Java Code Examples for org.apache.shiro.mgt.DefaultSecurityManager#setRealm()

The following examples show how to use org.apache.shiro.mgt.DefaultSecurityManager#setRealm() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BaseShiroTest.java    From spring-boot-tutorial with Creative Commons Attribution Share Alike 4.0 International 6 votes vote down vote up
@Test
@DisplayName("基本认证测试例")
public void testAuthentication() {

    // 构建 SecurityManager
    DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
    defaultSecurityManager.setRealm(simpleAccountRealm);

    // Subject 提交认证请求
    SecurityUtils.setSecurityManager(defaultSecurityManager); // 设置 SecurityManager
    Subject subject = SecurityUtils.getSubject(); // 获取当前 Subject

    // 登录
    UsernamePasswordToken token = new UsernamePasswordToken("root", "root");
    subject.login(token);

    // subject.isAuthenticated() 用于判断用户是否认证成功
    System.out.println("isAuthenticated:" + subject.isAuthenticated());
    Assertions.assertTrue(subject.isAuthenticated());

    // 登出
    subject.logout();

    System.out.println("isAuthenticated:" + subject.isAuthenticated());
    Assertions.assertFalse(subject.isAuthenticated());
}
 
Example 2
Source File: ShiroAutoConfiguration.java    From shiro-spring-boot-starter with Apache License 2.0 6 votes vote down vote up
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultSecurityManager securityManager, Realm realm, ShiroFilterRegistry registry) {
	securityManager.setRealm(realm);

       Map<String, String> filterDef = swapKeyValue(properties.getFilterChainDefinitions());
       log.info("过虑器配置: {}", filterDef);
       log.info("自定义过虑器: {}", registry.getFilterMap());

	ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
	shiroFilter.setSecurityManager(securityManager);
	shiroFilter.setLoginUrl(properties.getLoginUrl());
	shiroFilter.setSuccessUrl(properties.getSuccessUrl());
	shiroFilter.setUnauthorizedUrl(properties.getUnauthorizedUrl());

	shiroFilter.setFilterChainDefinitionMap(filterDef);
       shiroFilter.getFilters().putAll(registry.getFilterMap());

	return shiroFilter;
}
 
Example 3
Source File: BaseShiroTest.java    From spring-boot-tutorial with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
@Test
@DisplayName("基本授权测试例")
public void testAuthorization() {

    // 构建 SecurityManager
    DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
    defaultSecurityManager.setRealm(simpleAccountRealm);

    // Subject 提交认证请求
    SecurityUtils.setSecurityManager(defaultSecurityManager); // 设置 SecurityManager
    Subject subject = SecurityUtils.getSubject(); // 获取当前 Subject

    // 登录
    UsernamePasswordToken token = new UsernamePasswordToken("root", "root");
    subject.login(token);

    // subject.isAuthenticated() 用于判断用户是否认证成功
    System.out.println("isAuthenticated:" + subject.isAuthenticated());
    Assertions.assertTrue(subject.isAuthenticated());

    // 判断 subject 是否具有 admin 和 user 两个角色权限,如没有则会报错
    subject.checkRoles("admin", "user");
    Assertions.assertTrue(subject.hasRole("admin"));
    Assertions.assertTrue(subject.hasRole("user"));
    Assertions.assertFalse(subject.hasRole("xxx"));

    Assertions.assertTrue(subject.hasAllRoles(Arrays.asList("admin", "user")));
    Assertions.assertFalse(subject.hasAllRoles(Arrays.asList("admin", "user", "xxx")));
}
 
Example 4
Source File: MyShiroRealmTest.java    From spring-boot-tutorial with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
@Test
public void testAuthentication() {

    // 构建 SecurityManager
    DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
    defaultSecurityManager.setRealm(myRealm);

    // Subject 提交认证请求
    SecurityUtils.setSecurityManager(defaultSecurityManager); // 设置 SecurityManager
    Subject subject = SecurityUtils.getSubject(); // 获取当前 Subject

    // 登录
    UsernamePasswordToken token = new UsernamePasswordToken("root", "root");
    subject.login(token);

    // subject.isAuthenticated() 用于判断用户是否认证成功
    System.out.println("isAuthenticated:" + subject.isAuthenticated());
    Assertions.assertTrue(subject.isAuthenticated());

    // 判断 subject 是否是指定的一个或多个角色
    subject.checkRoles("admin", "user");
    Assertions.assertTrue(subject.hasRole("admin"));
    Assertions.assertTrue(subject.hasRole("user"));
    Assertions.assertFalse(subject.hasRole("xxx"));
    Assertions.assertTrue(subject.hasAllRoles(Arrays.asList("admin", "user")));
    Assertions.assertFalse(subject.hasAllRoles(Arrays.asList("admin", "user", "xxx")));

    // 判断 subject 是否是拥有指定的一个或多个权限
    subject.checkPermission("user:add");
    subject.checkPermission("user:delete");
    subject.checkPermissions("user:add", "user:delete");
    Assertions.assertTrue(subject.isPermitted("user:add"));
    Assertions.assertTrue(subject.isPermitted("user:delete"));
    Assertions.assertTrue(subject.isPermittedAll("user:add", "user:delete"));
    Assertions.assertFalse(subject.isPermittedAll("user:add", "user:delete", "user:update"));
}
 
Example 5
Source File: ShiroConfiguration.java    From spring-boot-shiro with Apache License 2.0 5 votes vote down vote up
@Bean(name = "securityManager")
@DependsOn(value = {"cacheManager", "rememberMeManager", "mainRealm"})
public DefaultSecurityManager securityManager(Realm realm, RememberMeManager rememberMeManager,
                                              CacheManager cacheManager, SessionManager sessionManager) {
    DefaultSecurityManager sm = new DefaultWebSecurityManager();
    sm.setRealm(realm);
    sm.setCacheManager(cacheManager);
    sm.setSessionManager(sessionManager);
    sm.setRememberMeManager(rememberMeManager);
    return sm;
}
 
Example 6
Source File: ShiroConfiguration.java    From utils with Apache License 2.0 5 votes vote down vote up
@Bean(name = "securityManager")
@DependsOn(value = {"cacheManager", "rememberMeManager", "mainRealm"})
public DefaultSecurityManager securityManager(Realm realm, RememberMeManager rememberMeManager, CacheManager cacheManager, SessionManager sessionManager) {
    DefaultSecurityManager sm = new DefaultWebSecurityManager();
    sm.setRealm(realm);
    sm.setCacheManager(cacheManager);
    sm.setSessionManager(sessionManager);
    sm.setRememberMeManager(rememberMeManager);

    return sm;
}
 
Example 7
Source File: ShiroAutoConfiguration.java    From shiro-spring-boot with Apache License 2.0 5 votes vote down vote up
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultSecurityManager securityManager, Realm realm) {
	securityManager.setRealm(realm);

	ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
	shiroFilter.setSecurityManager(securityManager);
	shiroFilter.setLoginUrl(properties.getLoginUrl());
	shiroFilter.setSuccessUrl(properties.getSuccessUrl());
	shiroFilter.setUnauthorizedUrl(properties.getUnauthorizedUrl());
	shiroFilter.setFilterChainDefinitionMap(properties.getFilterChainDefinitionMap());
	return shiroFilter;
}
 
Example 8
Source File: ShiroConfig.java    From SpringBoot-Base-System with GNU Lesser General Public License v3.0 4 votes vote down vote up
/**
 * shiro拦截器
 * 
 * @time 2018年4月10日 下午5:10:12.
 * 
 * @version V1.0
 * @param securityManager
 * @param realm
 * @return ShiroFilterFactoryBean
 */
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultSecurityManager securityManager, Realm realm) {
	securityManager.setRealm(realm);

	ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
	shiroFilter.setSecurityManager(securityManager);
	shiroFilter.setLoginUrl("/admin/login");
	shiroFilter.setSuccessUrl("/admin/index");
	shiroFilter.setUnauthorizedUrl("/assets/401.html");
	Map<String, String> filterChainDefinitionMap = new HashMap<String, String>();
	filterChainDefinitionMap.put("/assets/**", "anon");
	filterChainDefinitionMap.put("/admin/regist", "anon");// 添加
	filterChainDefinitionMap.put("/admin/login", "anon");

	filterChainDefinitionMap.put("/isTrue", "anon"); // 验证码异步验证

	// 个人信息
	filterChainDefinitionMap.put("/admin/info/**", "anon");
	// 自主还书
	filterChainDefinitionMap.put("/admin/borrow/**", "anon");
	filterChainDefinitionMap.put("/admin/user/index", "perms[system:user:index]");
	filterChainDefinitionMap.put("/admin/user/add", "perms[system:user:add]");
	filterChainDefinitionMap.put("/admin/user/edit*", "perms[system:user:edit]");
	filterChainDefinitionMap.put("/admin/user/deleteBatch", "perms[system:user:deleteBatch]");
	filterChainDefinitionMap.put("/admin/user/grant/**", "perms[system:user:grant]");
	filterChainDefinitionMap.put("/admin/user/resume/**", "perms[system:user:resume]");
	// 注册账号验证和添加账号验证
	filterChainDefinitionMap.put("/admin/user/isExist/**", "anon");
	filterChainDefinitionMap.put("/admin/user/isAvailable/**", "anon");
	filterChainDefinitionMap.put("/admin/user/isAllTrue/**", "anon");

	filterChainDefinitionMap.put("/admin/role/index", "perms[system:role:index]");
	filterChainDefinitionMap.put("/admin/role/add", "perms[system:role:add]");
	filterChainDefinitionMap.put("/admin/role/edit*", "perms[system:role:edit]");
	filterChainDefinitionMap.put("/admin/role/deleteBatch", "perms[system:role:deleteBatch]");
	filterChainDefinitionMap.put("/admin/role/grant/**", "perms[system:role:grant]");

	filterChainDefinitionMap.put("/admin/resource/index", "perms[system:resource:index]");
	filterChainDefinitionMap.put("/admin/resource/add", "perms[system:resource:add]");
	filterChainDefinitionMap.put("/admin/resource/edit*", "perms[system:resource:edit]");
	filterChainDefinitionMap.put("/admin/resource/deleteBatch", "perms[system:resource:deleteBatch]");

	filterChainDefinitionMap.put("/druid/", "perms[system:resource:druid]");// druid
	filterChainDefinitionMap.put("/admin/memorandum/*", "perms[system:memorandum:memorandum]");// 系统记录,只使用一个拦截url
	// 添加过滤条件
	filterChainDefinitionMap.put("/admin/books/book_management", "perms[system:books:book_management]");

	filterChainDefinitionMap.put("/admin/**", "user"); // 默认所有均可依靠cookie,本项目隐藏bug,cookie太大,无法保存在浏览器本地
	shiroFilter.setFilterChainDefinitionMap(filterChainDefinitionMap);
	return shiroFilter;
}