Shiro 基于 ini 自定义 Realm

基础环境

• JDK 1.8
• Maven 3

项目结构

目录结构.png

1、创建Maven项目并引入以下相关依赖

<dependencies>
  <dependency>
    <groupId>org.apache.shiro</groupId>
    <artifactId>shiro-core</artifactId>
    <version>1.4.0</version>
</dependency>
<dependency>
    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-nop</artifactId>
    <version>1.7.24</version>
  </dependency>
<!-- https://mvnrepository.com/artifact/commons-logging/commons-logging -->
<dependency>
    <groupId>commons-logging</groupId>
    <artifactId>commons-logging</artifactId>
    <version>1.2</version>
</dependency>

  <dependency>
    <groupId>junit</groupId>
    <artifactId>junit</artifactId>
    <version>3.8.1</version>
    <scope>test</scope>
  </dependency>
</dependencies>

2、Resource目录下创建配置文件 shiro.ini 并写入如下内容

[main]
securityManager=org.apache.shiro.mgt.DefaultSecurityManager
myRealm=com.negen.realm.MyRealm
securityManager.realms=$myRealm

3、test目录下创建测试类 ShiroTest.java

public class ShiroTest {
    @Test
    public void shiroTest() {
        //1、加载配置文件shiro.ini
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        //2、创建 SecurityManager 对象
        SecurityManager securityManager = factory.getInstance();
        //3、设置运行环境
        SecurityUtils.setSecurityManager(securityManager);
        //4、获取主体subject
        Subject subject = SecurityUtils.getSubject();
        //5、绑定主体登录账号及密码
//      UsernamePasswordToken token = new UsernamePasswordToken("test", "12356");     //账号不存在
//      UsernamePasswordToken token = new UsernamePasswordToken("admin", "123456");   //密码错误
        UsernamePasswordToken token = new UsernamePasswordToken("test", "123456");    //正确的账号及密码
        try {
            //6、登录
            subject.login(token);
            System.out.println("登录成功");
        }catch (UnknownAccountException unknownAccountException) {
            System.out.println("账号不存在");
        }catch (IncorrectCredentialsException incorrectCredentialsException) {
            System.out.println("密码错误");
        }
        //验证登录状态
        System.out.println("登录状态：" + subject.isAuthenticated());
    }
}

4、实现自定义Realm

• 创建 MyRealm.java
• 继承 AuthorizingRealm
• 重写三个方法

/**
 * 自定义Realm
 * @author Negen
 *
 */
public class MyRealm extends AuthorizingRealm{
    @Override
        public String getName() {
            return "MyRealm";
        }

    /**
     *  授权
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return null;
    }

    /**
     *  身份认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //获取登录时账号
        String userName = (String)token.getPrincipal();
        System.out.println(userName);
        if(!userName.equals("test"))
            throw new UnknownAccountException("账号不存在");
        //验证信息
        AuthenticationInfo info =
                new SimpleAuthenticationInfo("test", "123456", getName());
        return info;
    }
}

5、运行结果

运行结果.png