Shiro學習筆記(三)--- JdbcRealm
阿新 • • 發佈:2018-11-19
一、簡介
JDBCRealm是對接資料庫資料作使用者,角色,許可權查詢的Realm
若使用者不提供查詢語句,則預設從users、user_roles、roles_permissions這三張表中查詢。
下面是它的部分原始碼
public class JdbcRealm extends AuthorizingRealm { protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password from users where username = ?"; protected static final String DEFAULT_SALTED_AUTHENTICATION_QUERY = "select password, password_salt from users where username = ?"; protected static final String DEFAULT_USER_ROLES_QUERY = "select role_name from user_roles where username = ?"; protected static final String DEFAULT_PERMISSIONS_QUERY = "select permission from roles_permissions where role_name = ?"; private static final Logger log = LoggerFactory.getLogger(JdbcRealm.class); protected DataSource dataSource; protected String authenticationQuery = "select password from users where username = ?"; protected String userRolesQuery = "select role_name from user_roles where username = ?"; protected String permissionsQuery = "select permission from roles_permissions where role_name = ?";
二、maven依賴,pom.xml
<dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.24</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid-spring-boot-starter</artifactId> <version>1.1.6</version> </dependency>
三、資料庫建立表,新增資料
create table user_roles
(
id bigint auto_increment
primary key,
username varchar(100) null,
role_name varchar(100) null,
constraint idx_user_roles
unique (username, role_name)
)
engine = InnoDB
charset = utf8;
create table users ( id bigint auto_increment primary key, username varchar(100) null, password varchar(100) null, password_salt varchar(100) null, constraint idx_users_username unique (username) ) engine = InnoDB charset = utf8;
create table roles_permissions
(
id bigint auto_increment
primary key,
role_name varchar(100) null,
permission varchar(100) null,
constraint idx_roles_permissions
unique (role_name, permission)
)
engine = InnoDB
charset = utf8;
建立表之後,自行新增一些測試資料
四、JdbcRealm測試類
/**
* @program: shiro
* @description: JdbcRealm
* @author: Irving Wei
* @create: 2018-11-06 15:20
**/
public class JdbcRealmTests {
DruidDataSource druidDataSource = new DruidDataSource();
{
druidDataSource.setUrl("jdbc:mysql://localhost:3306/shiro");
druidDataSource.setUsername("root");
}
@Test
public void contextLoads() {
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(druidDataSource);
// 開啟許可權認證,預設是false,即認證許可權的時候必定拋異常
jdbcRealm.setPermissionsLookupEnabled(true);
// 這裡是自定義查詢語句
// String sql = "select password from test_user where username = ?";
// 使用自定義語句進行查詢
// jdbcRealm.setAuthenticationQuery(sql);
// 構建DefaultSecurityManager
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
// 設定Realm
defaultSecurityManager.setRealm(jdbcRealm);
// 設定構建DefaultSecurityManager
SecurityUtils.setSecurityManager(defaultSecurityManager);
// 建立驗證物件
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("admin", "123456");
// 建立subject物件並提交登陸token請求
Subject subject = SecurityUtils.getSubject();
subject.login(usernamePasswordToken);
System.out.println("驗證是否有許可權:" + subject.isAuthenticated());
// 驗證使用者是否有user角色,若沒有改許可權會丟擲 UnauthorizedException 異常
// 同時checkRoles 可以傳多個引數,同時驗證多個角色
subject.checkRoles("user");
subject.checkPermissions("delete");
}
}