Shiro之学习笔记(四)
程序员文章站
2022-07-12 15:50:53
...
JavaSE环境下编写Shiro用户的角色与权限认证
1、代码示例:
package com.shiro.exercies;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class LoginAuthen {
private static final Logger logger = LoggerFactory.getLogger(LoginAuthen.class);
public static void main(String[] args) {
logger.info("我正在用log4j...");
//获取安全管理器
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance(); //获取工厂实例
//设置安全管理器
SecurityUtils.setSecurityManager(securityManager);
//获取当前用户
Subject currentUser = SecurityUtils.getSubject();
//获取当前用户session
Session session = currentUser.getSession();
session.setAttribute("name", "mingo");
String name = (String) session.getAttribute("name");
if(name!=null) {
logger.info("shiro获取到的当前用户姓名为:"+name);
}
//用户登录认证
if(currentUser.isAuthenticated() == false) {
//将用户信息(username,password)封装到token中
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
try {
//当前用户登录认证
currentUser.login(token);
logger.info("用户名和密码正确!");
} catch (UnknownAccountException e) {
logger.info("账户不正确!!!");
} catch(IncorrectCredentialsException e) {
logger.info("密码不正确!!!");
} catch(LockedAccountException e) {
logger.info("用户已被锁死!");
} catch(AuthenticationException e) {
logger.info("用户认证异常!");
}
}
//判断当前用户是否拥有指定的角色
if(currentUser.hasRole("goodguy")) {
logger.info("当前用户拥有指定的角色");
}else {
logger.info("当前用户不拥有指定的角色");
}
//判断当前用户是否拥有指定的权限
if(currentUser.isPermitted("winnebago:drive:eagle5")) {
logger.info("当前用户拥有指定的权限");
}else {
logger.info("当前用户不拥有指定的权限");
}
//当前用户退出
currentUser.logout();
System.exit(0);
}
}
2、运行效果:
2018-09-27 14:19:00,113 INFO [com.shiro.exercies.LoginAuthen] - 我正在用log4j...
2018-09-27 14:19:00,137 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini]
2018-09-27 14:19:00,179 DEBUG [org.apache.shiro.config.Ini] - Parsing [users]
2018-09-27 14:19:00,183 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: root = secret, admin
2018-09-27 14:19:00,183 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: guest = guest, guest
2018-09-27 14:19:00,184 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: presidentskroob = 12345, president
2018-09-27 14:19:00,184 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: darkhelmet = ludicrousspeed, darklord, schwartz
2018-09-27 14:19:00,184 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: lonestarr = vespa, goodguy, schwartz
2018-09-27 14:19:00,185 DEBUG [org.apache.shiro.config.Ini] - Parsing [roles]
2018-09-27 14:19:00,186 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: admin = *
2018-09-27 14:19:00,186 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: schwartz = lightsaber:*
2018-09-27 14:19:00,187 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: goodguy = winnebago:drive:eagle5
2018-09-27 14:19:00,189 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users,roles]
2018-09-27 14:19:00,189 TRACE [org.apache.shiro.config.Ini] - Specified name was null or empty. Defaulting to the default section (name = "")
2018-09-27 14:19:00,355 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [roles] section. Processing...
2018-09-27 14:19:00,359 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section. Processing...
2018-09-27 14:19:00,377 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance. Returning.
2018-09-27 14:19:00,377 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
2018-09-27 14:19:00,377 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No remembered identity found. Returning original context.
2018-09-27 14:19:00,384 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-09-27 14:19:00,385 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-09-27 14:19:00,385 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-09-27 14:19:00,385 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-09-27 14:19:00,386 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-09-27 14:19:00,386 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = true; session is null = true; session has id = false
2018-09-27 14:19:00,387 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - Starting session for host null
2018-09-27 14:19:00,398 DEBUG [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - No sessionValidationScheduler set. Attempting to create default instance.
2018-09-27 14:19:00,402 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Created default SessionValidationScheduler instance of type [org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler].
2018-09-27 14:19:00,402 INFO [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Enabling session validation scheduler...
2018-09-27 14:19:00,420 TRACE [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating session for host null
2018-09-27 14:19:00,420 DEBUG [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
2018-09-27 14:19:01,330 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,330 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,330 INFO [com.shiro.exercies.LoginAuthen] - shiro获取到的当前用户姓名为:mingo
2018-09-27 14:19:01,331 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,331 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,332 TRACE [org.apache.shiro.authc.AbstractAuthenticator] - Authentication attempt received for token [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=false]
2018-09-27 14:19:01,333 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [lonestarr] from doGetAuthenticationInfo
2018-09-27 14:19:01,333 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [lonestarr]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=false].
2018-09-27 14:19:01,333 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
2018-09-27 14:19:01,333 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
2018-09-27 14:19:01,339 DEBUG [org.apache.shiro.authc.AbstractAuthenticator] - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=false]. Returned account [lonestarr]
2018-09-27 14:19:01,340 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
2018-09-27 14:19:01,340 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance. Returning.
2018-09-27 14:19:01,340 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,340 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a session. Returning.
2018-09-27 14:19:01,341 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
2018-09-27 14:19:01,341 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,341 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,341 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,341 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,341 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,342 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,343 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,343 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - This org.apache.shiro.mgt.DefaultSecurityManager instance does not have a [org.apache.shiro.mgt.RememberMeManager] instance configured. RememberMe services will not be performed for account [lonestarr].
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,344 INFO [com.shiro.exercies.LoginAuthen] - 用户名和密码正确!
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,344 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,345 TRACE [org.apache.shiro.realm.AuthorizingRealm] - Retrieving AuthorizationInfo for principals [lonestarr]
2018-09-27 14:19:01,346 INFO [com.shiro.exercies.LoginAuthen] - 当前用户拥有指定的角色
2018-09-27 14:19:01,346 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,347 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,347 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,347 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,348 TRACE [org.apache.shiro.realm.AuthorizingRealm] - Retrieving AuthorizationInfo for principals [lonestarr]
2018-09-27 14:19:01,350 INFO [com.shiro.exercies.LoginAuthen] - 当前用户拥有指定的权限
2018-09-27 14:19:01,350 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,350 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,350 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,351 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Logging out subject with primary principal lonestarr
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.realm.CachingRealm] - Cleared cache entries for account with principals [lonestarr]
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-09-27 14:19:01,351 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-09-27 14:19:01,352 DEBUG [org.apache.shiro.session.mgt.AbstractSessionManager] - Stopping session with id [a3e356bf-d35f-4d08-b3a0-bead67e458df]