Java中shiro框架怎么调用

在Java中使用Shiro框架，可以按照以下步骤进行调用：

1. 添加Shiro依赖：在项目的pom.xml文件中添加Shiro相关的依赖，例如：

<dependency>     <groupId>org.apache.shiro</groupId>     <artifactId>shiro-core</artifactId>     <version>1.7.1</version> </dependency> <dependency>     <groupId>org.apache.shiro</groupId>     <artifactId>shiro-web</artifactId>     <version>1.7.1</version> </dependency> 

2. 配置Shiro：创建一个Shiro配置类，用于配置Shiro的相关参数，例如：

@Configuration public class ShiroConfig {      @Bean     public Realm realm() {         return new MyRealm();     }      @Bean     public ShiroFilterFactoryBean shiroFilterFactoryBean() {         ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();         filterFactoryBean.setSecurityManager(securityManager());         filterFactoryBean.setLoginUrl("/login");         filterFactoryBean.setUnauthorizedUrl("/unauthorized");          Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();         filterChainDefinitionMap.put("/login", "anon");         filterChainDefinitionMap.put("/logout", "logout");         filterChainDefinitionMap.put("/**", "authc");          filterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);         return filterFactoryBean;     }      @Bean     public DefaultWebSecurityManager securityManager() {         DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();         securityManager.setRealm(realm());         return securityManager;     } } 

3. 创建自定义的Realm：实现Shiro的Realm接口，用于定义用户的身份认证和权限授权逻辑，例如：

public class MyRealm implements Realm {      @Override     public String getName() {         return "myRealm";     }      @Override     public boolean supports(AuthenticationToken token) {         return token instanceof UsernamePasswordToken;     }      @Override     public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {         String username = (String) token.getPrincipal();         String password = new String((char[]) token.getCredentials());          // 根据用户名和密码进行身份认证逻辑          return new SimpleAuthenticationInfo(username, password, getName());     }      @Override     public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {         String username = (String) principals.getPrimaryPrincipal();          // 根据用户名进行权限授权逻辑          SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();         authorizationInfo.addRole("admin");         authorizationInfo.addStringPermission("user:read");          return authorizationInfo;     } } 

4. 使用Shiro：在需要使用Shiro进行身份认证和权限授权的地方，通过SecurityUtils获取Subject对象，然后调用其相应的方法，例如：

Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(username, password); subject.login(token);  if (subject.isAuthenticated()) {     // 身份认证成功的逻辑 } else {     // 身份认证失败的逻辑 }  if (subject.hasRole("admin")) {     // 拥有admin角色的逻辑 }  if (subject.isPermitted("user:read")) {     // 拥有user:read权限的逻辑 } 

以上是使用Shiro框架的基本调用方法，具体根据需求可以进行更详细的配置和使用。