shiro

最新推荐文章于 2022-08-13 11:30:25 发布

原创最新推荐文章于 2022-08-13 11:30:25 发布 · 192 阅读

0 ·

CC 4.0 BY-SA版权

本文介绍Apache Shiro权限框架的使用方法，包括基于角色和权限的认证过程。通过具体示例展示了如何进行用户登录、角色检查及权限验证等操作。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

package shiro;

import java.util.Arrays;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;

/**
 * http://shiro.apache.org/download.html
 * 官方例子
 * SHIRO 干嘛得，而我们不用也没有关系，初步了解下
 *
 * @author ZengWenFeng
 */
public class ZengWenFengTestShiro
{
	public static Subject subject = null;

	public void login(String configFile, String username, String password)
	{
		//1、获取SecurityManager工厂，此处使用Ini配置文件初始化SecurityManager
		Factory<SecurityManager> factory = new IniSecurityManagerFactory(configFile);

		//2、得到SecurityManager实例并绑定给SecurityUtils
		SecurityManager securityManager = factory.getInstance();
		SecurityUtils.setSecurityManager(securityManager);

		//3、得到Subject及创建用户名/密码身份验证Token（即用户身份/凭证）
		UsernamePasswordToken token = new UsernamePasswordToken(username, password);
		subject = SecurityUtils.getSubject();
		subject.login(token);
	}

	public void testHasRole()
	{
		login("classpath:shiro/shiro-role.ini", "zhang", "123");

		//判断拥有角色：role1
		boolean b1 = subject.hasRole("role1");
		System.out.println(b1);

		//判断拥有角色：role1 and role2
		boolean b2 = subject.hasAllRoles(Arrays.asList("role1", "role2"));
		System.out.println(b2);

		//判断拥有角色：role1 and role2 and !role3
		boolean[] result = subject.hasRoles(Arrays.asList("role1", "role2", "role3"));
		System.out.println(result[0]);
		System.out.println(result[1]);
		System.out.println(result[2]);
	}

	public void testCheckRole()
	{
		login("classpath:shiro/shiro-role.ini", "zhang", "123");
		//断言拥有角色：role1
		subject.checkRole("role1");
		//断言拥有角色：role1 and role3 失败抛出异常
		subject.checkRoles("role1", "role3");
	}

	public void testIsPermitted()
	{
		login("classpath:shiro-permission.ini", "zhang", "123");
		//判断拥有权限：user:create
		boolean b1 = subject.isPermitted("user:create");
		//判断拥有权限：user:update and user:delete
		boolean b2 = subject.isPermittedAll("user:update", "user:delete");
		//判断没有权限：user:view
		boolean b3 = subject.isPermitted("user:view");
		
		System.out.println(b1);
		System.out.println(b2);
		System.out.println(b3);
		
		//断言拥有权限：user:create
		subject.checkPermission("user:create");
		//断言拥有权限：user:delete and user:update
		subject.checkPermissions("user:delete", "user:update");
		//断言拥有权限：user:view 失败抛出异常
		subject.checkPermissions("user:view");
	}

	/**
	 * @param args
	 */
	public static void main(String[] args)
	{
		ZengWenFengTestShiro s = new ZengWenFengTestShiro();
		s.testHasRole();
		s.testCheckRole();
		s.testIsPermitted();
	}
}

shiro-role.ini

[users]
zhang=123,role1,role2
wang=123,role1

shiro-permission.ini

[users]
zhang=123,role1,role2
wang=123,role1
[roles]
role1=user:create,user:update
role2=user:create,user:delete

http://jinnianshilongnian.iteye.com/blog/2018936/

http://www.cnblogs.com/davidwang456/p/4428421.html