如何配置JdbcRealm数据源呢?
下文笔者讲述配置JdbcRealm数据源的方法分享,如下所示:
IniRealm是配置数据库数据源 通常情况下:在ini文件里面设置数据相关信息例:
创建user.ini
//shiro-jdbc.ini配置
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
dataSource=com.alibaba.druid.pool.DruidDataSource
dataSource.driverClassName=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/shiro
dataSource.username=root
dataSource.password=123456
jdbcRealm.dataSource=$dataSource
securityManager.realms=$jdbcRealm
mysql建表
//mysql语句
drop database if exists shiro;
create database shiro;
use shiro;
create table users (
id bigint auto_increment,
username varchar(100),
password varchar(100),
password_salt varchar(100),
constraint pk_users primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_users_username on users(username);
create table user_roles(
id bigint auto_increment,
username varchar(100),
role_name varchar(100),
constraint pk_user_roles primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_user_roles on user_roles(username, role_name);
create table roles_permissions(
id bigint auto_increment,
role_name varchar(100),
permission varchar(100),
constraint pk_roles_permissions primary key(id)
) charset=utf8 ENGINE=InnoDB;
create unique index idx_roles_permissions on roles_permissions(role_name, permission);
insert into users(username,password)values('zhang','123');
securityManager进行用户验证
//test.java
@Test
public void testShiroJdbcRealm(){
//1.得到securityManager并实例化
IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-jdbc.ini");
SecurityManager securityManager = factory.getInstance();
//2.绑定给SecurityUtils
SecurityUtils.setSecurityManager(securityManager);
//3.得到subject和进行用户身份验证的token
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhang","123");
try{
subject.login(token);
}catch (AuthenticationException e){
}
Boolean b = subject.isAuthenticated();
subject.logout();
}
上面用的是jdbcrealm默认的表和查询语言进行查询,如果需要自定义表,自定义查询语句,则可以参考下面代码。
JdbcRealm自定义
public class JdbcRealmTest {
private static DruidDataSource dataSource;
static {
dataSource = new DruidDataSource();
dataSource.setUrl("jdbc:mysql://127.0.0.1:3306/shiro");
dataSource.setUsername("root");
dataSource.setPassword("root");
}
@Test
public void testJdbcRealm(){
//1、初始化JdbcRealm
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setDataSource(dataSource);
/**
* 重点:JdbcRealm默认不开启权限检查,若要判断某角色是否有某样权限,需要开启此设置,否则会由于无法检查权限表,
* 导致查询到的权限为空。
*/
jdbcRealm.setPermissionsLookupEnabled(true);
//(1)自定义查询密码(若不自定义,JdbcRealm有默认查询语句)
String authenticationQuery = "select password from users where username = ?";
jdbcRealm.setAuthenticationQuery(authenticationQuery);
//(2)自定义查询角色(若不自定义,JdbcRealm有默认查询语句)
String userRolesQuery = "select role_name from user_roles where username = ?";
jdbcRealm.setUserRolesQuery(userRolesQuery);
//(3)自定义查询权限(若不自定义,JdbcRealm有默认查询语句)
String permissionsQuery = "select permission from roles_permissions where role_name = ?";
jdbcRealm.setPermissionsQuery(permissionsQuery);
//2、创建SecurityManager
DefaultSecurityManager securityManager = new DefaultSecurityManager();
//3、设置数据源
securityManager.setRealm(jdbcRealm);
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
AuthenticationToken token = new UsernamePasswordToken("root", "root");
subject.login(token);
System.out.println(subject.isAuthenticated());
subject.checkRole("admin");
subject.checkPermission("user:delete");
}
}
版权声明
本文仅代表作者观点,不代表本站立场。
本文系作者授权发表,未经许可,不得转载。
