在本示例中, 使用 INI 文件来定义用户和角色. 首先学习一下 INI 文件的规范.
=======================
Shiro INI 的基本规范
=======================
[main]
# 在这里定义 SecurityManager 和 Realms 等
[users]
# 每一行定义一个用户, 格式是 username = password, role1, role2, ..., roleN
[roles]
# 角色在这里定义, 格式是 roleName = perm1, perm2, ..., permN
# 说明1: 权限名可以使用带有层次的命名方式, 使用冒号来分割层次关系, 比如 user:create 或 user:poweruser:update 权限.
# 说明2: user:* 这样的权限, 代表具有 user:create 和 user:poweruser:update 权限.
[urls]
# 对于web系统, 可在这里定义url的权限配置.
==========================
pom
==========================
Shiro jar需要 slf4j 依赖项.
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
<exclusions>
<exclusion>
<artifactId>slf4j-api</artifactId>
<groupId>org.slf4j</groupId>
</exclusion>
</exclusions>
</dependency>
# =======================
shiro.ini 示例文件的内容
# =======================
# ======================= shiro.ini 示例文件的内容 # ======================= # ----------------------------------------------------------------------------- # Users and their (optional) assigned roles # username = password, role1, role2, ..., roleN # ----------------------------------------------------------------------------- [users] root = secret, admin guest = guest, guest presidentskroob = 12345, president darkhelmet = ludicrousspeed, darklord, schwartz aihe = aihe, goodguy, client # ----------------------------------------------------------------------------- # Roles with assigned permissions # roleName = perm1, perm2, ..., permN # ----------------------------------------------------------------------------- [roles] admin = * client = look:* goodguy = winnebago:drive:eagle5
==========================
API 代码示例
==========================
@Override
public void run(String... args) throws Exception {
// 创建sessionFactory,使用ini配置文件初始化
IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
// 创建securityManager实例
SecurityManager securityManager = factory.getInstance();
// 将securityManager配置在当前运行环境中
SecurityUtils.setSecurityManager(securityManager);
// 获取当前的subject
Subject currentUser = SecurityUtils.getSubject();
// session 操作
Session session = currentUser.getSession();
System.out.println("Id:" + session.getId());
session.setAttribute("name", "value");
System.out.println(session.getAttribute("name"));
if (!currentUser.isAuthenticated()) {
// 登录需要一个 token
UsernamePasswordToken token = new UsernamePasswordToken("root", "secret");
// 在 token 上设置 RememberMe
// token.setRememberMe(true);
// 登录
currentUser.login(token);
// 登录后可获取认证身份(一个或多个)
PrincipalCollection principals = currentUser.getPrincipals();
for (Object principal : principals) {
System.out.println(principal.toString());
}
// 角色检查
boolean granted1 = currentUser.hasRole("admin");
System.out.println("hasRole(‘admin‘):" + granted1);
boolean granted2 = currentUser.hasRole("winnebago:drive");
System.out.println("hasRole(‘winnebago:drive‘):" + granted1);
// 角色检查断言, 如果没有对应的角色, 会抛出 AuthorizationExceptions
currentUser.checkRole("admin");
// 权限检查
boolean granted3 = currentUser.isPermitted("winnebago:drive");
System.out.println("isPermitted(‘winnebago:drive‘):" + granted2);
// 权限检查断言, 如果没有对应的权限, 会抛出 AuthorizationExceptions
currentUser.checkPermission("winnebago:drive");
// 登出
currentUser.logout();
} else {
System.out.println("you have login");
}
}
结果输出为:
Id:71b126e5-a79c-416d-9abb-1b5430eaf5c3
value
root
hasRole(‘admin‘):true
hasRole(‘winnebago:drive‘):true
isPermitted(‘winnebago:drive‘):false
==========================
参考
==========================
https://www.jianshu.com/p/5a35d0100a71
原文地址:https://www.cnblogs.com/harrychinese/p/shiro_simple_demo.html