学习Shiro——采用jdbcRealm实现身份认证
2017-06-12 00:00
585 查看
摘要: 学习地址:http://www.java1234.com/a/yuanchuang/shiro/2015/1104/5181.html
1.pom.xml文件:
2.jdbc_realm.ini
3.创建数据库db_shiro,表users
4.log4j.properties
5.HelloWorld.java文件
6.文件布局
7.运行结果
将密码改错,运行失败的结果:抛出异常
1.pom.xml文件:
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.test</groupId> <artifactId>myShiro</artifactId> <version>1.0-SNAPSHOT</version> <dependencies> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.3.2</version> </dependency> <!-- https://mvnrepository.com/artifact/org.slf4j/slf4j-log4j12 --> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> <version>1.6.4</version> </dependency> <!-- https://mvnrepository.com/artifact/c3p0/c3p0 --> <dependency> <groupId>c3p0</groupId> <artifactId>c3p0</artifactId> <version>0.9.1.2</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging --> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency> <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version></version> </dependency> </dependencies> </project>
2.jdbc_realm.ini
[main] jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm dataSource =com.mchange.v2.c3p0.ComboPooledDataSource dataSource.driverClass= com.mysql.jdbc.Driver dataSource.jdbcUrl = jdbc:mysql://localhost:3306/db_shiro dataSource.user=upgrade dataSource.password=upgrade jdbcRealm.dataSource =$dataSource securityManager.realms = $jdbcRealm
3.创建数据库db_shiro,表users
4.log4j.properties
# LOG4J配置 log4j.rootLogger=debug,stdout ### 把日志信息输出到控制台 ### log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m%n
5.HelloWorld.java文件
import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.config.IniSecurityManagerFactory; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.subject.Subject; import org.apache.shiro.util.Factory; /** * Created by guanguan on 17/6/12. */ public class HelloWorld { public static void main(String[] args) { //读配置文件,初始化SecurityManager Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:jdbc_realm.ini"); //获取SecurityManager实例 SecurityManager securityManager = factory.getInstance(); //把SecurityManager实例绑定到SecurityUtils SecurityUtils.setSecurityManager(securityManager); //获取当前登录的用户 Subject currentUser = SecurityUtils.getSubject(); //构建token令牌。用户名/密码 UsernamePasswordToken token = new UsernamePasswordToken("jack1234", "1234"); try { //身份认证 currentUser.login(token); System.out.println("登录成功"); } catch (UnknownAccountException uae) { System.out.println("对用户进行登录验证..验证未通过,未知账户"); } catch (IncorrectCredentialsException ice) { System.out.println("对用户进行登录验证..验证未通过,错误的凭证,密码不正确"); } catch (LockedAccountException lae) { System.out.println("对用户进行登录验证..验证未通过,账户已锁定"); } catch (ExcessiveAttemptsException eae) { System.out.println("对用户进行登录验证..验证未通过,错误次数过多"); } catch (AuthenticationException e) { e.printStackTrace(); System.out.println("登录失败"); } } }
6.文件布局
7.运行结果
2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [jack1234] from doGetAuthenticationInfo 2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [jack1234]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - jack1234, rememberMe=false]. 2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [[C] 2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.authc.AbstractAuthenticator] - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - jack1234, rememberMe=false]. Returned account [jack1234] 2017-06-12 15:15:29,092 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2017-06-12 15:15:29,093 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2017-06-12 15:15:29,093 DEBUG [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - No sessionValidationScheduler set. Attempting to create default instance. 2017-06-12 15:15:29,094 INFO [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Enabling session validation scheduler... 2017-06-12 15:15:29,103 DEBUG [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 登录成功 Process finished with exit code 0
将密码改错,运行失败的结果:抛出异常
2017-06-12 15:26:54,861 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [jack1234] from doGetAuthenticationInfo 2017-06-12 15:26:54,861 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [jack1234]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - jack1234, rememberMe=false]. 2017-06-12 15:26:54,861 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [[C] 2017-06-12 15:26:54,861 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 登录失败 org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - jack1234, rememberMe=false] did not match the expected credentials. at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600) at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:578) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) at HelloWorld.main(HelloWorld.java:31) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147) Process finished with exit code 0
相关文章推荐
- Shiro身份认证、Realm&JDBC Reaml
- Apache shiro集群实现 (三)shiro身份认证(Shiro Authentication)
- [shiro学习笔记]第二节 shiro与web融合实现一个简单的授权认证
- shiro授权,自定义realm实现授权,shiro与项目集成,在项目中实现认证及授权
- [shiro学习笔记]第二节 shiro与web融合实现一个简单的授权认证
- Shiro 入门到毁灭(第二步) [realm实现认证]
- 采用ApacheShiro来实现应用的权限认证
- Apache shiro集群实现 (三)shiro身份认证(Shiro Authentication)
- shiro实现不同身份使用不同Realm进行验证
- shiro authorizingrealm实现认证授权
- Shiro 学习笔记(2)—— Jdbc Realm
- [shiro学习笔记]第二节 shiro与web融合实现一个简单的授权认证
- Shiro Review——自定义Realm实现认证
- Shiro-学习总结-认证之自定义realm
- 采用普通的脱机指纹终端来实现大容量指纹身份认证应用(超过3000枚)是不可取的
- 基于AOP实现权限管理:通过shiro认证身份和模拟授权认证
- Shiro学习总结(3)——Apache Shiro身份认证
- Shiro学习总结(3)——Apache Shiro身份认证
- Shiro 入门到毁灭(第三步) [realm实现认证之盐值加密]
- Shiro 自定义realm授权与认证的实现