Apache Shiro教程(二)简易程序配置
1、配置shiro.ini文件此处采用 SHA-512 算法加密,哈希1024次,哈希后的密码以64位编码存储
1 # ===================================================================================
2 # Shiro INI configuration
3 # ===================================================================================
4
5 hashedCredentialsMatcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
6 hashedCredentialsMatcher.hashAlgorithmName = SHA-512
7 hashedCredentialsMatcher.hashIterations = 1024
8 hashedCredentialsMatcher.storedCredentialsHexEncoded = false
9 saltAwareIniRealm = com.cnblogs.javalouvre.shiro.realm.text.SaltAwareIniRealm
10 saltAwareIniRealm.resourcePath = classpath:shiro.ini
11 saltAwareIniRealm.credentialsMatcher = $hashedCredentialsMatcher
12 securityManager.realm = $saltAwareIniRealm
13 ehCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
14 ehCacheManager.cacheManagerConfigFile = classpath:ehcache.xml
15 securityManager.cacheManager = $ehCacheManager
16
17
18 system = E18H4biesus/SiiAyGb/sLDHpRACpwofpmKAgYojqxG8w1mX9aFGu51/O+ha02fpr4zoQXfyE/W919KWv7RwLA==, admin
19 scott= rzN+XZiPCHa+8O9c7jCnEzCE0BOgzitMU2x1aG6eg5f0wpnZcY9HaxyraO9NqUklI5y2bu1xrtgmJRrDe34xrg==, guest
20
21
22 admin = *
23 guest = user:create, user:retrieve, user:update, user:delete
2、自定义Realm
该类继承自类 org.apache.shiro.realm.text.IniRealm 重写 doGetAuthenticationInfo 方法,设置盐值
1 package com.cnblogs.javalouvre.shiro.realm.text;
2
3 import org.apache.shiro.authc.AuthenticationException;
4 import org.apache.shiro.authc.AuthenticationInfo;
5 import org.apache.shiro.authc.AuthenticationToken;
6 import org.apache.shiro.authc.ExpiredCredentialsException;
7 import org.apache.shiro.authc.LockedAccountException;
8 import org.apache.shiro.authc.SimpleAccount;
9 import org.apache.shiro.authc.UsernamePasswordToken;
10 import org.apache.shiro.realm.text.IniRealm;
11 import org.apache.shiro.util.SimpleByteSource;
12
13 public class SaltAwareIniRealm extends IniRealm {
14
15 @Override
16 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
17 UsernamePasswordToken upToken = (UsernamePasswordToken) token;
18 SimpleAccount account = getUser(upToken.getUsername());
19 if (account != null) {
20 if (account.isLocked()) {
21 throw new LockedAccountException("Account [" + account + "] is locked.");
22 }
23 if (account.isCredentialsExpired()) {
24 throw new ExpiredCredentialsException("The credentials for account [" + account + "] are expired.");
25 }
26 }
27 account.setCredentialsSalt(ByteSource.Util.bytes("Nazi"));
28
29 return account;
30 }
31
32 }
3、编写测试类
该类继承自 org.apache.shiro.test.AbstractShiroTest
1 package com.cnblogs.javalouvre.simple;
2
3 import static org.junit.Assert.assertTrue;
4
5 import org.apache.shiro.SecurityUtils;
6 import org.apache.shiro.authc.AuthenticationException;
7 import org.apache.shiro.authc.UsernamePasswordToken;
8 import org.apache.shiro.config.IniSecurityManagerFactory;
9 import org.apache.shiro.mgt.SecurityManager;
10 import org.apache.shiro.subject.Subject;
11 import org.apache.shiro.test.AbstractShiroTest;
12 import org.apache.shiro.util.Factory;
13 import org.junit.After;
14 import org.junit.AfterClass;
15 import org.junit.Before;
16 import org.junit.BeforeClass;
17 import org.junit.Test;
18
19 public class SimpleTest extends AbstractShiroTest {
20
21 @BeforeClass
22 public static void setUpBeforeClass() throws Exception {
23 Factory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
24 setSecurityManager(factory.getInstance());
25 }
26
27 @Before
28 public void setUp() {
29 // TODO
30 }
31
32 @Test
33 public void testSimple() {
34 super.setSubject(new Subject.Builder(getSecurityManager()).buildSubject());
35
36 Subject subject = SecurityUtils.getSubject();
37 if (!subject.isAuthenticated()) {
38 UsernamePasswordToken token = new UsernamePasswordToken("scott", "tiger", true);
39 try {
40 subject.login(token);
41 } catch (AuthenticationException e) {
42 e.printStackTrace();
43 }
44 }
45
46 assertTrue(subject.hasRole("guest"));
47 assertTrue(subject.isPermitted("user:create"));
48 assertTrue(subject.isPermitted("user:retrieve"));
49 assertTrue(subject.isPermitted("user:update"));
50 assertTrue(subject.isPermitted("user:delete"));
51 }
52
53 @After
54 public void tearDown() {
55 clearSubject();
56 }
57
58 @AfterClass
59 public static void tearDownAfterClass() throws Exception {
60 // TODO
61 }
62
63 }
示例下载
页:
[1]