开始我的shiro之旅-demo
首先上官网 :http://shiro.apache.org
下载相应的开源项目源码,目录解压如下:
示例都在samples目录里面,开始搭建简单的测试demo,源项目基本都采用maven搭建环境,我这里用常用的导入jar包方式
shiro-core.jar
需要依赖jar:slf4j-api 、slf4j-log4j、commons
用户认证信息采用简单读取ini方式,而不是读取数据库数据,只是为了简便测试。
shiro.ini:
[users]
root = secret, admin
guest = guest, guest
presidentskroob = 12345, president
darkhelmet = ludicrousspeed, darklord, schwartz
lonestarr = vespa, goodguy, schwartz
[roles]
admin = *
schwartz = lightsaber:*
goodguy = winnebago:drive:eagle5
[users]
root = secret, admin 相当于:用户 = 密码,角色,就是用户root的密码为secret且拥有admin 的角色
[roles]
admin = * 相当于:admin角色拥有全部操作权限
Quickstart.java:
package com.axb.cheney.shiro.quickstart;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class Quickstart {
private static final transient Logger log = LoggerFactory.getLogger(Quickstart.class);
public static void main(String[] args) {
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
Session session = currentUser.getSession();
session.setAttribute("someKey", "aValue");
String value = (String) session.getAttribute("someKey");
if (value.equals("aValue")) {
log.info("Retrieved the correct value! [" + value + "]");
}
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
token.setRememberMe(true);
try {
currentUser.login(token);
} catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
log.info("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
log.info("The account for username " + token.getPrincipal() + " is locked. " +
"Please contact your administrator to unlock it.");
}
catch (AuthenticationException ae) {
ae.getMessage();
}
}
log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
//test a role:
if (currentUser.hasRole("schwartz")) {
log.info("May the Schwartz be with you!");
} else {
log.info("Hello, mere mortal.");
}
//test a typed permission (not instance-level)
if (currentUser.isPermitted("lightsaber:weild")) {
log.info("You may use a lightsaber ring. Use it wisely.");
} else {
log.info("Sorry, lightsaber rings are for schwartz masters only.");
}
//a (very powerful) Instance Level permission:
if (currentUser.isPermitted("winnebago:drive:eagle5")) {
log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " +
"Here are the keys - have fun!");
} else {
log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
}
currentUser.logout();
System.exit(0);
}
}
源码都有很详细的注释供参考,谢谢作者分享。
log4j.properties:
log4j.rootLogger=INFO, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n
# General Apache libraries
log4j.logger.org.apache=WARN
# Spring
log4j.logger.org.springframework=WARN
# Default Shiro logging
log4j.logger.org.apache.shiro=TRACE
# Disable verbose logging
log4j.logger.org.apache.shiro.util.ThreadContext=WARN
log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN
最后打印日志如下,根据日志还是能分析出一些东西的,你觉得呢,good luck!!!
2018-10-10 22:33:23,439 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini]
2018-10-10 22:33:23,486 DEBUG [org.apache.shiro.config.Ini] - Parsing [users]
2018-10-10 22:33:23,488 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: root=secret, admin
2018-10-10 22:33:23,488 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: guest=guest, guest
2018-10-10 22:33:23,488 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: presidentskroob=12345, president
2018-10-10 22:33:23,489 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: darkhelmet=ludicrousspeed, darklord, schwartz
2018-10-10 22:33:23,489 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: lonestarr=vespa, goodguy, schwartz
2018-10-10 22:33:23,489 DEBUG [org.apache.shiro.config.Ini] - Parsing [roles]
2018-10-10 22:33:23,489 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: admin=*
2018-10-10 22:33:23,489 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: schwartz=lightsaber:*
2018-10-10 22:33:23,489 TRACE [org.apache.shiro.config.Ini] - Discovered key/value pair: goodguy=winnebago:drive:eagle5
2018-10-10 22:33:23,490 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users,roles]
2018-10-10 22:33:23,490 TRACE [org.apache.shiro.config.Ini] - Specified name was null or empty. Defaulting to the default section (name = "")
2018-10-10 22:33:23,524 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [roles] section. Processing...
2018-10-10 22:33:23,526 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section. Processing...
2018-10-10 22:33:23,538 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance. Returning.
2018-10-10 22:33:23,538 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
2018-10-10 22:33:23,538 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - No remembered identity found. Returning original context.
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = true; session is null = true; session has id = false
2018-10-10 22:33:23,540 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - Starting session for host null
2018-10-10 22:33:23,541 DEBUG [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - No sessionValidationScheduler set. Attempting to create default instance.
2018-10-10 22:33:23,542 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Created default SessionValidationScheduler instance of type [org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler].
2018-10-10 22:33:23,542 INFO [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Enabling session validation scheduler...
2018-10-10 22:33:23,551 TRACE [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating session for host null
2018-10-10 22:33:23,551 DEBUG [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
2018-10-10 22:33:23,597 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,597 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,597 INFO [com.axb.cheney.shiro.quickstart.Quickstart] - Retrieved the correct value! [aValue]
2018-10-10 22:33:23,597 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,597 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,597 TRACE [org.apache.shiro.authc.AbstractAuthenticator] - Authentication attempt received for token [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=true]
2018-10-10 22:33:23,598 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [lonestarr] from doGetAuthenticationInfo
2018-10-10 22:33:23,598 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [lonestarr]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=true].
2018-10-10 22:33:23,598 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
2018-10-10 22:33:23,598 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
2018-10-10 22:33:23,599 DEBUG [org.apache.shiro.authc.AbstractAuthenticator] - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - lonestarr, rememberMe=true]. Returned account [lonestarr]
2018-10-10 22:33:23,599 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
2018-10-10 22:33:23,599 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a SecurityManager instance. Returning.
2018-10-10 22:33:23,599 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,599 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Context already contains a session. Returning.
2018-10-10 22:33:23,599 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
2018-10-10 22:33:23,599 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,600 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,601 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,601 TRACE [org.apache.shiro.mgt.DefaultSecurityManager] - This org.apache.shiro.mgt.DefaultSecurityManager instance does not have a [org.apache.shiro.mgt.RememberMeManager] instance configured. RememberMe services will not be performed for account [lonestarr].
2018-10-10 22:33:23,601 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,602 INFO [com.axb.cheney.shiro.quickstart.Quickstart] - User [lonestarr] logged in successfully.
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,602 TRACE [org.apache.shiro.realm.AuthorizingRealm] - Retrieving AuthorizationInfo for principals [lonestarr]
2018-10-10 22:33:23,603 INFO [com.axb.cheney.shiro.quickstart.Quickstart] - May the Schwartz be with you!
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.realm.AuthorizingRealm] - Retrieving AuthorizationInfo for principals [lonestarr]
2018-10-10 22:33:23,603 INFO [com.axb.cheney.shiro.quickstart.Quickstart] - You may use a lightsaber ring. Use it wisely.
2018-10-10 22:33:23,603 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.realm.AuthorizingRealm] - Retrieving AuthorizationInfo for principals [lonestarr]
2018-10-10 22:33:23,604 INFO [com.axb.cheney.shiro.quickstart.Quickstart] - You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. Here are the keys - have fun!
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,604 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Logging out subject with primary principal lonestarr
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.realm.CachingRealm] - Cleared cache entries for account with principals [lonestarr]
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,604 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,605 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,605 TRACE [org.apache.shiro.subject.support.DelegatingSubject] - attempting to get session; create = false; session is null = false; session has id = true
2018-10-10 22:33:23,605 TRACE [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Attempting to retrieve session with key [email protected]
2018-10-10 22:33:23,605 DEBUG [org.apache.shiro.session.mgt.AbstractSessionManager] - Stopping session with id [a84ce069-e03c-47d7-b650-3fd5a438d7c9]