Shiro入门 - 通过ini文件进行授权

时间:2023-03-09 03:55:53
Shiro入门 - 通过ini文件进行授权

shiro-permission.ini

#用户
[users]
#admin的密码是111111,此用户具有role1、role2两个角色
admin=111111,role1,role2
zhangsan=222222,role2

#角色
[roles]
#角色role1对用户有create、update权限
role1=user:create,user:update

#角色role2对用户有create、delete权限
role2=user:create,user:delete

#角色role3对用户有create权限
role3=user:create

测试代码

 /**
 * 从shiro-permission.ini文件中读取权限
 */
@Test
public void testPermission(){
    Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro/shiro-permission.ini");
    SecurityManager securityManager = factory.getInstance();
    SecurityUtils.setSecurityManager(securityManager);
    Subject subject = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken("admin", "111111");
    subject.login(token);
    System.out.println("认证状态:"+subject.isAuthenticated());

    //认证成功后授权
    //基于角色的授权
    System.out.println(subject.hasRole("role1"));
    System.out.println(subject.hasAllRoles(Arrays.asList("role1", "role2")));

    //基于资源的授权
    System.out.println(subject.isPermitted("user:create"));
    System.out.println(subject.isPermittedAll("user:create", "user:update", "user:delete"));
}

测试结果

认证状态:true
true
true
true
true

相关文章