|
我们使用自定义Realm为用户添加角色信息
【演示】: 自定义Realm,实现授权功能 当登录用户为zhangsan时,授予用户boss权限,当登录用户为lisi时,授予staff权限
1、新建maven工程,导入依赖和编译插件 [mw_shl_code=java,true]<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.9</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.3</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.2</version>
<configuration>
<target>1.8</target>
<source>1.8</source>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
</plugins>
</build>[/mw_shl_code]
2、自定义Realm,继承AuthorizingRealm,实现为用户授权的功能 [mw_shl_code=java,true]package cn.oriki.shiro.realm;
import java.util.Collection;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
public class MyRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
Collection<?> realms = principals.fromRealm(super.getName());
// 如果是zhangsan,授予用户boss角色
if (realms.contains("zhangsan")) {
authorizationInfo.addRole("boss");
}
// 如果登录用户是lisi,授予staff角色
if (realms.contains("lisi")) {
authorizationInfo.addRole("staff");
}
return authorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// 放行所有用户,返回他们的登录账号和密码
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
String username = usernamePasswordToken.getUsername();
String password = new String(usernamePasswordToken.getPassword());
return new SimpleAuthenticationInfo(username, password, super.getName());
}
}[/mw_shl_code]
3、编写测试类,进行测试,检查登录用户是否是boss角色 [mw_shl_code=java,true]package cn.oriki.shiro.test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
import cn.oriki.shiro.realm.MyRealm;
public class AuthorizatorTest {
@Test
public void test() {
Subject subject = this.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123456");
// 登录
subject.login(token);
subject.checkRole("boss");// 检查登录用户是否有boss权限
// 登出
subject.logout();
}
/**
* 获取Subject
*
* @return
*/
private Subject getSubject() {
DefaultSecurityManager securityManager = new DefaultSecurityManager();
securityManager.setRealm(new MyRealm());
SecurityUtils.setSecurityManager(securityManager);
return SecurityUtils.getSubject();
}
}[/mw_shl_code]
| 
收藏
淘帖
踩
