shiro 指定Realm

[main]

realm1=test.shiro.realm.MyRealm1

securityManager.realms=$realm1

自定义realm类

package test.shiro.realm;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.AuthorizingRealm;

import org.apache.shiro.realm.Realm;

import org.apache.shiro.subject.PrincipalCollection;

public class MyRealm1extends AuthorizingRealm {

@Override

    public String getName() {

return "realm22";

}

@Override

    public boolean supports(AuthenticationToken authenticationToken) {

// login判断

        System.out.println("1");

return true;

}

@Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)throws AuthenticationException {

// 获取用户信息

        System.out.println("2");

SimpleAuthenticationInfo simpleAuthenticationInfo =new SimpleAuthenticationInfo(

"zhang1",//身份 字符串类型

                "123",//凭据

                getName()//Realm Name

        );

return simpleAuthenticationInfo;

}

@Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

// 获取权限信息

        SimpleAuthorizationInfo simpleAuthorizationInfo =new SimpleAuthorizationInfo();

simpleAuthorizationInfo.addRole("create");

simpleAuthorizationInfo.addStringPermission("test:add:crea");

return simpleAuthorizationInfo;

}

}

测试:

@Test

public void test3() {

//1、获取SecurityManager工厂，此处使用Ini配置文件初始化SecurityManager

    Factory factory =new IniSecurityManagerFactory("classpath:shiro.ini");

//2、得到SecurityManager实例 并绑定给SecurityUtils

    org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();

SecurityUtils.setSecurityManager(securityManager);

//3、得到Subject及创建用户名/密码身份验证Token（即用户身份/凭证）

    Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token =new UsernamePasswordToken("zhang1","123");

try {

//4、登录，即身份验证

        System.out.println(3);

subject.login(token);

}catch (AuthenticationException e) {

//5、身份验证失败

        e.printStackTrace();

}

if (subject.isAuthenticated()) {

Serializable id = test2();

Session session =securityManager.getSession(new SessionKey() {

@Override

            public Serializable getSessionId() {

return id;

}

});

System.out.println(session.getId());

System.out.println(session.getHost());

System.out.println(session.getTimeout());

System.out.println(session.getStartTimestamp());

System.out.println("已经登陆了");

}else {

System.out.println("未登陆");

}

System.out.println(4);

if (subject.hasRole("create")) {

System.out.println("有create角色");

}else {

System.out.println("无create角色");

}

if (subject.isPermitted("test:add:crea")) {

System.out.println("有test:add:crea");

}else {

System.out.println("无test:add:crea");

}

}