shiro安全认证框架

1.shiro认证：创建SecurityManager-主体提交认证请求-SecurityManager认证-Authenticator认证-realm验证。

package com.dome.com.shiro;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
//自定义realm
public class ShiroRelam extends AuthorizingRealm{
	//存放user的map集合
	Map userMap=new HashMap();
	{
		userMap.put("make", "f19b50d5e3433e65e6879d0e66632664");
	}
	//权限
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
		//从主体中传过来的认证信息中获取用户名
		String userName=(String) arg0.getPrimaryPrincipal();
		//通过数据库获取角色和权限信息
		Set role=getRoleByUserName(userName);
		Set permissions=getPermissionsByUserName(userName);
		SimpleAuthorizationInfo inFo=new SimpleAuthorizationInfo();
		inFo.setRoles(role);
		inFo.setStringPermissions(permissions);
		return inFo;
	}
	//获取权限信息
	private Set getPermissionsByUserName(String userName) {
		Set set=new HashSet();
		set.add("user:delete");
		set.add("user:add");
		set.add("admin:find");
		set.add("admin:update");
		return set;
	}
	//获取角色信息
	private Set getRoleByUserName(String userName) {
		Set set=new HashSet();
		set.add("admin");
		set.add("user");
		return set;
	}
	//认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
		// 从主体中传过来的认证信息中，获取用户名
		String userName=(String) arg0.getPrincipal();
		//通过用户名到数据库中获取凭证
		String password=getPassword(userName);
		if(password==null) {
			return null;
		}
		SimpleAuthenticationInfo inFo=new SimpleAuthenticationInfo("make",
				password,"123456");
		
		//加盐
		inFo.setCredentialsSalt(ByteSource.Util.bytes("tom"));
		return inFo;
	}
	//假设是通过数据库来取值通过userName
	private String getPassword(String userName) {
		return userMap.get(userName);
	}
	public static void main(String[] args) {
		Md5Hash md5=new Md5Hash("123456","tom");//加盐一般用随机数这里我们写死tom
		System.out.println(md5.toString());
	}
}

执行

package com.dome.com.testShiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

import com.dome.com.shiro.ShiroRelam;

public class TestShiroRelam {
	@Test
	public void TestAuthentication() {
		//创建自定义的relam对象
		ShiroRelam shiroRelam=new ShiroRelam();
		//构建securitymanager的环境
		DefaultSecurityManager defaultSercurityManager=new DefaultSecurityManager();
		//把自定义的relam设置到securityManage环境中；
		defaultSercurityManager.setRealm(shiroRelam);
		
		//加密
		HashedCredentialsMatcher matcher=new HashedCredentialsMatcher();
		//设置加密名称。
		matcher.setHashAlgorithmName("md5");
		//设置加密次数
		matcher.setHashIterations(1);
		//自定义relam设置CredentialsMatcher
		shiroRelam.setCredentialsMatcher(matcher);
		
		
		//主提交认证请求
		SecurityUtils.setSecurityManager(defaultSercurityManager);
		Subject subject=SecurityUtils.getSubject();
		UsernamePasswordToken token=new UsernamePasswordToken("make","123456");
		subject.login(token);
		System.out.println("是否认证："+subject.isAuthenticated());
		//加密加盐不用授权
		/*subject.checkRole("admin");
		subject.checkRole("user");
		subject.checkPermissions("user:delete","user:add");
		subject.checkPermissions("admin:find","admin:update");*/
	}
}

shiro整合spring

pom文件

  4.0.0

  com.dome
  shiro_web
  0.0.1-SNAPSHOT
  jar

  shiro_web
  http://maven.apache.org

  
    UTF-8
  

  
  	
  	
  		org.springframework
  		spring-context
  		4.2.4.RELEASE
  	
  	
  	
  		org.springframework
  		spring-webmvc
  		4.2.4.RELEASE
  	
  	
  	
  		org.apache.shiro
  		shiro-core
  		1.4.0
  	
  	
  	
  		org.apache.shiro
  		shiro-spring
  		1.4.0
  	
  	
  	
  		org.apache.shiro
  		shiro-web
  		1.4.0
  	
  	
  	  
   		com.oracle  
   		ojdbc6  
   		11.2.0.1.0  
	 
  	
  		org.springframework
  		spring-jdbc
  		4.2.4.RELEASE
  	
    
  

web.xml

      
    
        shiroFilter
        org.springframework.web.filter.DelegatingFilterProxy
    
    
    
        shiroFilter
        /*
    
	
    
        contextConfigLocation
        classpath:spring.xml
    
    
        org.springframework.web.context.ContextLoaderListener
    
	
    
        DispatcherServlet
        org.springframework.web.servlet.DispatcherServlet
        
            contextConfigLocation
            classpath:springMVC.xml
        
        1
        true
    

    
        DispatcherServlet
        /
    

    
    
        CharacterEncodingFilter
        org.springframework.web.filter.CharacterEncodingFilter
        
            encoding
            UTF-8
        
    
     
        CharacterEncodingFilter
        /*
    

spring.xml

    
        
        
        
        
            
                /login.html = anon
                /subLogin = anon
                /* = authc
            
        
    
    
    
        
        
    

    
    
        
    

    
    
        
        
    

springMVC.xml