Shiro--简单使用

布满荆棘的人生 2021-08-24 20:07 476阅读 0赞

### 创建Maven项目，添加依赖 ###

<dependencies>
    
            <dependency>
                <groupId>junit</groupId>
                <artifactId>junit</artifactId>
                <version>4.12</version>
                <scope>test</scope>
            </dependency>
    
            
            <dependency>
                <groupId>org.apache.shiro</groupId>
                <artifactId>shiro-core</artifactId>
                <version>1.4.1</version>
            </dependency>
    
            
            <dependency>
                <groupId>org.apache.logging.log4j</groupId>
                <artifactId>log4j-slf4j-impl</artifactId>
                <version>2.12.1</version>
                <scope>test</scope>
            </dependency>
    
            <dependency>
                <groupId>org.apache.shiro</groupId>
                <artifactId>shiro-ehcache</artifactId>
                <version>1.4.1</version>
            </dependency>
    
            <dependency>
                <groupId>org.ehcache</groupId>
                <artifactId>ehcache</artifactId>
                <version>3.8.0</version>
            </dependency>
    
            <dependency>
                <groupId>org.apache.shiro</groupId>
                <artifactId>shiro-spring</artifactId>
                <version>1.4.1</version>
            </dependency>
        </dependencies>

### 配置文件 ###

log4j2.xml

<?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        
        <appenders>
            
            <console name="Console" target="SYSTEM_OUT">
                
                
                <patternlayout pattern="[%p] %m %n"/>
            </console>
        </appenders>
    
        
        
        <loggers>
            <root level="DEBUG">
                
                <appender-ref ref="Console"/>
            </root>
            
        </loggers>
    </configuration>

shiro.ini

[users]
    zhangsan=123456,admin
    lisi=654321,public
    
    [roles]
    admin=product:view,product:create,product:update,product:delete
    public=product:view

测试：

@Test
        public void test01() { 
            //1.初始化shiro的安全管理器
            DefaultSecurityManager securityManager = new DefaultSecurityManager();
    
            //2.设置用户的权限信息到安全管理器
            Realm realm = new IniRealm("classpath:shiro.ini");
            securityManager.setRealm(realm);
    
            //3. 使用SecurityUtils将securityManager设置到运行环境中
            SecurityUtils.setSecurityManager(securityManager);
    
            //4. 创建一个Subject实例
            Subject subject = SecurityUtils.getSubject();
    
            //5. 创建用于认证的认证的token，记录用户认证的身份和凭证即账号和密码
            AuthenticationToken token =
                    new UsernamePasswordToken("zhangsan", "123456");
    
            System.out.println("用户认证状态：" + subject.isAuthenticated());
            //6.主体要进行登录，登录的时候进行认证检查
            subject.login(token);
            // 用户认证状态
            System.out.println("用户认证状态：" + subject.isAuthenticated());
    
            //7.检查角色的授权状态
            System.out.println("是否拥有admin角色: " + subject.hasRole("admin"));
            System.out.println("是否拥有public角色: " + subject.hasRole("public"));
    
            //8.检查权限的授权状态
            System.out.println("product:view: " + subject.isPermitted("product:view"));
            System.out.println("product:view: " + subject.isPermitted("product:view", "product:update2")[1]);
    
            //退出
            subject.logout();
            System.out.println("用户认证状态：" + subject.isAuthenticated());
        }

输出：

[DEBUG] Opening resource from class path [shiro.ini] 
    [DEBUG] Parsing [users] 
    [DEBUG] Parsing [roles] 
    [DEBUG] Discovered the [roles] section.  Processing... 
    [DEBUG] Discovered the [users] section.  Processing... 
    用户认证状态：false
    [DEBUG] Looked up AuthenticationInfo [zhangsan] from doGetAuthenticationInfo 
    [DEBUG] AuthenticationInfo caching is disabled for info [zhangsan].  Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false]. 
    [DEBUG] Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 
    [DEBUG] Both credentials arguments can be easily converted to byte arrays.  Performing array equals comparison 
    [DEBUG] Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false].  Returned account [zhangsan] 
    [DEBUG] No sessionValidationScheduler set.  Attempting to create default instance. 
    [INFO] Enabling session validation scheduler... 
    [DEBUG] Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 
    用户认证状态：true
    是否拥有admin角色: true
    是否拥有public角色: false
    product:view: true
    product:view: false
    [DEBUG] Logging out subject with primary principal zhangsan 
    [DEBUG] Stopping session with id [35cdf553-7b6b-4537-bb5a-1d502d42c17a] 
    用户认证状态：false