用户认证在doGetAuthenticationInfo()方法中进行操作,授权在doGetAuthorizationInfo()方法中进行,如果想要自定义则必须实现AuthorizingRealm类,该类中继承了AuthenticatingRealm;AuthenticatingRealm类中的doGetAuthenticationInfo()方法实现了用户认证,AuthorizingRealm中的doGetAuthorizationInfo()实现了授权
模拟处密码为123的加密后的数据
public class TestShiroMD5 {
public static void main(String[] args) {
//使用md5
Md5Hash md5Hash=new Md5Hash("123");
System.out.println(md5Hash.toHex());
//使用md5 + salt
Md5Hash md5Hash1 = new Md5Hash("123", "x0*7ps");
System.out.println(md5Hash1.toHex());
//使用md5 + slat + 散列
Md5Hash md5Hash2 = new Md5Hash("123", "x0*7ps", 1024);
System.out.println(md5Hash2.toHex());//44c42bc682c33a4dae2af47eba4c8011
}
}
结果:
1.实现AuthorizingRealm类,重写其中的doGetAuthenticationInfo()和doGetAuthorizationInfo()方法,完成用户的认证和授权
public class CustomerMd5Realm extends AuthorizingRealm {
//授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("授权操作中");
String primaryPrincipal = (String) principalCollection.getPrimaryPrincipal();
System.out.println("身份信息:"+primaryPrincipal);
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
//添加用户角色(例如:管理员,普通用户等)
// simpleAuthorizationInfo.addRole("admin");
// simpleAuthorizationInfo.addRole("user");
// simpleAuthorizationInfo.addRole("supper");
// simpleAuthorizationInfo.addRole("common");
//一次添加多个用户角色
//用户认证
simpleAuthorizationInfo.addRoles(Arrays.asList("admin","user","supper","common","product"));
//将数据库中的权限信息赋值个权限对象(角色标识符:操作:资源类型)
simpleAuthorizationInfo.addStringPermission("user:*:*");
simpleAuthorizationInfo.addStringPermission("product:*:*");
return simpleAuthorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
System.out.println("身份认证中");
//获取身份信息
String principal = (String) authenticationToken.getPrincipal();
// //模拟根据用户名查询数据库
if ("tom".equals(principal)) {
//参数1,返回数据库中的正确的账户 //参数2 :(md5+salt+散列加密后)密码
//参数3:salt //参数4.提供当前realm的名字
return new SimpleAuthenticationInfo(principal,
"44c42bc682c33a4dae2af47eba4c8011",
ByteSource.Util.bytes("x0*7ps"),
this.getName());
}
return null;
}
}
模拟测试
/**
* @author:抱着鱼睡觉的喵喵
* @date:2020/12/28
* @description:
*/
public class TestCustomerMd5Realm {
public static void main(String[] args) {
//创建安全管理器
DefaultSecurityManager securityManager = new DefaultSecurityManager();
CustomerMd5Realm realm=new CustomerMd5Realm();
//设置realm使用hash凭证匹配器
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
//使用算法md5
credentialsMatcher.setHashAlgorithmName("md5");
//散列次数
credentialsMatcher.setHashIterations(1024);
realm.setCredentialsMatcher(credentialsMatcher);
//注入realm到安全管理器
securityManager.setRealm(realm);
//将安全管理器注入到安全工具类
SecurityUtils.setSecurityManager(securityManager);
//从安全工具类中获取Subject
Subject subject = SecurityUtils.getSubject();
//封装登录信息到令牌
UsernamePasswordToken token = new UsernamePasswordToken("tom", "123");
// ---------------------认证---------------------//
try {
subject.login(token);
System.out.println("登陆成功");
}catch (UnknownAccountException e){
e.printStackTrace();
System.out.println("用户名错误");
}catch (IncorrectCredentialsException e){
e.printStackTrace();
System.out.println("密码错误");
}
//认证用户进行授权
if (subject.isAuthenticated()){
//1.基于角色权限控制
System.out.println(subject.hasRole("admin"));
//2.基于多角色的权限控制
System.out.println(subject.hasAllRoles(Arrays.asList("common", "supper", "user")));
//是否具有其中一个
boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "super", "user"));
for (boolean roles:booleans){
System.out.println(roles);
}
System.out.println("=======================");
System.out.println(subject.hasRole("supper"));
System.out.println("======================");
//基于权限字符串的访问控制,资源标识符:操作:资源类型
System.out.println("权限:"+subject.isPermitted("user:*:01"));
System.out.println("权限:"+subject.isPermitted("user:create:023"));
System.out.println("权限:"+subject.isPermitted("product:update:45"));
}
}
}
