find"));  //是否有video:find权限：true
76         //   是否有video:delete权限：true
77         System.out.println("是否有video:delete权限：" + subject.isPermitted("video:delete")); // 是否有video:find权限：true
78         // 结果为true，如果subject.checkPermission校验不通过，则抛出异常
79         subject.checkPermission("video:delete");
80     }
81 }