Shiro授权流程图
- pom文件在Shrio认证基础上
- java代码
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;
public class AuthentiationTest {
SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm();
@Before
public void addUser(){
//模拟用户
simpleAccountRealm.addAccount("gouDan","123456","admin","superadmin");
}
@Test
public void testAuthentiation(){
//构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
//添加认证凭证
defaultSecurityManager.setRealm(simpleAccountRealm);
//主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("gouDan","123456");
//登入
subject.login(token);
System.out.println(subject.isAuthenticated());
//权限必须全部匹配
subject.checkRoles("admi","superadmin");
}
}
需要注意
- 权限可以配置多个
- 权限不对会抛出
UnauthorizedException