自定义Realm
2018-12-12 本文已影响0人
jarWorker
自定义Realm主要实现
自定义Realm继承AuthorizingRealm重写doGetAuthorizationInfo方法做授权和doGetAuthenticationInfo方法做认证。
自定义Realm类CustomRealm
package com.jarworker.shiro;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* 自定义Realm
*/
public class CustomRealm extends AuthorizingRealm {
//模拟数据库的数据
Map<String,String> map=new HashMap();
{
map.put("jarWorker","123");
super.setName("customRealm");
}
/**
* 授权使用
* @param principals
* @return
*/
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userName=(String)principals.getPrimaryPrincipal();
Set<String> roles=getRolesByUserName(userName);
Set<String> permissions=getPermissionsByUserName(userName);
SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
simpleAuthorizationInfo.setRoles(roles);
simpleAuthorizationInfo.setStringPermissions(permissions);
return simpleAuthorizationInfo;
}
/**
* 认证使用
* @param token
* @return
* @throws AuthenticationException
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//从主体传过来的认证信息中获取用户名
String userName=(String) token.getPrincipal();//获取用户名
String passWord=getPassword(userName);
if(passWord==null){
return null;
}
SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo("",passWord,"customRealm");
return simpleAuthenticationInfo;
}
/**
* 模拟数据库信息获取用户密码
* @param userName
* @return
*/
private String getPassword(String userName) {
if(null==userName){
return null;
}
return map.get(userName);
}
/**
* 模拟数据库获取用户角色
* @param userName
* @return
*/
private Set<String> getRolesByUserName(String userName) {
Set<String> roles=new HashSet<String>();
roles.add("admin");
roles.add("tourist");
return roles;
}
/**
* 模拟数据库获取用户权限
* @param userName
* @return
*/
private Set<String> getPermissionsByUserName(String userName) {
Set<String> permissions=new HashSet<String>();
permissions.add("user:update");
permissions.add("user:query");
return permissions;
}
}
测试用例
package com.jarworker.test;
import com.jarworker.shiro.CustomRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class CustomRealmTest {
/**
* 自定义Realm认证测试
* @throws Exception
*/
@Test
public void CustomRealmAuthorizerTest() throws Exception {
//构建DefaultSecurityManager 环境
CustomRealm customRealm=new CustomRealm();
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(customRealm);
//主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("jarWorker","123");
subject.login(token);
System.out.println("是否认证:"+subject.isAuthenticated());
subject.logout();//登出
System.out.println("是否认证:"+subject.isAuthenticated());
}
/**
* 自定义Realm授权测试
* @throws Exception
*/
@Test
public void CustomRealmAuthenticatorTest() throws Exception {
//构建DefaultSecurityManager 环境
CustomRealm customRealm=new CustomRealm();
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(customRealm);
//主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("jarWorker","123");
subject.login(token);
System.out.println("是否认证:"+subject.isAuthenticated());
subject.checkRoles("admin","tourist");
subject.checkPermission("user:query");
subject.checkPermission("user:update");
}
}
