??? 测试通过,感觉初步学会通过shiro对用户登录进行认证。这里记录下测试遇见的问题及解决方法。
开发环境:MyEclipse
jdk版本:1.8
添加pom依赖如下:
class="java"> <dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.3</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.25</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>0.2.23</version>
</dependency>
</dependencies>
?
?
log4j.rootLogger=debug, stdout log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n
?
在classpath创建shiro.ini文件,将用户名、密码配置在文件中。
[users] zhangsan=123 lisi=123
?
??? 构建SecurityManager工厂,IniSecurityManagerFactory可以从ini文件中初始化SecurityManager环境。
再通过工厂创建securityManager,将其设置到运行环境中。再通过securitymanager创建一个subject实例。
??? 接下来创建token令牌,记录用户认证的身份和凭证(即用户名和密码)。
??? subject与token里信息比对,验证是否通过。
??? 最后用户退出。
@Test
public void testHelloworld(){
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager =factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhangsan","123");
try{
subject.login(token);
System.out.println("验证成功");
} catch (AuthenticationException e){
System.out.println("验证失败");
}
Assert.assertEquals(true, subject.isAuthenticated());
subject.logout();
?
使用JUnit进行单元测试结果如下:
1. 验证通过:
2017-11-08 16:16:26,891 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini] 2017-11-08 16:16:26,896 DEBUG [org.apache.shiro.config.Ini] - Parsing [users] 2017-11-08 16:16:26,897 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users] 2017-11-08 16:16:26,924 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section. Processing... 2017-11-08 16:16:26,931 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [zhangsan] from doGetAuthenticationInfo 2017-11-08 16:16:26,931 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [zhangsan]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false]. 2017-11-08 16:16:26,931 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 2017-11-08 16:16:26,931 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 2017-11-08 16:16:26,931 DEBUG [org.apache.shiro.authc.AbstractAuthenticator] - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false]. Returned account [zhangsan] 2017-11-08 16:16:26,932 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2017-11-08 16:16:26,932 DEBUG [org.apache.shiro.subject.support.DefaultSubjectContext] - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2017-11-08 16:16:26,932 DEBUG [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - No sessionValidationScheduler set. Attempting to create default instance. 2017-11-08 16:16:26,933 INFO [org.apache.shiro.session.mgt.AbstractValidatingSessionManager] - Enabling session validation scheduler... 2017-11-08 16:16:26,937 DEBUG [org.apache.shiro.session.mgt.DefaultSessionManager] - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 验证成功 2017-11-08 16:16:27,005 DEBUG [org.apache.shiro.mgt.DefaultSecurityManager] - Logging out subject with primary principal zhangsan 2017-11-08 16:16:27,005 DEBUG [org.apache.shiro.session.mgt.AbstractSessionManager] - Stopping session with id [a5706acf-e514-48cb-82de-51fe8bf85883]
?
2. 用户名不存在:
2017-11-08 16:18:23,819 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini] 2017-11-08 16:18:23,824 DEBUG [org.apache.shiro.config.Ini] - Parsing [users] 2017-11-08 16:18:23,826 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users] 2017-11-08 16:18:23,853 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section. Processing... 2017-11-08 16:18:23,864 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [null] from doGetAuthenticationInfo 2017-11-08 16:18:23,864 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - No AuthenticationInfo found for submitted AuthenticationToken [org.apache.shiro.authc.UsernamePasswordToken - zhangsanihfd, rememberMe=false]. Returning null. 验证失败
?
3. 密码错误:
2017-11-08 16:19:42,926 DEBUG [org.apache.shiro.io.ResourceUtils] - Opening resource from class path [shiro.ini] 2017-11-08 16:19:42,930 DEBUG [org.apache.shiro.config.Ini] - Parsing [users] 2017-11-08 16:19:42,931 DEBUG [org.apache.shiro.config.IniFactorySupport] - Creating instance from Ini [sections=users] 2017-11-08 16:19:42,956 DEBUG [org.apache.shiro.realm.text.IniRealm] - Discovered the [users] section. Processing... 2017-11-08 16:19:42,963 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - Looked up AuthenticationInfo [zhangsan] from doGetAuthenticationInfo 2017-11-08 16:19:42,963 DEBUG [org.apache.shiro.realm.AuthenticatingRealm] - AuthenticationInfo caching is disabled for info [zhangsan]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - zhangsan, rememberMe=false]. 2017-11-08 16:19:42,963 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String] 2017-11-08 16:19:42,964 DEBUG [org.apache.shiro.authc.credential.SimpleCredentialsMatcher] - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 验证失败
?
??? 这里用户名、密码仅是通过配置文件写好,验证过程直接通过明文匹配,接下来实现通过Realm配置用户名、密码等信息,通过MD5生成散列信息匹配。
源代码:https://github.com/DesFirefly/shiro
?
相关文章
