在学习shiro认证的途中发现讲的是 IniSecurityManagerFactory方法,但是现在被弃用了,在网上找了新的方法,运行完发现报错了
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
public class Demo2 {
public static void main(String[] args) {
DefaultSecurityManager securityManager=new DefaultSecurityManager();
IniRealm iniRealm=new IniRealm("classpath:shiro-realm.ini");
securityManager.setRealm(iniRealm);//新的方法,但是报错
/* Factory<SecurityManager> factory=new IniSecurityManagerFactory("classpath:shiro-realm.ini");
SecurityManager securityManager=factory.getInstance();*/ //被弃用的方法但是可以使用
//把securityManager绑定到setSecurityManager上
SecurityUtils.setSecurityManager(securityManager);
//获取当前的subject,调用get方法
Subject subject = SecurityUtils.getSubject();
//给令牌一个用户名和密码
UsernamePasswordToken token=new UsernamePasswordToken("zhangsan","000");
//模拟令牌的提交
subject.login(token);
//设立一个布尔函数来显示是否匹配成功
boolean authenticated = subject.isAuthenticated();
System.out.println(authenticated);
}
}
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import java.util.ArrayList;
import java.util.List;
public class MyRealm extends AuthorizingRealm {
@Override
public void setName(String name) {
super.setName("myRealm");
}
//提供认证的数据
//认证器会调用该realm的该方法,该方法把从数据库中查询出来的正确的用户名密码返回给认证器
//认证器把token中的数据和realm中正确的用户名密码对比,一致则认证通过,否则不通过
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//根据用户名查询
String username = (String) authenticationToken.getPrincipal();//从令牌中获取用户名
//调用service的根据用户名查询的功能
String pass="000";
//把查询出来的用户信息封装到SimpleAuthenticationInfo对象中,返回给认证器
//第三个参数是当前realm的名字
SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(username,pass,getName());
return simpleAuthenticationInfo;
}
//提供授权的数据
//授权器(Authorizer)调用该realm的该方法
//该方法从数据库中查询出用户的权限,返回给Authorizer
//Authorizer把用户访问的资源和该方法返回的权限一一比较,如果在权限之内允许访问执行用户访问的资源
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//得到认证的用户
String primaryPrincipal = (String) principalCollection.getPrimaryPrincipal();//得到了用户身份数据
//调用service的功能得到用户的权限
List<String> list=new ArrayList<>();
list.add("item:create");
list.add("item:update");
list.add("item:query");
SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
simpleAuthorizationInfo.addStringPermissions(list);
return simpleAuthorizationInfo;
}
}
报错问题如下:
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Exception in thread "main" org.apache.shiro.authc.UnknownAccountException: Realm [org.apache.shiro.realm.text.IniRealm@3d71d552] was unable to find account data for the submitted AuthenticationToken [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false].
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:184)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:273)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:275)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:260)
at com.authenticator.Demo2.main(Demo2.java:28)