任何介绍都不如官网来的实在:http://shiro.apache.org
本文仅是介绍shiro的简单入门,配置说明
1、mavn依赖
<!-- shiro权限控制的依赖 --> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.2.3</version> </dependency> <!-- shiro jdbcRealm 测试使用 --> <!-- https://mvnrepository.com/artifact/com.mchange/c3p0 --> <dependency> <groupId>com.mchange</groupId> <artifactId>c3p0</artifactId> <version>0.9.5.2</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging --> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency>
2、配置文件
shiro.ini
[users] wugong=111111 admin=111111
jdbc_realm.ini
[main] jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm dataSource=com.mchange.v2.c3p0.ComboPooledDataSource dataSource.driverClass=com.mysql.jdbc.Driver dataSource.jdbcUrl=jdbc:mysql://192.168.1.148:3306/vip dataSource.user=root dataSource.password=root jdbcRealm.dataSource=$dataSource securityManager.realms=$jdbcRealm
shiro_role.ini
[users] wugong=111111,admin,super admin=111111,admin super=111111,super java1234=111111,role1,role2 jack=111111,role1
shiro_permission.ini
[users] wugong=111111,admin,super admin=111111,admin super=111111,super [roles] admin=user:select super=user:add,user:update,user:delete
3、测试
shiro.ini对应的测试
@Test public void shiroHello(){ Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro/shiro.ini"); SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); Subject currentUser = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("wugong","111111"); try { currentUser.login(token); System.out.println("身份认证成功"); } catch (AuthenticationException e) { e.printStackTrace(); } currentUser.logout(); System.out.println("已经退出"); }
jdbc_realm.ini
@Test public void shiroJdbcTest(){ // Subject currentUser = ShiroUtil.login("classpath:shiro/jdbc_realm.ini","wugong","123456"); }
shiro_role.ini
说明:#shiro功能演示的数据库 #如果使用jdbc_realm功能,则必须要保证数据库中存在 users表,并且该表中必须要存在userName password字段
#shiro功能演示的数据库 #如果使用jdbc_realm功能,则必须要保证数据库中存在 users表,并且该表中必须要存在userName password字段 -- ---------------------------- -- Table structure for users -- ---------------------------- DROP TABLE IF EXISTS `users`; CREATE TABLE `users` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `userName` varchar(200) DEFAULT NULL, `password` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of users -- ---------------------------- INSERT INTO `users` VALUES ('1', 'wugong', '123456');
private static String shiroIniPath = "classpath:shiro/shiro_role.ini"; @Test public void shiroRoleTest() { // shiroRoleHasRole("wugong","111111","admin"); shiroRoleHasRoles("wugong", "111111", "admin", "super", "no"); shiroRoleHasAllRoles("wugong", "111111", "admin", "super", "no"); shiroRoleHasAllRoles("wugong", "111111", "admin", "super"); } private void shiroRoleHasRole(String userName, String password, String role) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); System.out.println(currentUser.hasRole(role) ? (userName + "账号有" + role + "权限") : (userName + "账号没有" + role + "权限")); } /** * 多个role验证 * * @Author wugong * @Date 2018/2/26 10:16 * @Modify if true,please enter your name or update time * @params */ private void shiroRoleHasRoles(String userName, String password, String... roles) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); List<String> roleList = Arrays.asList(roles); boolean results[] = currentUser.hasRoles(roleList); for (int i = 0; i < results.length; i++) { System.out.println(results[i] ? (userName + "账号有" + roleList.get(i) + "权限") : (userName + "账号没有" + roleList.get(i) + "权限")); } } /** * 全部权限的验证 * * @Author wugong * @Date 2018/2/26 10:28 * @Modify if true,please enter your name or update time * @params */ private void shiroRoleHasAllRoles(String userName, String password, String... roles) { Subject currentUser = ShiroUtil.login(shiroIniPath, userName, password); StringBuffer roleStr = new StringBuffer(); for (int i = 0; i < roles.length; i++) { String role = roles[i]; roleStr.append(role); if (i<roles.length-1) roleStr.append(","); } System.out.println(currentUser.hasAllRoles(Arrays.asList(roles)) ? (userName + "账号有全部" + roleStr + "权限") : (userName + "账号不全有" + roleStr + "权限")); }
shiro_permission.ini
扫描二维码关注公众号,回复:
75469 查看本文章
![](/qrcode.jpg)
下载地址:
项目下载地址:https://pan.baidu.com/s/1gfQ5F7l 密码:k2ba
本项目首次搭建是用于ssm简单功能 1、ssm使用的数据库配置 jdbc.properties 1.1、ssm包含基本的数据库表CRUD 1.2、包含aop事务 1.3、自定义aop controller方法拦截 com.jie.common.OperationLogger com.jie.common.SysLogAspect com.jie.common.ClassParam 1.4、mybatis的一对多、一对一简单使用说明 2、shiro入门级使用教程使用的数据库配置 jdbc_realm.ini 2.1、身份认证 2.1、读取配置的简单使用 例子:com.jie.shiro.ShiroHello.shiroHello 2.2、数据库用户读取 Realm&JDBC Reaml 例子:com.jie.shiro.ShiroJdbcTest 2.2、权限认证(授权) 2.2.1、编程式授权 2.2.1.1 基于角色的访问控制 2.2.1.2 基于权限的访问控制