Apache Shiro Learning Record 2

After writing the last essay (link) ..... I also want to try to write a strategy ... Shiro with 3 strategy, the author of the Tutorial (link) also gave 2 ... I want to write a different strategy ..... It seems to look .... decided to write a lastsuccessfulstrategy. As the name implies, return to the last realm to verify the success of the AuthenticationInfo information ...

1  PackageCom.github.zhangkaitao.shiro.chapter2.authenticator.strategy;2 3 Importorg.apache.shiro.authc.AuthenticationException;4 ImportOrg.apache.shiro.authc.AuthenticationInfo;5 ImportOrg.apache.shiro.authc.AuthenticationToken;6 ImportOrg.apache.shiro.authc.pam.AbstractAuthenticationStrategy;7 ImportOrg.apache.shiro.realm.Realm;8 Importorg.apache.shiro.util.CollectionUtils;9 Ten  Public classLastsuccessfulstrategyextendsAbstractauthenticationstrategy { One @Override A     protectedauthenticationinfo Merge (authenticationinfo info, - authenticationinfo Aggregate) { -         //TODO auto-generated Method Stub the         if(Info! =NULL&&!Collectionutils.isempty (Info.getprincipals ())) -             returninfo; -         Else -             returnaggregate; +     } -  + @Override A      Publicauthenticationinfo afterattempt (Realm Realm, at Authenticationtoken token, AuthenticationInfo singlerealminfo, - AuthenticationInfo Aggregateinfo, Throwable t) -             throwsauthenticationexception { -         //TODO auto-generated Method Stub -         returnmerge (Singlerealminfo, aggregateinfo); -     } in      - @Override to      PublicAuthenticationInfo afterallattempts (Authenticationtoken token, authenticationinfo aggregate)throwsauthenticationexception { +         //we know if one or more were able to succesfully authenticate if the aggregated account object does not -         //contain null or empty data: the         if(Aggregate = =NULL||Collectionutils.isempty (Aggregate.getprincipals ())) { *             Throw NewAuthenticationexception ("Authentication token of type [" + token.getclass () + "]" + $"Could not being authenticated by any configured realms. Please ensure this at least one realm can "+Panax Notoginseng"Authenticate these tokens."); -         } the  +         returnaggregate; A     } the}

My idea is this ... As long as the info returned by realm is not empty, store it as a aggregate ... Otherwise directly return aggregate .... So I override the Merge method ... and call it in afterattemp ....

After all realms have been processed. If aggregate is null ... Indicates that all realms have failed to verify ... Then the exception should be thrown .... Here logic I will directly copy the Atleastonesuccessfulstrategy class code ...

The test code directly modifies the tutorial.

1 @Test2      Public voidtestHelloworld2 () {3         //1. Get SecurityManager factory, use INI configuration file to initialize SecurityManager4Factory<org.apache.shiro.mgt.securitymanager> Factory =NewInisecuritymanagerfactory (5"Classpath:shiro2.ini");6 7         //2. Get SecurityManager instance and bind to Securityutils8Org.apache.shiro.mgt.SecurityManager SecurityManager =Factory9 . getinstance ();Ten Securityutils.setsecuritymanager (SecurityManager); One  A         //3. Get subject and create username/password Authentication token (i.e. user identity/credentials) -Subject Subject =Securityutils.getsubject (); -Usernamepasswordtoken token =NewUsernamepasswordtoken ("Zhang", "123"); the  -         Try { -             //4. Login, that is, authentication - Subject.login (token); +         } -         Catch(authenticationexception e) { +             //5. Authentication failed A         } at  -Assert.assertequals (true, subject.isauthenticated ());//assert that the user is logged in - System.out.println (Subject.getprincipal ()); -  -         //6. Exit - subject.logout (); in}

Shiro2.ini also modified from tutorial

1 [main]2 #指定securityManager的authenticator实现3Authenticator=Org.apache.shiro.authc.pam.ModularRealmAuthenticator4Securitymanager.authenticator=$authenticator5 6 #指定securityManager. Authenticator's Authenticationstrategy7lastsuccessfulstrategy=Org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy8securitymanager.authenticator.authenticationstrategy=$lastSuccessfulStrategy9 Tenmyrealm1=COM.GITHUB.ZHANGKAITAO.SHIRO.CHAPTER2.REALM.MYREALM1 OneMyrealm2=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm2 Amyrealm3=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm3 -securitymanager.realms= $myRealm 1, $myRealm 3, $myRealm 2

3 Realms I will not post ... And the tutorial is the same ....

So my own lastsuccessfulstrategy strategy is finished O (∩_∩) o ha!

Apache Shiro Learning Record 2