黑马程序员技术交流社区

标题: 【上海校区】Shiro学习笔记整理--自定义Realm实现基于角色... [打印本页]

---

作者: shjava    时间: 2017-11-28 23:03
标题: 【上海校区】Shiro学习笔记整理--自定义Realm实现基于角色...

我们使用自定义Realm为用户添加角色信息

【演示】：

自定义Realm，实现授权功能

当登录用户为zhangsan时，授予用户boss权限，当登录用户为lisi时，授予staff权限

1、新建maven工程，导入依赖和编译插件

[Java] 纯文本查看 复制代码

<dependencies>

<dependency>

<groupId>junit</groupId>

<artifactId>junit</artifactId>

<version>4.9</version>

<scope>test</scope>

</dependency>

<dependency>

<groupId>commons-logging</groupId>

<artifactId>commons-logging</artifactId>

<version>1.1.3</version>

</dependency>

<dependency>

<groupId>org.apache.shiro</groupId>

<artifactId>shiro-core</artifactId>

<version>1.2.2</version>

</dependency>

</dependencies>

<build>

<plugins>

<plugin>

<groupId>org.apache.maven.plugins</groupId>

<artifactId>maven-compiler-plugin</artifactId>

<version>3.2</version>

<configuration>

<target>1.8</target>

<source>1.8</source>

<encoding>UTF-8</encoding>

</configuration>

</plugin>

</plugins>

</build>

2、自定义Realm，继承AuthorizingRealm，实现为用户授权的功能

[Java] 纯文本查看 复制代码

package cn.oriki.shiro.realm;

 

import java.util.Collection;

 

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.AuthorizingRealm;

import org.apache.shiro.subject.PrincipalCollection;

 

public class MyRealm extends AuthorizingRealm {

 

@Override

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

Collection<?> realms = principals.fromRealm(super.getName());

 

// 如果是zhangsan，授予用户boss角色

if (realms.contains("zhangsan")) {

authorizationInfo.addRole("boss");

}

// 如果登录用户是lisi，授予staff角色

if (realms.contains("lisi")) {

authorizationInfo.addRole("staff");

}

 

return authorizationInfo;

}

 

@Override

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

// 放行所有用户，返回他们的登录账号和密码

UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;

String username = usernamePasswordToken.getUsername();

String password = new String(usernamePasswordToken.getPassword());

return new SimpleAuthenticationInfo(username, password, super.getName());

}

 

}

3、编写测试类，进行测试，检查登录用户是否是boss角色

[Java] 纯文本查看 复制代码

package cn.oriki.shiro.test;

 

import org.apache.shiro.SecurityUtils;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.mgt.DefaultSecurityManager;

import org.apache.shiro.subject.Subject;

import org.junit.Test;

 

import cn.oriki.shiro.realm.MyRealm;

 

public class AuthorizatorTest {

 

@Test

public void test() {

Subject subject = this.getSubject();

 

UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123456");

 

// 登录

subject.login(token);

 

subject.checkRole("boss");// 检查登录用户是否有boss权限

 

// 登出

subject.logout();

}

 

/**

* 获取Subject

* 

* @return

*/

private Subject getSubject() {

DefaultSecurityManager securityManager = new DefaultSecurityManager();

 

securityManager.setRealm(new MyRealm());

 

SecurityUtils.setSecurityManager(securityManager);

 

return SecurityUtils.getSubject();

}

}

---

作者: wheat    时间: 2017-11-28 23:07
不错哦

---

欢迎光临 黑马程序员技术交流社区 (http://bbs.itheima.com/)

黑马程序员IT技术论坛 X3.2