Shiro笔记(三)授权
生活随笔
收集整理的這篇文章主要介紹了
Shiro笔记(三)授权
小編覺得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
Shiro筆記(三)授權(quán)
一、授權(quán)方式
1.編程式:
1 Subject subject=SecurityUtils.getSubject(); 2 if(subject.hasRole("root")){ 3 //有權(quán)限 4 } else { 5 //無權(quán)限 6 }2.注解式:
1 @RequiresRoles("admin") 2 public void hello(){ 3 //有權(quán)限才執(zhí)行 4 }3.JSP標(biāo)簽:
1 <shiro:hasRole name="root"> 2 3 <!--有權(quán)限--> 4 </shiro:hasRole>?
二、授權(quán)
1.基于角色的訪問控制
規(guī)則:用戶名=密碼,角色1,角色2......
shiro-role.ini文件:
1 [users] 2 tang=123,role1,role2 3 wang=321,role1核心代碼:
1 /** 2 * @author Tang Jiujia 3 * @since 2017-10-16 4 */ 5 public class RoleTest extends BaseTest{ 6 7 @Test 8 public void testHasRole(){ 9 login("src/main/shiro-role.ini","tang","123"); 10 Subject subject= SecurityUtils.getSubject(); 11 Assert.assertTrue(subject.hasRole("role1")); 12 Assert.assertTrue(subject.hasAllRoles(Arrays.asList("role1","role2"))); 13 boolean[] hasRoles = subject.hasRoles(Arrays.asList("role1", "role2", "role3")); 14 15 for (int i=0;i<3;i++){ 16 if (hasRoles[i]==true){ 17 System.out.println("We have role"+(i+1)); 18 }else { 19 System.out.println("We don't have role"+(i+1)); 20 } 21 } 22 } 23 } 1 //checkRole與前面的hasRole不同的地方在于判斷為假時(shí)會(huì)拋UnauthorizedException 2 @Test(expected = UnauthorizedException.class) 3 public void testCheckRole(){ 4 login("src/main/shiro-role.ini","tang","123"); 5 Subject subject= SecurityUtils.getSubject(); 6 subject.checkRole("role1"); 7 subject.checkRoles("role1","role5"); 8 }?
2.基于資源的訪問控制
規(guī)則:用戶名=密碼,角色1,角色2 ? ? ? ? ? ?角色=權(quán)限1,權(quán)限2
1 [users] 2 tang=123,role1,role2 3 wang=321,role2 4 [roles] 5 role1=root:create,root:add,root:update 6 role2=root:delete,root:update核心代碼:
1 /** 2 * @author Tang Jiujia 3 * @since 2017-10-16 4 */ 5 public class PermissionTest extends BaseTest{ 6 7 @Test 8 public void testIsPermission(){ 9 login("src/main/shiro-permission.ini","tang","123456"); 10 Subject subject = SecurityUtils.getSubject(); 11 if (subject.isPermitted("root:add1")) { 12 System.out.println("have add"); 13 } else { 14 System.out.println("do not have add"); 15 } 16 if (subject.isPermitted("root:update")) System.out.println("Have update permission"); 17 } 18 19 @Test 20 public void testCheckPermission(){ 21 login("src/main/shiro-permission.ini","tang","123456"); 22 Subject subject = SecurityUtils.getSubject(); 23 subject.checkPermission("root:add"); 24 } 25 }轉(zhuǎn)載于:https://www.cnblogs.com/Shadowplay/p/7676578.html
總結(jié)
以上是生活随笔為你收集整理的Shiro笔记(三)授权的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 【Luogu1937】仓配置(贪心,线段
- 下一篇: 【Python】学习笔记五:缩进与选择