一,shiro 三种授权方式
1.编程式授权
Subject subject = SecurityUtils.getSubject();
if(subject.hasRole(“admin”))
{
//有权限
} else {
//无权限
}
2.注解式
@RequiresRoles("admin")
public void hello() {
//有权限
}
3.JSP/GSP 标签:在 JSP/GSP 页面通过相应的标签完成
<shiro:hasRole name="admin">
<!— 有权限 —>
</shiro:hasRole>
二,shiro获取相应的角色
1.shiro-role.ini
[users] zhang=123,role1,role2 wang=123,role1
2.通用登陆方法:
private void login(String fileini){ Factory<SecurityManager> factory =new IniSecurityManagerFactory(fileini); SecurityManager securityManager=factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject subject=SecurityUtils.getSubject(); UsernamePasswordToken usernamePasswordToken=new UsernamePasswordToken("zhang","123"); subject.login(usernamePasswordToken); }3.测试代码:
public void testRole(){ login("classpath:shiro-role.ini"); Assert.assertTrue(SecurityUtils.getSubject().hasRole("role1"));//判断拥有角色:role1 Assert.assertTrue(SecurityUtils.getSubject().hasAllRoles(Arrays.asList("role1","role2")));//判断拥有角色:role1 and role2 boolean result[] =SecurityUtils.getSubject().hasRoles(Arrays.asList("role1","role2","role3"));//判断拥有角色:role1 and role2 and !role3 Assert.assertEquals(true,result[0]); Assert.assertEquals(true,result[1]); Assert.assertEquals(false,result[2]); SecurityUtils.getSubject().checkRole("role1");//检测是否有role1 SecurityUtils.getSubject().checkRoles("role1","role2");//检测是否有role1或者role2 }三,shiro获取相应的权限
1.shiro-permission.ini
[users] zhang=123,role1,role2 wang=123,role1 [roles] role1=user:create,user:update role2=user:create,user:delete2.测试代码
@Test public void testPermission(){ login("classpath:shiro-permission.ini"); Assert.assertTrue(SecurityUtils.getSubject().isPermitted("user:create"));//判断拥有权限:user:create Assert.assertTrue(SecurityUtils.getSubject().isPermittedAll("user:create","user:delete"));//判断拥有权限:user:update and user:delete Assert.assertFalse(SecurityUtils.getSubject().isPermitted("user:view"));//判断没有权限:user:view SecurityUtils.getSubject().checkPermission("user:create");//检测是否拥有 user:create SecurityUtils.getSubject().checkPermissions("user:create","user:delete");//检测是否拥有user:create and user:delete }