今天初学shiro,便于打消对shiro这种没接触过的工具的恐惧,所以先写一个十分简单的登录认证的demo,shiro具体是干什么的百度一下就知道了,所以直接上代码
十分简单的目录结构
十分简单的目录结构
十分简单的maven依赖
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>demo.cyj.maven</groupId>
<artifactId>MavenDemo1</artifactId>
<version>0.0.1-SNAPSHOT</version>
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-all -->
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-all</artifactId>
<version>1.2.4</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.slf4j/slf4j-api -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.6.4</version>
</dependency>
</dependencies>
</project>
然后就是一个十分简单的ini配置文件
[users]
chen=123
my10ve=123
解释一蛤,[users]代表了下面的配置是用户登录信息,很明显是键值对的形式,我配置了两个用户,等号左边是用户名,右边是密码
最后就是非常简单的测试类
package com.zlt.shiro;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
public class HelloWorld {
public static void main(String[] args) {
// 读取配置文件,初始化SecurityManager工厂
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
// 获取securityManager实例
SecurityManager securityManager = factory.getInstance();
// 把securityManager绑定到securityUtils上
SecurityUtils.setSecurityManager(securityManager);
// 得到当前登录的用户
Subject currentUser = SecurityUtils.getSubject();
// 创建token令牌,用户名/密码
UsernamePasswordToken token = new UsernamePasswordToken("chen", "123");
// 对当前创建的用户进行令牌认证(实际就是在数据库中进行登录认证)
try {
currentUser.login(token);
System.out.println("身份认证成功!");
} catch (AuthenticationException e) {
e.printStackTrace();
System.out.println("身份认证失败");
}
currentUser.logout();
}
}
具体每步的用处可以看注释,敲代码的时候感觉这和当时初学spring,mybatis时很类似
最后就是,跑一下
控制台打印:
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
身份认证成功!
将创建的令牌内容改为
// 创建token令牌,用户名/密码
UsernamePasswordToken token = new UsernamePasswordToken("chen", "123456");
跑一下:
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - chen, rememberMe=false] did not match the expected credentials.
at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at com.zlt.shiro.HelloWorld.main(HelloWorld.java:25)
身份认证失败
网友评论