Maven项目下的shiro配置一

一、认识Shiro

二、代码结构

1、代码目录：

2、pom.xml所有的依赖：

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.lyd.shiro</groupId>
  <artifactId>Shiro01</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <name>Shiro01</name>
  <description>Shiro01</description>
  <build>
    <defaultGoal>compile</defaultGoal>
  </build>
  <dependencies>
	<!-- Shiro核心包 -->
	<dependency>
		<groupId>org.apache.shiro</groupId>
		<artifactId>shiro-core</artifactId>
		<version>1.3.2</version>
	</dependency>
	<!-- slf4j的接口实现 -->
	 <dependency>
		<groupId>org.slf4j</groupId>
		<artifactId>slf4j-log4j12</artifactId>
		<version>1.7.12</version>
	</dependency>
    
  </dependencies>
</project>

3、定义shiro.ini文件，主要是存放账户号码以及对应的密码，用于测试：

[users]
lyd=123456
jack=666666

4、配置日志信息的打印，使用slf4j：

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
#
log4j.rootLogger=INFO, stdout

log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n

# General Apache libraries
log4j.logger.org.apache=WARN

# Spring
log4j.logger.org.springframework=WARN

# Default Shiro logging
log4j.logger.org.apache.shiro=TRACE

# Disable verbose logging
log4j.logger.org.apache.shiro.util.ThreadContext=WARN
log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN

5、定义测试方法：

package com.lyd.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;

public class ShiroDemo {

	public static void main(String[] args) {
		//读取配置文件，初始化shiroManger工厂
		Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
		//工厂模式,获得securityManager实例对象
		SecurityManager securityManager = factory.getInstance();
		//将securityManger实例绑定到SecurityUtils
		SecurityUtils.setSecurityManager(securityManager);
		//获取当前执行的用户
		Subject currentUser = SecurityUtils.getSubject();
		//创建token令牌，用户名/密码
		UsernamePasswordToken token = new UsernamePasswordToken("lyd","12322");
		try {
			//当前用户登录
			currentUser.login(token);
			System.out.println("身份验证成功！");
		}catch(org.apache.shiro.authc.AuthenticationException e){
			e.printStackTrace();
			System.out.println("身份认证失败！");
		}
		//退出
		currentUser.logout();
	}
}

6、测试结果：

（1）错误的验证信息：

2018-06-03 19:05:45,207 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays.  Performing array equals comparison 
org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - lyd, rememberMe=false] did not match the expected credentials.
	at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600)
	at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
	at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
	at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
	at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
	at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
	at com.lyd.shiro.ShiroDemo.main(ShiroDemo.java:25)
身份认证失败！
2018-06-03 19:05:45,209 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false

（2）正确的验证信息：

2018-06-03 19:19:29,347 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true 
身份验证成功！
2018-06-03 19:19:29,347 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true

三、问题

首次运行编译的时候遇到slf4j的版本不兼容问题，报错信息如下：

原因是版本不兼容，解决方式是降低版本。

Maven项目下的shiro配置一

猜你喜欢