java小王博客

记录菜B的一点一滴,欢迎各位好汉前来叨扰!


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>博主qq:1756691861

自定义 Realm (shiro)

2020-6-2 卑微小王

package com.qr.shiro;


import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
 * 自定义 Realm 实现 将认证/授权数据的来源为数据库的实现
 *
 * @author LiuQi
 */
public class CustomRealm extends AuthorizingRealm {

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        //在token中获取用户名
        String principal = (String) authenticationToken.getPrincipal();

        System.out.println(principal);
        //根据身份信息使用jdbc ,mybatis 查询相关数据库

        if("程梦梦".equals(principal))
        {
            //SimpleAuthenticationInfo代表数据库里面的数据内容(这只是个例子不是真的数据库内容)
            //参数一:返回数据库中正确的用户名    参数二: 返回数据库中正确的密码   参数三:提供当前realm的名字,this,getName();
            SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(principal,"MM",this.getName());
            return simpleAuthenticationInfo;
        }


        return null;
    }








package com.qr.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
/**
 * 认证测试
 *
 * @author LiuQi
 */
public class AuthenticatDemo
{

    public static void main(String[] args) {
        //创建DefaultSecurityManager安全管理器对象
        DefaultSecurityManager defaultSecurityManager=new DefaultSecurityManager();
        //给defaultSecurityManager安全管理器设置Realm
        defaultSecurityManager.setRealm(new CustomRealm());
        //将安全工具类设置安全管理器
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        //通过安全工具类获取subjec
        Subject subject = SecurityUtils.getSubject();
        //创建token
        UsernamePasswordToken token=new UsernamePasswordToken("程梦梦","MM");


        try {
            subject.login(token);
            System.out.println("认证状态:"+subject.isAuthenticated());
            System.out.println("认证成功:登录中!");
        }catch (UnknownAccountException e)
        {
            e.printStackTrace();
            System.out.println("认证失败:用户名不存在!");
        }catch (IncorrectCredentialsException e){
            e.printStackTrace();
            System.out.println("认证失败:密码错误!");
        }
    }


}




}
文章来自:https://www.cnblogs.com/LQ970811/p/12986127.html

发表评论: