JdbcRealm数据库数据源
IniRealm是配置数据库数据源,一般在ini文件里面设置数据相关信息。
创建user.ini
//shiro-jdbc.ini配置 jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm dataSource=com.alibaba.druid.pool.DruidDataSource dataSource.driverClassName=com.mysql.jdbc.Driver dataSource.url=jdbc:mysql://localhost:3306/shiro dataSource.username=root dataSource.password=123456 jdbcRealm.dataSource=$dataSource securityManager.realms=$jdbcRealm
mysql建表
//mysql语句 drop database if exists shiro; create database shiro; use shiro; create table users ( id bigint auto_increment, username varchar(100), password varchar(100), password_salt varchar(100), constraint pk_users primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_users_username on users(username); create table user_roles( id bigint auto_increment, username varchar(100), role_name varchar(100), constraint pk_user_roles primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_user_roles on user_roles(username, role_name); create table roles_permissions( id bigint auto_increment, role_name varchar(100), permission varchar(100), constraint pk_roles_permissions primary key(id) ) charset=utf8 ENGINE=InnoDB; create unique index idx_roles_permissions on roles_permissions(role_name, permission); insert into users(username,password)values('zhang','123');
securityManager进行用户验证
//test.java @Test public void testShiroJdbcRealm(){ //1.得到securityManager并实例化 IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-jdbc.ini"); SecurityManager securityManager = factory.getInstance(); //2.绑定给SecurityUtils SecurityUtils.setSecurityManager(securityManager); //3.得到subject和进行用户身份验证的token Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("zhang","123"); try{ subject.login(token); }catch (AuthenticationException e){ } Boolean b = subject.isAuthenticated(); subject.logout(); }
上面用的是jdbcrealm默认的表和查询语言进行查询,如果需要自定义表,自定义查询语句,则可以参考下面代码。
JdbcRealm自定义
public class JdbcRealmTest { private static DruidDataSource dataSource; static { dataSource = new DruidDataSource(); dataSource.setUrl("jdbc:mysql://127.0.0.1:3306/shiro"); dataSource.setUsername("root"); dataSource.setPassword("root"); } @Test public void testJdbcRealm(){ //1、初始化JdbcRealm JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(dataSource); /** * 重点:JdbcRealm默认不开启权限检查,若要判断某角色是否有某样权限,需要开启此设置,否则会由于无法检查权限表, * 导致查询到的权限为空。 */ jdbcRealm.setPermissionsLookupEnabled(true); //(1)自定义查询密码(若不自定义,JdbcRealm有默认查询语句) String authenticationQuery = "select password from users where username = ?"; jdbcRealm.setAuthenticationQuery(authenticationQuery); //(2)自定义查询角色(若不自定义,JdbcRealm有默认查询语句) String userRolesQuery = "select role_name from user_roles where username = ?"; jdbcRealm.setUserRolesQuery(userRolesQuery); //(3)自定义查询权限(若不自定义,JdbcRealm有默认查询语句) String permissionsQuery = "select permission from roles_permissions where role_name = ?"; jdbcRealm.setPermissionsQuery(permissionsQuery); //2、创建SecurityManager DefaultSecurityManager securityManager = new DefaultSecurityManager(); //3、设置数据源 securityManager.setRealm(jdbcRealm); SecurityUtils.setSecurityManager(securityManager); Subject subject = SecurityUtils.getSubject(); AuthenticationToken token = new UsernamePasswordToken("root", "root"); subject.login(token); System.out.println(subject.isAuthenticated()); subject.checkRole("admin"); subject.checkPermission("user:delete"); } }
版权声明:本文为JAVASCHOOL原创文章,未经本站允许不得转载。