Shiro 自定义 Realm

一. 创建自定义Realm:CustomRealm

处理过程:先认证,后授权

package com.example.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

public class CustomRealm extends AuthorizingRealm {
    private static final String customName = "customName";
    /**
     * @Description 模拟用户缓存数据
     */
    Map<String, String> userMap = new HashMap<>();
    {
        userMap.put("Mark", "123");
        userMap.put("xiaoming", "123");
        super.setName(customName);
    }

    /**
     * @Description 授权
     * @Param [principalCollection]
     * @Return org.apache.shiro.authz.AuthorizationInfo
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 1. 获取用户名
        String userName = (String) principalCollection.getPrimaryPrincipal();
        // 2. 获取角色数据
        Set<String> role = getRolesByUserName(userName);
        // 3. 获取权限数据
        Set<String> permission = getPermissionsByRoleName(userName);
        // 4. 创建返回对象
        SimpleAuthorizationInfo simpleAuthenticationInfo = new SimpleAuthorizationInfo();
        // 4.1 设置角色
        simpleAuthenticationInfo.setRoles(role);
        // 4.2 设置权限
        simpleAuthenticationInfo.setStringPermissions(permission);
        return simpleAuthenticationInfo;
    }

    /**
     * @Description 模拟用户角色数据
     */
    public Set<String> getRolesByUserName(String userName) {
        Set<String> roleSet = new HashSet<>();
        roleSet.add("admin");
        roleSet.add("user");
        return roleSet;
    }

    /**
     * @Description 模拟角色权限数据
     */
    public Set<String> getPermissionsByRoleName(String permission) {
        Set<String> permissionsSet = new HashSet<>();
        permissionsSet.add("user:delete");
        permissionsSet.add("user:select");
        return permissionsSet;
    }

    /**
     * @Description 认证
     * @Param [authenticationToken]
     * @Return org.apache.shiro.authc.AuthenticationInfo
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        // 1. 接收主体传过来的用户名
        String userName = (String) authenticationToken.getPrincipal();
        // 2. 根据用户名在数据库或缓存中获取凭证
        String pwd = userMap.get(userName);
        if (pwd.isEmpty()) {
            return null;
        }
        // 3. 创建返回对象并设置用户信息
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userName, pwd, customName);
        return simpleAuthenticationInfo;
    }
}

二. 创建测试类

package com.example.controller;

import com.example.config.CustomRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class CustomRealmTest {
    @Test
    public void test() {
        // 1. 创建自定义Realm对象
        CustomRealm customRealm = new CustomRealm();

        // 2. 构建SecurityManage环境,设置域
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        defaultSecurityManager.setRealm(customRealm);

        // 3. 提交主体认证请求
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        Subject subject = SecurityUtils.getSubject();

        // 4. 模拟用户
        UsernamePasswordToken token = new UsernamePasswordToken("xiaoming","123");

        // 5. 登录
        subject.login(token);
        // 5.1 验证是否认证
        System.out.println(subject.isAuthenticated());

        // 6. 验证角色
        subject.checkRoles("admin");

        // 7. 验证权限
        subject.checkPermission("user:delete");
    }
}

三. 测试 - OK