美文网首页
3.Shrio JdbcRealm

3.Shrio JdbcRealm

作者: 勤劳的杯子 | 来源:发表于2018-10-15 07:47 被阅读0次

shrio自定义JdbcRealm


  • 在之前pom.xml基础上导入jdbc数据源
    <dependency>
      <groupId>mysql</groupId>
      <artifactId>mysql-connector-java</artifactId>
      <version>5.1.40</version>
    </dependency>
    <!--alibaba的druid连接池依赖-->
    <dependency>
      <groupId>com.alibaba</groupId>
      <artifactId>druid</artifactId>
      <version>1.0.23</version>
    </dependency>

  • sql建表语句
/*
Navicat MySQL Data Transfer

Source Server         : localhost
Source Server Version : 50561
Source Host           : localhost:3306
Source Database       : test

Target Server Type    : MYSQL
Target Server Version : 50561
File Encoding         : 65001

Date: 2018-10-14 14:58:18
*/

SET FOREIGN_KEY_CHECKS=0;

-- ----------------------------
-- Table structure for roles_permissions
-- ----------------------------
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `role_name` varchar(255) DEFAULT NULL,
  `permission` varchar(255) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;

-- ----------------------------
-- Records of roles_permissions
-- ----------------------------
INSERT INTO `roles_permissions` VALUES ('1', 'admin', 'user:select');
INSERT INTO `roles_permissions` VALUES ('2', 'admin', 'user:delete');
INSERT INTO `roles_permissions` VALUES ('3', 'user', 'user:select');

-- ----------------------------
-- Table structure for test_roles_permissions
-- ----------------------------
DROP TABLE IF EXISTS `test_roles_permissions`;
CREATE TABLE `test_roles_permissions` (
  `id` int(11) NOT NULL,
  `role_name` varchar(255) DEFAULT NULL,
  `permission` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

-- ----------------------------
-- Records of test_roles_permissions
-- ----------------------------

-- ----------------------------
-- Table structure for test_user
-- ----------------------------
DROP TABLE IF EXISTS `test_user`;
CREATE TABLE `test_user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user_name` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;

-- ----------------------------
-- Records of test_user
-- ----------------------------
INSERT INTO `test_user` VALUES ('1', 'xiaoming', '654321');

-- ----------------------------
-- Table structure for test_user_roles
-- ----------------------------
DROP TABLE IF EXISTS `test_user_roles`;
CREATE TABLE `test_user_roles` (
  `id` varchar(255) NOT NULL,
  `user_name` varchar(255) DEFAULT NULL,
  `user_role` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

-- ----------------------------
-- Records of test_user_roles
-- ----------------------------

-- ----------------------------
-- Table structure for users
-- ----------------------------
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) DEFAULT NULL,
  `password` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES ('1', 'Mark', '283538989cef48f3d7d8a1c1bdf2008f');
INSERT INTO `users` VALUES ('2', 'gouDan', '123456');

-- ----------------------------
-- Table structure for user_roles
-- ----------------------------
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) DEFAULT NULL,
  `role_name` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;

-- ----------------------------
-- Records of user_roles
-- ----------------------------
INSERT INTO `user_roles` VALUES ('1', 'Mark', 'admin');
INSERT INTO `user_roles` VALUES ('2', 'Mark', 'user');
INSERT INTO `user_roles` VALUES ('3', 'gouDan', 'admin');
INSERT INTO `user_roles` VALUES ('4', 'gouDan', 'user');

这是我建成之后的表


image.png

  • java代码
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class JdbcRealmTest {

    //创建数据源
    DruidDataSource druidDataSource = new DruidDataSource();

    {
        druidDataSource.setUrl("jdbc:mysql://localhost:3306/test");
        druidDataSource.setUsername("root");
        druidDataSource.setPassword("123456");
        //druidDataSource.setDriverClassName("com.mysql.jdbc.Driver");
    }
    @Test
    public void testAuthentiation(){
        JdbcRealm jdbcRealm = new JdbcRealm();
        jdbcRealm.setDataSource(druidDataSource);
        //设置权限的开关,默认为false
        //不设置的话会导致subject.checkPermissions查询不到权限
        jdbcRealm.setPermissionsLookupEnabled(true);
        //构建securtyManager
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        defaultSecurityManager.setRealm(jdbcRealm);
        //主体提交认证请求
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("gouDan","123456");
        //登入
        subject.login(token);
        System.out.println(subject.isAuthenticated());
        //subject.checkPermissions("user:select");
        //检查是否拥有此角色
        subject.checkRoles("admin");
        //检查角色权限
        subject.checkPermissions("user:delete");
    }
}

需要注意的是

  • jdbcRealm配有默认查询语句
image.png

可以不指定表或字段使用默认查询,但 表与字段名必须与默认查询语句相匹配




下面介绍是使用自定义表来控制权限


  • 数据库字段
    image.png

  • java代码
import com.alibaba.druid.pool.DruidDataSource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class JdbcRealmTest {

    //创建数据源
    DruidDataSource druidDataSource = new DruidDataSource();

    {
        druidDataSource.setUrl("jdbc:mysql://localhost:3306/test");
        druidDataSource.setUsername("root");
        druidDataSource.setPassword("123456");
        //druidDataSource.setDriverClassName("com.mysql.jdbc.Driver");
    }
    @Test
    public void testAuthentiation(){
        JdbcRealm jdbcRealm = new JdbcRealm();
        jdbcRealm.setDataSource(druidDataSource);
        //设置权限的开关,默认为false
        //不设置的话会导致subject.checkPermissions查询不到权限
        jdbcRealm.setPermissionsLookupEnabled(true);
        //查询用户
        String sql = "select password from test_user where user_name = ?";
        jdbcRealm.setAuthenticationQuery(sql);
        //查询角色
        String roleSql = "select user_role from test_user_roles where user_name = ?";
        jdbcRealm.setUserRolesQuery(roleSql);
        //查询权限
        String permissionSql = "select permission from test_roles_permissions where role_name = ?";
        jdbcRealm.setPermissionsQuery(permissionSql);
        //构建securtyManager
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        defaultSecurityManager.setRealm(jdbcRealm);
        //主体提交认证请求
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","654321");
        //登入
        subject.login(token);
        System.out.println(subject.isAuthenticated());
        //subject.checkPermissions("user:select");
        //检查是否拥有此角色
        subject.checkRoles("user");
        //检查角色权限
        subject.checkPermissions("select");
    }
}
  • 注意sql不要写错

相关文章

  • 3.Shrio JdbcRealm

    shrio自定义JdbcRealm 在之前pom.xml基础上导入jdbc数据源 sql建表语句 这是我建成之后的...

  • Shiro内置Realm之JdbcRealm

    Shiro内置Realm IniRealm JdbcRealm JdbcRealm JdbcRealm的方式访问数...

  • Reaml之JdbcRealm

    JdbcRealm是Shiro提供的另外一种Realm实现,当记录用户身份、角色、权限的信息存储在数据库中...

  • 4.Shrio自定义Realm

    自定义Realm pom.xml参见jdbcRealm java代码 1.自定义realm 2.创建测试类

  • 5.Shrio加密

    Shiro授权流程图 image.png pom文件参见JdbcRealm java代码 1.自定义Realm 2...

  • Shiro学习(三) Shiro JDBCRealm

    1、创建三张表 users/user_roles/roles_permissions 并插入数据 2、创建Jdbc...

  • 使用Shiro默认提供的JDBCRealm

    项目结构 创建数据库 首先创建一个Shiro数据库,然后建立三个表,分别是:users(用户表)、user_rol...

  • 3.jdbcRealm及Authentication Strat

    1.使用shiro框架来完成认证工作,默认情况下使用的是iniRealm,如果需要使用其他Realm,那么需要进行...

  • 4.自定义实现Realm

    自定义Realm来实现身份认证 1.jdbcRealm已经实现了从数据库获取用户的验证信息,但是灵活性太差必须按照...

网友评论

      本文标题:3.Shrio JdbcRealm

      本文链接:https://www.haomeiwen.com/subject/euwzaftx.html