创建自定义CustomRealm类继承AuthorizingRealm
我们可以发现SimpleAccountRealm、JdbcRealm都是继承AuthorizingRealm,所有自定义Realm也继承它
实现父类方法、Realm数据库中数据使用
public class CustomRealm extends AuthorizingRealm{
//模拟数据库 user数据
Map<String,String> userMap =new HashMap<String, String>(16);
{
userMap.put("maniy","993121f227e2cef658c392549708d60c");
super.setName("customRealm");
}
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
String userName = (String) principalCollection.getPrimaryPrincipal();
Set<String> roles =getRolesByUserName(userName);
Set<String> permissions = getPermissionByUserName(userName);
SimpleAuthorizationInfo simpleAuthorizationInfo =new SimpleAuthorizationInfo();
simpleAuthorizationInfo.setStringPermissions(permissions);
simpleAuthorizationInfo.setRoles(roles);
return simpleAuthorizationInfo;
}
/**
* 模拟数据库权限认证
* @param userName
* @return
*/
private Set<String> getPermissionByUserName(String userName) {
Set<String> sets =new HashSet<String>();
sets.add("user:delete");
sets.add("user:add");
return sets;
}
/**
* 模拟数据库角色认证
* @param userName
* @return
*/
private Set<String> getRolesByUserName(String userName) {
Set<String> sets =new HashSet<String>();
sets.add("admin");
sets.add("user");
return sets;
}
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
throws AuthenticationException {
//1.从主体传过来额认证信息中,获得用户名
String userName = (String) authenticationToken.getPrincipal();
//2.通过用户名到数据库中获取凭证
String password = getPasswordByUserName(userName);
if(password == null){
return null;
}
SimpleAuthenticationInfo simpleAuthenticationInfo =new SimpleAuthenticationInfo
("maniy",password,"customRealm");
//shiro需要知道用了什么盐,在去解析密码
simpleAuthenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("maniy"));
return simpleAuthenticationInfo;
}
/**
* 模拟数据库查询认证
* @param username
* @return
*/
private String getPasswordByUserName(String username){
//
return userMap.get(username);
}
public static void main(String[] args) {
//单一的是密码加密容易破解,这时候就需要 加盐
Md5Hash md5Hash= new Md5Hash("123456","maniy");
System.out.println(md5Hash);
}
}
使用自定义Realm
public class CustomRealmTest {
@Test
public void testAUthentication() {
CustomRealm customRealm = new CustomRealm();
//1.构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(customRealm);
HashedCredentialsMatcher matcher= new HashedCredentialsMatcher();
//加密的方法 md5
matcher.setHashAlgorithmName("md5");
//加密的次数 1次
matcher.setHashIterations(1);
customRealm.setCredentialsMatcher(matcher);
//2.主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("maniy", "123456");
subject.login(token);
System.out.println("isAuthenticated:"+subject.isAuthenticated());
subject.checkRole("admin");
subject.checkPermissions("user:add","user:delete");
}
}