1.shiro简介

1.什么是shiro?

  • Apache shiro是一个java的安全(权限)框架
  • shiro可以非常容易的开发出足够好的应用,其不仅可以用在javaSE环境,也可以用在javaEE环境
  • shiro可以完成认证,授权,加密,会话管理,web集成,缓存等.
    官网:http://shiro.apache.org/
    官网简介:

  Apache Shiro™ is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.

10分钟快速入门:http://shiro.apache.org/10-minute-tutorial.html

1.2 有哪些功能呢?

1.3 shiro架构(外部)

1.4shiro架构(内部)

官网上十分钟快速入门:代码:
pom.xml:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><parent><artifactId>springboot-08-shiro</artifactId><groupId>com.qiu</groupId><version>1.0-SNAPSHOT</version></parent><modelVersion>4.0.0</modelVersion><artifactId>hello-shiro</artifactId><dependencies><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.4.1</version></dependency><!-- configure logging --><dependency><groupId>org.slf4j</groupId><artifactId>jcl-over-slf4j</artifactId><scope>runtime</scope><version>1.7.21</version></dependency><dependency><groupId>org.slf4j</groupId><artifactId>slf4j-log4j12</artifactId><scope>runtime</scope><version>1.7.21</version></dependency><dependency><groupId>log4j</groupId><artifactId>log4j</artifactId><version>1.2.17</version></dependency></dependencies>
</project>

resources:

log4j.properties:

log4j.rootLogger=INFO, stdoutlog4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n# General Apache libraries
log4j.logger.org.apache=WARN# Spring
log4j.logger.org.springframework=WARN# Default Shiro logging
log4j.logger.org.apache.shiro=INFO# Disable verbose logging
log4j.logger.org.apache.shiro.util.ThreadContext=WARN
log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN

shiro.ini

[users]
# user 'root' with password 'secret' and the 'admin' role
root = secret, admin
# user 'guest' with the password 'guest' and the 'guest' role
guest = guest, guest
# user 'presidentskroob' with password '12345' ("That's the same combination on
# my luggage!!!" ;)), and role 'president'
presidentskroob = 12345, president
# user 'darkhelmet' with password 'ludicrousspeed' and roles 'darklord' and 'schwartz'
darkhelmet = ludicrousspeed, darklord, schwartz
# user 'lonestarr' with password 'vespa' and roles 'goodguy' and 'schwartz'
lonestarr = vespa, goodguy, schwartz# -----------------------------------------------------------------------------
# Roles with assigned permissions
#
# Each line conforms to the format defined in the
# org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc
# -----------------------------------------------------------------------------
[roles]
# 'admin' role has all permissions, indicated by the wildcard '*'
admin = *
# The 'schwartz' role can do anything (*) with any lightsaber:
schwartz = lightsaber:*
# The 'goodguy' role is allowed to 'drive' (action) the winnebago (type) with
# license plate 'eagle5' (instance specific id)
goodguy = winnebago:drive:eagle5

类:Quickstart


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;/*** Simple Quickstart application showing how to use Shiro's API.** @since 0.9 RC2*/
public class Quickstart {private static final transient Logger log = LoggerFactory.getLogger(Quickstart.class);public static void main(String[] args) {// The easiest way to create a Shiro SecurityManager with configured// realms, users, roles and permissions is to use the simple INI config.// We'll do that by using a factory that can ingest a .ini file and// return a SecurityManager instance:// Use the shiro.ini file at the root of the classpath// (file: and url: prefixes load from files and urls respectively)://创建具有配置的领域,用户,角色和权限的Shiro SecurityManager的最简单方法是使用简单的INI配置。//我们将通过使用可以提取.ini文件并返回SecurityManager实例的工厂来做到这一点:// 在类路径的根目录下使用shiro.ini文件//(分别从文件和url加载文件:和url:前缀):Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");SecurityManager securityManager = factory.getInstance();// for this simple example quickstart, make the SecurityManager// accessible as a JVM singleton.  Most applications wouldn't do this// and instead rely on their container configuration or web.xml for// webapps.  That is outside the scope of this simple quickstart, so// we'll just do the bare minimum so you can continue to get a feel// for things.//对于这个简单的示例快速入门,请使SecurityManager作为JVM单例。// 大多数应用程序不会这样做,而是依赖于其容器配置或webapps的web.xml。// 这超出了此简单快速入门的范围,因此我们将只做最少的工作,以便您可以继续感受一下。SecurityUtils.setSecurityManager(securityManager);// Now that a simple Shiro environment is set up, let's see what you can do:// get the currently executing user://获取当前的用户对象Subject currentUser = SecurityUtils.getSubject();// Do some stuff with a Session (no need for a web or EJB container!!!)//通过当前用户拿到sessionSession session = currentUser.getSession();session.setAttribute("someKey", "aValue");String value = (String) session.getAttribute("someKey");if (value.equals("aValue")) {log.info("subject=>session中取了一个值为: [" + value + "]");}// let's login the current user so we can check against roles and permissions://判断当前的用户是否被认证if (!currentUser.isAuthenticated()) {//token 令牌UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");token.setRememberMe(true);//设置记住我try {currentUser.login(token);//执行了登录操作} catch (UnknownAccountException uae) {//未知的账户异常log.info("There is no user with username of " + token.getPrincipal());} catch (IncorrectCredentialsException ice) {//密码不对log.info("Password for account " + token.getPrincipal() + " was incorrect!");} catch (LockedAccountException lae) {//用户被锁定log.info("The account for username " + token.getPrincipal() + " is locked.  " +"Please contact your administrator to unlock it.");}// ... catch more exceptions here (maybe custom ones specific to your application?catch (AuthenticationException ae) {//认证异常//unexpected condition?  error?}}//say who they are://print their identifying principal (in this case, a username):log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");//test a role:if (currentUser.hasRole("schwartz")) {log.info("May the Schwartz be with you!");} else {log.info("Hello, mere mortal.");}//test a typed permission (not instance-level)//粗粒度if (currentUser.isPermitted("lightsaber:wield")) {log.info("You may use a lightsaber ring.  Use it wisely.");} else {log.info("Sorry, lightsaber rings are for schwartz masters only.");}//a (very powerful) Instance Level permission://细粒度if (currentUser.isPermitted("winnebago:drive:eagle5")) {log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'.  " +"Here are the keys - have fun!");} else {log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");}//all done - log out!//注销currentUser.logout();//结束System.exit(0);}
}

启动效果:
SpringSecurity中都有.

Shiro的详细简介解释(快速搭建官网解释代码)相关推荐

  1. 【Microsoft Azure 的1024种玩法】五十九.基于Azure云平台快速搭建GitLab应用实现代码托管

    [简介] GitLab是由GitLab Inc.开发,一款基于Git的完全整合的软体开发平台,以 Git 作为代码管理工具并实现自托管的 Git 项目仓库,本篇文章主要介绍如何在Azure Virtu ...

  2. 10.5k Star!可快速搭建私人网盘的开源项目

    10.5k Star!可快速搭建私人网盘的开源项目 [导语]:可搭建私人网盘的在线文件浏览器. 简介 filebrowser 提供指定目录下的文件管理界面,可用于搭建私人网盘,在线管理各种文件资源,内 ...

  3. 【云存储】使用OSS快速搭建个人网盘教程(阿里云)

    使用OSS快速搭建个人网盘 一.基础概要 1. 主要的存储类型 1.1 块存储 1.2 文件存储 1.3 对象存储 2. 对象存储OSS 2.1 存储空间 2.2 地域 2.3 对象 2.4 读写权限 ...

  4. 腾讯云轻量快速搭建个人网盘

    腾讯云轻量快速搭建个人网盘 现在市面上的网盘大多数都限速,并且文件可能不安全,所以拥有一个自己的服务器就可以搭建轻便的个人网盘了,最方便的是你不需要任何tx服务器的知识,因为腾讯云轻量应用服务器已经把 ...

  5. 全网最详细中英文ChatGPT-GPT-4示例文档-智能AI写作从0到1快速入门——官网推荐的48种最佳应用场景(附python/node.js/curl命令源代码,小白也能学)

    从0到1快速入门智能AI写作应用场景 Introduce 简介 setting 设置 Prompt 提示 Sample response 回复样本 API request 接口请求 python接口请 ...

  6. 黑苹果详细安装教程-基于OpenCore官网指导-UPUPMO(macOS Monterey)

    文章大纲 01. 必备知识 02. 作者当前硬件说明 03. 主板 BIOS 版本升级 04. 确定声卡.网卡信息 05. 配置 EFI 驱动 06. 配置 ACPI(SSDTs) 07. 配置 co ...

  7. GitHub标星10.8K!快速搭建私人网盘

    来自:开源最前线(ID:OpenSourceTop) 链接:https://blog.eduonix.com/software-development/top-10-ides-c-c-develope ...

  8. MySQL中varchar最大长度是多少(真正的官网解释,事实说话)

    Mysql5.6 字符集 utf8mb4 中varcha的长度最大为15936 使用二分法试出来的(见下图) 经过反复测试,最大值那个错误,官网说法最大值是65535bytes,utf8mb4每个字符 ...

  9. 苹果12官网html代码免费版,今日苹果官网上线了iOS12系统的中文介绍页!

    [PConline资讯]6月22日消息今日,苹果官网上线iOS12中文介绍页,宣传语"力量与你同在". 同时,新的macOSMojave.watchOS5也增加了中文介绍.macO ...

  10. 仿京东BOE官网 html代码

    <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...

最新文章

  1. 2022-2028年中国服装电商行业发展战略规划及投资方向研究报告
  2. fc天使之翼2020修改版下载_海岛奇兵无限钻石修改版下载-海岛奇兵无限钻石修改版下载2020...
  3. ExtJS实现完美Grid(2)--分组统计
  4. Windows驱动开发学习笔记(七)—— 多核同步内核重载
  5. MyBatis-学习笔记08【08.动态SQL】
  6. Django框架深入了解_03(DRF之认证组件、权限组件、频率组件、token)
  7. 设计模式在项目中的应用案例_设计模式在项目中的应用(初学者版)
  8. “约见”面试官系列之常见面试题第二十六篇之vue-router的hash和history(建议收藏)
  9. 华强北耳机修改序列号|支持中英文|自定义修改|傻瓜式一键修改序列号~
  10. 【Sublime】使用 Sublime 工具时运行python文件
  11. 【转】经典SQL语句大全
  12. 【LeetCode】剑指 Offer 64. 求1+2+…+n
  13. oracle的sga怎么设置,oracle sga设置
  14. Spring+SpringMVC+MyBatis整合基础篇
  15. 实用防火与防爆技术培训—总目录
  16. excel二极管伏安特性曲线_【电子知识点】半导体二极管amp;三极管
  17. 计算机上显示找不到无线网络连接,为什么找不到无线网络,电脑上连接WIFI的图标不见了,怎么办?...
  18. 普中科技单片机AD电压数模转换。STC89C52和XPT2046 芯片
  19. 2018 SUCTF招新赛
  20. SAP-PM设备模块-PM主数据之设备主数据

热门文章

  1. Mac OS下Axure RP 8.0.0.3312安装及注册汉化
  2. 油猴脚本的使用和安装
  3. 『Python动手学』PyQt5入门教程
  4. php 判断来访IP地址是国内还是国外的
  5. 几种表面缺陷检测数据集
  6. 最全的Vim操作快捷键
  7. c语言39关键字及其含义,C语言关键字含义
  8. python一键清屏_在python中将代码清屏的方法
  9. c语言课程设计错误总结,C语言课程设计总结总结经验
  10. 大姨吗的戏 投资人的伤