Apache Shiro 許可權認證(1)
阿新 • • 發佈:2018-11-30
Shiro的許可權認證 : 程式設計式授權 :
基於角色的訪問控制
基於許可權的訪問控制
註解式授權
jsp標籤授權
①第一步封裝一個ShiroUtil
public class ShiroUtil {
/**
* 登入方法
* @param configFile textRealm的路徑
* @param username 使用者名稱
* @param password 密碼
* @return
*/
public static Subject login(String configFile,String username,String password){
Factory<SecurityManager> factory = new IniSecurityManagerFactory(configFile);
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try{
currentUser.login(token);
System.out.println("登入成功");
}catch(AuthenticationException e){
e.printStackTrace();
System.out.println("登入失敗");
}
return currentUser;
}
}
基於角色的訪問控制:
shiro_role.ini:
主要是幾個方法
currentUser.hasRole()
currentUser.hasRoles()
currentUser.hasAllRoles()
返回true/false
currentUser.checkRole()
currentUser.checkRoles()
沒有返回值 若沒有當前的許可權則報錯。
/**
* 測試currentUser.hasRole()
*/
@Test
public void testHasRole(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
System.out.println(currentUser.hasRole("role1")?"有role1的許可權":"沒有role1的許可權");
currentUser.logout();
}
/**
* currentUser.hasRoles() 傳入引數為一個List 返會一個boolean的陣列
*/
@Test
public void testHasRoles(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
boolean[] results = currentUser.hasRoles(Arrays.asList("role1","role2","role3"));
System.out.println(results[0]?"有role1的許可權":"沒有role1的許可權");
System.out.println(results[1]?"有role2的許可權":"沒有role2的許可權");
System.out.println(results[2]?"有role3的許可權":"沒有role3的許可權");
currentUser.logout();
}
/**
* currentUser.hasAllRoles() 傳入引數為一個List 都有則返回true
*/
@Test
public void testHasAllRoles(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
System.out.println(currentUser.hasAllRoles(Arrays.asList("role1","role2","role3"))?"有role1,role2,role3的許可權":"不全有role1,role2,role3的許可權");
currentUser.logout();
}
/**
* checkRole()沒有返回值 傳入一個引數 如有此許可權則繼續 沒有則報錯
*/
@Test
public void testCheckRole(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRole("role1");
currentUser.logout();
}
/**
* checkRoles()沒有返回值 傳入一個list 如有此許可權則繼續 沒有則報錯
*/
@Test
public void testCheckRoles1(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRoles(Arrays.asList("role1","role2","role3"));
currentUser.logout();
}
/**
* checkRoles() 傳入多個字串引數 沒有返回值 不都有則報錯
*/
@Test
public void testCheckRoles2(){
Subject currentUser = ShiroUtil.login("classpath:shiro_role.ini", "java", "123456");
currentUser.checkRoles("role1","role2","role3");
currentUser.logout();
}
基於許可權的訪問控制:
currentUser.isPermitted()
currentUser.isPermittedAll()
currentUser.checkPermission()
currentUser.checkPermissions()
shiro_permission.ini
/**
* 測試currentUser.isPermitted()
*/
@Test
public void testIsPermitted(){
//Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "jack", "123");
System.out.println(currentUser.isPermitted("user:select")? "有user:select的許可權":"沒有user:select的許可權");
currentUser.logout();
}
/**
* currentUser.isPermitted() 可以傳入多個字串來判斷
*/
@Test
public void testIsPermitted2(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
boolean[] results = currentUser.isPermitted("user:select","user:add","user:delete");
System.out.println(results[0]?"有user:select的許可權":"沒有user:select的許可權");
System.out.println(results[1]?"有user:add的許可權":"沒有user:add的許可權");
System.out.println(results[2]?"有user:delete的許可權":"沒有user:delete的許可權");
currentUser.logout();
}
/**
* currentUser.isPermittedAll() 傳入引數為一個List或多個字串 都有則返回true
*/
@Test
public void testIsPermittedAll(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
System.out.println(currentUser.isPermittedAll("user:select","user:asss")?"有user:select,user:asss的許可權":"不全有user:select,user:asss的許可權");
currentUser.logout();
}
/**
* checkPermission()沒有返回值 傳入一個字串獲多個字串 如有此許可權則繼續 沒有則報錯
*/
@Test
public void testCheckPermission(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "jack", "123");
currentUser.checkPermission("user:add");
currentUser.logout();
}
/**
* checkPermission()沒有返回值 傳入一個字串獲多個字串 如有此許可權則繼續 沒有則報錯
*/
@Test
public void testCheckPermission1(){
Subject currentUser = ShiroUtil.login("classpath:shiro_permission.ini", "java", "123456");
currentUser.checkPermissions("user:add","user:delete","user:update");
currentUser.logout();
}