protected void configureShiro() {
final Ini config = new Ini();
config.addSection("users");
config.getSection("users").put("EntitlementUser", "password, entitlement");
config.addSection("roles");
config
.getSection("roles")
.put(
"entitlement",
Permission.ACCOUNT_CAN_CREATE.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CREATE.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CHANGE_PLAN.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_PAUSE_RESUME.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_TRANSFER.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CANCEL.toString());
// Reset the security manager
ThreadContext.unbindSecurityManager();
final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
final SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
}
public static void main(String[] args) {
// Using the IniSecurityManagerFactory, which will use the an INI file
// as the security file.
Factory<org.apache.shiro.mgt.SecurityManager> factory =
new IniSecurityManagerFactory("C:\\auth.ini");
// Setting up the SecurityManager...
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
// SecurityUtils 对象是一个 singleton,这意味着不同的对象可以使用它来获得对当前用户的访问
// 一旦成功地设置了这个 SecurityManager,就可以在应用程序不同部分调用 SecurityUtils.getSubject() 来获得当前用户的信息
SecurityUtils.setSecurityManager(securityManager);
// 获得当前用户的信息
Subject user = SecurityUtils.getSubject();
logger.info("User is authenticated: " + user.isAuthenticated()); // false
UsernamePasswordToken token = new UsernamePasswordToken("bjangles11", "dance");
// 如果 token 的验证密码不正确, login() 方法会抛出一个 IncorrectCredentialsException
// 在生产代码内这个异常应被明确捕获以便应用程序在用户提供了不正确的代码时能够进行恰当的响应。
// 如果用户不正确,login() 方法就会抛出一个 UnknownAccountException。我们既要考虑如何处理这个异常,但又不应向用户提供太多信息。
// 一种常见的做法是不要向用户提示用户名有效、只有密码不正确。这是因为如果有人试图通过猜测获得访问,那么您绝对不会想要暗示此人他所猜测的用户名是正确的
user.login(token);
logger.info("User is authenticated: " + user.isAuthenticated()); // true
}
private Subject login(String config) throws AuthenticationException {
Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
AuthenticationToken token = new UsernamePasswordToken("zhang", "123");
try {
subject.login(token);
} catch (AuthenticationException e) {
throw e;
}
return subject;
}
@Test
public void jdbcShiro() {
Factory<SecurityManager> securityManagerFactory =
new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini");
SecurityManager securityManager = securityManagerFactory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("user", "user");
subject.login(token);
Assert.assertEquals(true, subject.isAuthenticated());
subject.logout();
}
protected void login(String configFile, String username, String password) {
// 1、获取SecurityManager工厂,此处使用Ini配置文件初始化SecurityManager
Factory<org.apache.shiro.mgt.SecurityManager> factory =
new IniSecurityManagerFactory(configFile);
// 2、得到SecurityManager实例 并绑定给SecurityUtils
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
// 3、得到Subject及创建用户名/密码身份验证Token(即用户身份/凭证)
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
subject.login(token);
}
@Test
public void test() {
Factory<org.apache.shiro.mgt.SecurityManager> factory =
new IniSecurityManagerFactory("classpath:shiro-config.ini");
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
// 将SecurityManager设置到SecurityUtils 方便全局使用
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123");
subject.login(token);
Assert.assertTrue(subject.isAuthenticated());
}
@Before
public void setUp() {
JdbcTemplateUtils.jdbcTemplate().update("delete from sys_users");
JdbcTemplateUtils.jdbcTemplate().update("delete from sys_roles");
JdbcTemplateUtils.jdbcTemplate().update("delete from sys_permissions");
JdbcTemplateUtils.jdbcTemplate().update("delete from sys_users_roles");
JdbcTemplateUtils.jdbcTemplate().update("delete from sys_roles_permissions");
// 1、新增权限
p1 = new Permission("user:create", "用户模块新增", Boolean.TRUE);
p2 = new Permission("user:update", "用户模块修改", Boolean.TRUE);
p3 = new Permission("menu:create", "菜单模块新增", Boolean.TRUE);
permissionService.createPermission(p1);
permissionService.createPermission(p2);
permissionService.createPermission(p3);
// 2、新增角色
r1 = new Role("admin", "管理员", Boolean.TRUE);
r2 = new Role("user", "用户管理员", Boolean.TRUE);
roleService.createRole(r1);
roleService.createRole(r2);
// 3、关联角色-权限
roleService.correlationPermissions(r1.getId(), p1.getId());
roleService.correlationPermissions(r1.getId(), p2.getId());
roleService.correlationPermissions(r1.getId(), p3.getId());
roleService.correlationPermissions(r2.getId(), p1.getId());
roleService.correlationPermissions(r2.getId(), p2.getId());
// 4、新增用户
u1 = new User("zhang", password);
userService.createUser(u1);
// 5、关联用户-角色
userService.correlationRoles(u1.getId(), r1.getId());
// 1、获取SecurityManager工厂,此处使用Ini配置文件初始化SecurityManager
Factory<org.apache.shiro.mgt.SecurityManager> factory =
new IniSecurityManagerFactory("classpath:shiro.ini");
// 2、得到SecurityManager实例 并绑定给SecurityUtils
org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
}
@Test
public void testHelloWorld() {
// 1 获取SecurityManager工厂
Factory<org.apache.shiro.mgt.SecurityManager> securityManagerFactory =
new IniSecurityManagerFactory("classpath:shiro.ini");
// 2 得到SecurityManager实例
SecurityManager securityManager = securityManagerFactory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
// 3 得到subject及创建用户名/密码 Token
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123");
// 4 验证
try {
subject.login(token);
} catch (AuthenticationException e) {
e.printStackTrace();
}
Assert.assertEquals(true, subject.isAuthenticated());
// 5 退出
subject.logout();
}
@BeforeClass
public static void setUpClass() throws Exception {
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiroTest.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
}
@Activate
public void activate() {
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:userauth.ini");
SecurityUtils.setSecurityManager(factory.getInstance());
_log.info("activate");
}