02 shiro read ini complete Realm check permissions and roles

This article describes the complete process shiro depend Realm roles and permissions control.

1, environmental constraints

• win10 64-bit operating system
• idea2018.1.5
• jdk-8u162-windows-x64

• spring4.2.4

  Premise constraints

• Shiro read the complete ini file https://www.jianshu.com/p/3c31a55b0f63

  2, Procedure

  2.1 Single Realm completed certification

• In src / main / resources folder added shiro-realm.ini, as follows:

myRealm=net.wanho.security.MyRealm

• In the src / main / java folder added net.wanho.security.MyRealm.java file, as follows:

package net.wanho.security;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class MyRealm extends AuthorizingRealm {

    //授权
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;

        String pwd = new String ((char[])token.getCredentials());
        String username =  (String)token.getPrincipal();

        if(pwd.equals("123456"))
        {
            return new SimpleAuthenticationInfo(username,pwd,getName());
        }
        else {
            throw new IncorrectCredentialsException();
        }
    }
}

• TestRealm.java new folder in src / main / java file, as follows:

 @Test
    public void test1() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-realm.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zhangli", "123456");
        try {
            subject.login(token);
        } catch (Exception e) {
            e.printStackTrace();
        }

        System.out.println("123");
    }

More than 2.2 Realm verified

• In src / main / resources folder added shiro-realms.ini file, as follows:

allSuccessfulStrategy=org.apache.shiro.authc.pam.AllSuccessfulStrategy
securityManager.authenticator.authenticationStrategy=$allSuccessfulStrategy
myRealm=net.wanho.security.MyRealm
yourRealm=net.wanho.security.YourRealm
securityManager.realms=$myRealm,$yourRealm

• In src / main / java folder added net.wanho.security.YourRealm.java [Note, MyRealm.java existing], as follows:

package net.wanho.security;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class YourRealm extends AuthorizingRealm {

    //授权
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;

        String pwd = new String ((char[])token.getCredentials());
        String username =  (String)token.getPrincipal();

        if(username.equals("zhangli"))
        {
            return new SimpleAuthenticationInfo(username,pwd,getName());
        }
        else {
            throw new UnknownAccountException();
        }
    }
}

• Add the following file in TestRealm.java them:

    @Test
    public void test2() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-realms.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zhangli", "12345");
        subject.login(token);
        System.out.println("123");
    }

2.3 jdbc complete the authentication Realm

• In src / main / resources folder added shiro-jdbc-realm.ini, as follows:

jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/shiro
dataSource.username=root
dataSource.password=zhangli
jdbcRealm.dataSource=$dataSource
securityManager.realms=$jdbcRealm

• In mysql join three tables and data, sql statement is as follows:

create database shiro;
use shiro;
create table users(username varchar(20),password varchar(20));
insert into users values('ali','123456');
insert into users values('zhangli','123456');
create table user_roles(role_name varchar(20),username varchar(20));
insert into user_roles(role_name,username) values('admin','ali');
insert into user_roles(role_name,username) values('user','zhangli');
create table roles_permissions(permission varchar(20),role_name varchar(20));
insert into roles_permissions values('update','admin');
insert into roles_permissions values('insert','admin');
insert into roles_permissions values('delete','admin');
insert into roles_permissions values('select','admin');
insert into roles_permissions values('select','user');

• In TestRealm.java add the following file:

    @Test
    public void test3() {
        SecurityManager securityManager =
                new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini").getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("ali", "123456");
        subject.login(token);
        boolean ret = subject.hasRole("admin");
        boolean isOk = subject.isPermitted("insert");
        System.out.println("123");
    }

These are the logical completion of acquisition Realm permissions and roles verification process by ini.