注:大部分内容摘錄Apache shiro使用手冊
- import org.apache.shiro.SecurityUtils;
- import org.apache.shiro.authc.*;
- import org.apache.shiro.config.IniSecurityManagerFactory;
- import org.apache.shiro.mgt.SecurityManager;
- import org.apache.shiro.session.Session;
- import org.apache.shiro.subject.Subject;
- import org.apache.shiro.util.Factory;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- public class Quickstart {
- private static final transient Logger log = LoggerFactory.getLogger(Quickstart.class);
- public static void main(String[] args) {
- Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
- SecurityManager securityManager = factory.getInstance();
- SecurityUtils.setSecurityManager(securityManager);
- Subject currentUser = SecurityUtils.getSubject();
- Session session = currentUser.getSession();
- session.setAttribute("someKey", "aValue");
- String value = (String) session.getAttribute("someKey");
- if (value.equals("aValue")) {
- log.info("Retrieved the correct value! [" + value + "]");
- }
- if (!currentUser.isAuthenticated()) {
- UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
- token.setRememberMe(true);
- try {
- currentUser.login(token);
- } catch (UnknownAccountException uae) {
- log.info("There is no user with username of " + token.getPrincipal());
- } catch (IncorrectCredentialsException ice) {
- log.info("Password "+token.getCredentials() +"for account " + token.getPrincipal() + " was incorrect!");
- } catch (LockedAccountException lae) {
- log.info("The account for username " + token.getPrincipal() + " is locked. " +
- "Please contact your administrator to unlock it.");
- }
- catch (AuthenticationException ae) {
- }
- }
- log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
- if (currentUser.hasRole("schwartz")) {
- log.info("May the Schwartz be with you!");
- } else {
- log.info("Hello, mere mortal.");
- }
- if (currentUser.isPermitted("lightsaber:weild")) {
- log.info("You may use a lightsaber ring. Use it wisely.");
- } else {
- log.info("Sorry, lightsaber rings are for schwartz masters only.");
- }
- if (currentUser.isPermitted("winnebago:drive:eagle5")) {
- log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " +
- "Here are the keys - have fun!");
- } else {
- log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
- }
- //currentUser.logout();
- System.exit(0);
- }
- }
程式大意解讀:
1. Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
讀取配置檔案擷取SecurityManager執行個體;
2. SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
Session session = currentUser.getSession();
securityManager作為參數擷取“目前操作使用者”currentUser ,擷取目前使用者(被shiro架構封裝好)的session執行個體;
3. UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
token.setRememberMe(true);
生成使用者名/密碼密碼,并選擇了記住我(實用cookie儲存了帳号的資訊);
4. log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
if (currentUser.hasRole("schwartz")) {
log.info("May the Schwartz be with you!");
} else {
log.info("Hello, mere mortal.");
}
![向下轉型 | 學習筆記[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)