Realm Profile:
Again, data domains, Shiro, and connectors for secure data are like jdbc connecting to databases; getting information about authentication and authorization through realm
realm effect:
Shiro retrieves security data from Realm
The default home realm:
idae looks at realm inheritance relationships with default implementations and custom inheritance realms
Two concepts:
Principal: The principal can have more than one logo, but it needs uniqueness. The common ones are username, mobile phone number, mailbox, etc.
credential: Credentials, usually passwords
So generally we say principal + credential plus password
In development, it is often customized realm, that is, integrated Authorizing Realm
JdbcRealm:
Create jdbcRealm database tables:
sql statement:
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for roles_permissions
-- ----------------------------
DROP TABLE IF EXISTS `roles_permissions`;
CREATE TABLE `roles_permissions` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`permission` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_roles_permissions`(`role_name`, `permission`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 6 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of roles_permissions
-- ----------------------------
INSERT INTO `roles_permissions` VALUES (4, 'admin', 'video:*');
INSERT INTO `roles_permissions` VALUES (3, 'role1', 'video:buy');
INSERT INTO `roles_permissions` VALUES (2, 'role1', 'video:find');
INSERT INTO `roles_permissions` VALUES (5, 'role2', '*');
INSERT INTO `roles_permissions` VALUES (1, 'root', '*');
-- ----------------------------
-- Table structure for user_roles
-- ----------------------------
DROP TABLE IF EXISTS `user_roles`;
CREATE TABLE `user_roles` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`role_name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_user_roles`(`username`, `role_name`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 5 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of user_roles
-- ----------------------------
INSERT INTO `user_roles` VALUES (1, 'woxbwo', 'role1');
INSERT INTO `user_roles` VALUES (2, 'woxbwo', 'role2');
INSERT INTO `user_roles` VALUES (4, 'zbbiex', 'admin');
INSERT INTO `user_roles` VALUES (3, 'zbbiex', 'root');
-- ----------------------------
-- Table structure for users
-- ----------------------------
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`password` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
`password_salt` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `idx_users_username`(`username`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES (1, 'woxbwo', '456', NULL);
INSERT INTO `users` VALUES (2, 'zbbiex', '123', NULL);
SET FOREIGN_KEY_CHECKS = 1;
1. Mode 1:
Create a jdbcrealm.ini file and place it in the resource directory. The contents of the file are as follows:
#Note that the file format must be ini, encoding ANSI
#Declare Realm, specify realm type
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
#Configuring data sources
#dataSource=com.mchange.v2.c3p0.ComboPooledDataSource
dataSource=com.alibaba.druid.pool.DruidDataSource
# mysql-connector-java 5 Driver for use url yes com.mysql.jdbc.Driver,mysql-connector-java6 It will be used in the future. com.mysql.cj.jdbc.Driver
dataSource.driverClassName=com.mysql.cj.jdbc.Driver
#Avoid safety warnings
dataSource.url=jdbc:mysql://127.0.0.1:3306/is-shiro-test?characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
dataSource.username=root
dataSource.password=123456
#specify data source
jdbcRealm.dataSource=$dataSource
#Open search permission
jdbcRealm.permissionsLookupEnabled=true
#Specify the Realms implementation of SecurityManager and set realms, which can be multiple, separated by commas
securityManager.realms=$jdbcRealm
Upper Code:
@Test
public void shiroJdbcRealmTest(){
//Establish SecurityManager Factory, through configuration files ini Establish
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:jdbcrealm.ini");
SecurityManager securityManager = factory.getInstance();
//take securityManager Set to the current running environment
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//Account Password Input by User
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("woxbwo", "456");
subject.login(usernamePasswordToken);
//org.apache.shiro.realm.jdbc.JdbcRealm
System.out.println(" Authentication result:"+subject.isAuthenticated());
System.out.println(" Is there a corresponding role1 role:"+subject.hasRole("role1"));
System.out.println("Whether there is video:find Jurisdiction:"+ subject.isPermitted("video:find"));
}
Test results:
Authentication results: 02:34:43.991 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager... 02:34:43.992 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained. Are there corresponding role1 roles: 02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager... 02:34:44.089 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained. Is there video:find permission:
Mode 2:
Upper Code:
@Test
public void shiroJdbcRealmTest2(){
String driveName = "com.mysql.cj.jdbc.Driver";
String dbUrl = "jdbc:mysql://127.0.0.1:3306/is-shiro-test?characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false";
String userName = "root";
String pwd = "123456";
DefaultSecurityManager securityManager = new DefaultSecurityManager();
DruidDataSource ds = new DruidDataSource();
ds.setDriverClassName(driveName);
ds.setUrl(dbUrl);
ds.setUsername(userName);
ds.setPassword(pwd);
JdbcRealm jdbcRealm = new JdbcRealm();
jdbcRealm.setPermissionsLookupEnabled(true);
jdbcRealm.setDataSource(ds);
securityManager.setRealm(jdbcRealm);
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//Account Password Input by User
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("zbbiex", "123");
subject.login(usernamePasswordToken);
System.out.println(" Authentication result:"+subject.isAuthenticated());
System.out.println(" Is there a corresponding role1 role:"+subject.hasRole("role1"));
System.out.println("Whether there is video:find Jurisdiction:"+ subject.isPermitted("video:find"));
System.out.println("Are there any permissions:"+ subject.isPermitted("aaaa:xxxxxxxxx"));
}
Test results:
Authentication results: 02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager... 02:54:26.188 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained. Is there a corresponding role 1: false 02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager... 02:54:26.276 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained. Is there video:find permission: 02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager... 02:54:26.363 [main] DEBUG org.apache.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained. Are there any permissions:true