Shrio study notes (I)

【 Personal understanding 】
Certification is done on top of authorization , When the user logs in , First verify its role , This is empowerment ; After successful authorization , Verify the login account and password , This is authentication .
A user can have multiple roles .

shiro By apache Provided . Create a maven project , add to shiro rely on

		<!--shiro  Core packages -->
        <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core -->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.4.0</version>
        </dependency>

One 、 authentication

shiro authentication

Code implementation ： ad locum , adopt SimpleAccountRealm To simulate the account field , Save the user . Next , Step by step ：
① establish SecurityManager
② The main body （subject） Request authentication
③ from SecurityManager Submit certification
④Authenticator authentication
⑤Realm verification
here , The focus is on the first three steps

private DefaultSecurityManager defaultSecurityManager;

    // Simple account field , To demonstrate 
    private SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm();//

    @Before
    public  void  addUser(){
        // First add a user 
        simpleAccountRealm.addAccount("admin","123456");
    }
    @Test
    public void testAuthentication(){
        //1. structure SecurityManager Environmental Science 
        defaultSecurityManager = new DefaultSecurityManager();
        defaultSecurityManager.setRealm(simpleAccountRealm); // take simpleAccountRealm Set to manager Environment 

        //2. The authentication request is submitted by the subject 
        SecurityUtils.setSecurityManager(defaultSecurityManager); // Set up manager Environmental Science 
        Subject subject = SecurityUtils.getSubject();             // Get the subject 

        // Default constructor , Build the test data to verify 
        UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
        subject.login(token ); // Submit authentication login 

        //3.1  Login authentication 
        System.out.println(" Certification results ："+subject.isAuthenticated());

        //3.2  sign out 
        subject.logout();
        System.out.println(" after , Certification results ："+subject.isAuthenticated());
    }

Running effect ：

Two 、 to grant authorization

shiro to grant authorization

The steps are similar to authentication , Relative to certification , Is to authorize first , Will be certified , In the code , Grant user permissions in the account domain , At the time of certification , Add authorization authentication , Other codes are similar to .

 @Before
    public  void  addUser(){
        // First add a user , With role （ Multiple ）
        simpleAccountRealm.addAccount("admin","123456","admin","user");  
    }

  Login authentication 
 subject.checkRoles("admin","user");  // to grant authorization 
System.out.println(" Certification results ："+subject.isAuthenticated());

GOOD LUCK！！！