shiro的简单使用（使用ini配置）

1.pom.xml文件

  4.0.0  com.superbf37  shiroTest  war  0.0.1-SNAPSHOT  shiroTest Maven Webapp  http://maven.apache.org          junit    junit    4.12    test        org.apache.shiro    shiro-core    1.4.0    commons-logging    commons-logging    1.2          org.springframework          spring-jdbc          3.0.5.RELEASE               mysql    mysql-connector-java    5.1.38            shiroTest  

2.shiro-jdbc-realm.ini文件

[main]dataSource=org.springframework.jdbc.datasource.DriverManagerDataSourcedataSource.driverClassName=com.mysql.jdbc.DriverdataSource.url=jdbc:mysql://localhost:3306/shirotest?useSSL=truedataSource.username=rootdataSource.password=911006jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealmjdbcRealm.permissionsLookupEnabled = true  jdbcRealm.dataSource=$dataSource#用户认证（登录）查询语句，以用户名为查询条件jdbcRealm.authenticationQuery = SELECT password FROM sec_user WHERE user_name = ? #用户角色查询语句，以用户名为查询条件，判断用户是否拥有某个角色jdbcRealm.userRolesQuery=SELECT role_name from sec_user_role left join sec_role using(role_id) left join sec_user using(user_id) WHERE user_name = ?#资源许可查询语句，以角色名称为查询条件，判断角色是否拥有某个资源的许可jdbcRealm.permissionsQuery= SELECT permission_name FROM sec_role_permission left join sec_role using(role_id) left join sec_permission using(permission_id) WHERE role_name = ?securityManager.realms=$jdbcRealm

3.测试类代码

package com.superBF37.shirotest;import static org.junit.Assert.assertEquals;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.DisabledAccountException;import org.apache.shiro.authc.ExcessiveAttemptsException;import org.apache.shiro.authc.ExpiredCredentialsException;import org.apache.shiro.authc.IncorrectCredentialsException;import org.apache.shiro.authc.LockedAccountException;import org.apache.shiro.authc.UnknownAccountException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.authz.UnauthorizedException;import org.apache.shiro.config.IniSecurityManagerFactory;import org.apache.shiro.mgt.SecurityManager;import org.apache.shiro.subject.Subject;import org.apache.shiro.util.Factory;import org.junit.After;import org.junit.Before;import org.junit.Test;@SuppressWarnings("deprecation")public class JdbcRealmTest {@Beforepublic void setUp() throws Exception{}@Afterpublic void tearDown() throws Exception{}@Testpublic void test(){//1.获取securityManager工厂，此处使用ini配置文件初始化securityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-jdbc-realm.ini");//2.获取securityManager实例，并绑定到SecurityUtilsSecurityManager sm = factory.getInstance();SecurityUtils.setSecurityManager(sm);//3.得到subjectSubject subject = SecurityUtils.getSubject();//4.创建用户登录凭证UsernamePasswordToken token = new UsernamePasswordToken("Jim", "123456");//5.登录try{subject.login(token);//6.判断登录是否成功assertEquals(true,subject.isAuthenticated());System.out.println("登陆成功");// 判断用户是否拥有某个角色 //assertEquals(true,subject.hasRole("admin"));// 使用shiro自带的断言判断用户是否有被授权subject.checkRole("user");subject.checkPermission("create_user1");System.out.println("有权限");//7.注销用户subject.logout();}catch (IncorrectCredentialsException e) {System.out.println("登录密码错误.password for account"+token.getPrincipal()+"was incorrect.");} catch (ExcessiveAttemptsException e) {              System.out.println("登录失败次数过多");          } catch (LockedAccountException e) {              System.out.println("帐号已被锁定. The account for username " + token.getPrincipal() + " was locked.");          } catch (DisabledAccountException e) {              System.out.println("帐号已被禁用. The account for username " + token.getPrincipal() + " was disabled.");          } catch (ExpiredCredentialsException e) {              System.out.println("帐号已过期. the account for username " + token.getPrincipal() + "  was expired.");          } catch (UnknownAccountException e) {              System.out.println("帐号不存在. There is no user with username of " + token.getPrincipal());          } catch (UnauthorizedException e) {              System.out.println("您没有得到相应的授权！" + e.getMessage());          }  }}

4.数据库建表

-- MySQL dump 10.13  Distrib 5.7.12, for Win64 (x86_64)---- Host: localhost    Database: shirotest-- -------------------------------------------------------- Server version5.7.17-log/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;/*!40101 SET NAMES utf8 */;/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;/*!40103 SET TIME_ZONE='+00:00' */;/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;---- Table structure for table `sec_permission`--DROP TABLE IF EXISTS `sec_permission`;/*!40101 SET @saved_cs_client     = @@character_set_client */;/*!40101 SET character_set_client = utf8 */;CREATE TABLE `sec_permission` (  `permission_id` int(10) unsigned NOT NULL AUTO_INCREMENT,  `permission_name` varchar(64) COLLATE utf8_bin DEFAULT NULL,  `created_time` datetime DEFAULT NULL,  `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,  PRIMARY KEY (`permission_id`)) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;/*!40101 SET character_set_client = @saved_cs_client */;---- Table structure for table `sec_role`--DROP TABLE IF EXISTS `sec_role`;/*!40101 SET @saved_cs_client     = @@character_set_client */;/*!40101 SET character_set_client = utf8 */;CREATE TABLE `sec_role` (  `role_id` int(10) unsigned NOT NULL AUTO_INCREMENT,  `role_name` varchar(64) COLLATE utf8_bin DEFAULT NULL,  `created_time` datetime DEFAULT NULL,  `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,  PRIMARY KEY (`role_id`)) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;/*!40101 SET character_set_client = @saved_cs_client */;---- Table structure for table `sec_role_permission`--DROP TABLE IF EXISTS `sec_role_permission`;/*!40101 SET @saved_cs_client     = @@character_set_client */;/*!40101 SET character_set_client = utf8 */;CREATE TABLE `sec_role_permission` (  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,  `permission_id` int(10) unsigned NOT NULL,  `role_id` int(10) unsigned DEFAULT NULL,  PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;/*!40101 SET character_set_client = @saved_cs_client */;---- Table structure for table `sec_user`--DROP TABLE IF EXISTS `sec_user`;/*!40101 SET @saved_cs_client     = @@character_set_client */;/*!40101 SET character_set_client = utf8 */;CREATE TABLE `sec_user` (  `user_id` int(10) unsigned NOT NULL AUTO_INCREMENT,  `user_name` varchar(64) COLLATE utf8_bin DEFAULT NULL,  `password` varchar(128) COLLATE utf8_bin DEFAULT NULL,  `created_time` datetime DEFAULT NULL,  `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,  PRIMARY KEY (`user_id`)) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;/*!40101 SET character_set_client = @saved_cs_client */;---- Table structure for table `sec_user_role`--DROP TABLE IF EXISTS `sec_user_role`;/*!40101 SET @saved_cs_client     = @@character_set_client */;/*!40101 SET character_set_client = utf8 */;CREATE TABLE `sec_user_role` (  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,  `user_id` int(10) unsigned DEFAULT NULL,  `role_id` int(10) unsigned DEFAULT NULL,  PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;/*!40101 SET character_set_client = @saved_cs_client */;/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;-- Dump completed on 2017-09-27 17:16:15