使用Shiro,原来写了一个基类,通过SecurityUtils.getSubject().getPrincipal()获取授权用户信息,一直用得好好的,突然有人和我说一个方法不行,其它方法都可以,我想到没有获取到授权信息...注:点击getPrincipal进入源码,可看到如下说明: ?
= null && subject.isPermitted(permission); } /** * 是否拥有该权限 * * @param permission...= null && subject.isPermitted(permission); } } ShiroUtils工具类 import org.apache.shiro.SecurityUtils...().getPrincipal(); } public static Long getUserId() { return getUserEntity().getUserId...().getPrincipal() !...= null; } public static void logout() { SecurityUtils.getSubject().logout(); }
Directiv形式 public class GuestTag extends Directiv { private Subject getSubject() { return SecurityUtils.getSubject...|| getSubject().getPrincipal() == null) stat.exec(env, scope, writer); } public...extends Directiv { private Expr[] exprs; private Subject getSubject() { return SecurityUtils.getSubject...body #end 共享对象扩展 使用这种形式就更舒服了 public class ShiroTag { private Subject getSubject() { return SecurityUtils.getSubject...(); } public boolean isGuest() { return getSubject() == null || getSubject().getPrincipal
SecurityUtils.getSubject().getPrincipal()返回类型; 问题2....Shiro如何利用session保持会话 ---- 我们常用 SecurityUtils.getSubject().getPrincipal();获取当前登录用户信息,但是这个方法是如何获得用户信息的?...SecurityUtils.getSubject().getPrincipal()返回类型; 查看源码得知它是Object,但是实际上,他的返回类型由我们控制。...().getPrincipal()将得到User类。...().getPrincipal()将得到字符串。
String username = ""; if (SecurityUtils.getSubject().getPrincipal() !...= null) { username = ((User) SecurityUtils.getSubject().getPrincipal()).getUsername();
UnknownAccountException uae) { log.info("There is no user with username of " + token.getPrincipal...catch (IncorrectCredentialsException ice) { log.info("Password for account " + token.getPrincipal...} catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal...(); user currentUser = (user) subject.getPrincipal(); //授权角色 info.addStringPermission...--从session中判断值--> 登录
授权的方式 shiro支持三种方式的授权: 代码触发 通过写if/else 授权代码块完成 Subject subject = SecurityUtils.getSubject(); if(subject.hasRole...对象添加到当前运行环境中 SecurityUtils.setSecurityManager(securityManager); // 4.获取Subject对象 Subject subject = SecurityUtils.getSubject...()+"是否具有role1角色:"+subject.hasRole("role1")); System.out.println(subject.getPrincipal()+"是否具有role3角色:...()+"是否具有user:create权限:"+subject.isPermitted("user:create")); System.out.println(subject.getPrincipal...对象添加到当前运行环境中 SecurityUtils.setSecurityManager(securityManager); // 4.获取Subject对象 Subject subject = SecurityUtils.getSubject
NULL COMMENT '密码', `rid` BIGINT(20) DEFAULT NULL COMMENT '角色编号', PRIMARY KEY (`id`) ) ENGINE=INNODB...= null) { AuthenticationInfo info = new SimpleAuthenticationInfo( token.getPrincipal...public String userLogin(String name, String pwd) { //1 获取 Subject 对象 Subject subject = SecurityUtils.getSubject...String pwd, HttpSession session) { //1 获取 Subject 对象 Subject subject = SecurityUtils.getSubject...方法进行登录认证 try { subject.login(token); session.setAttribute("user", token.getPrincipal
String login(Blogger blogger,HttpServletRequest request){ //shiro身份验证 Subject subject = SecurityUtils.getSubject...AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { return null...AuthenticationToken token) throws AuthenticationException { String userName = (String) token.getPrincipal...= null){ //存在该用户名 SecurityUtils.getSubject().getSession().setAttribute("currentUser...blogger.getUserName(), blogger.getPassword(),"any"); return authcInfo; }else{ return null
{ SysUserEntity user = (SysUserEntity)principals.getPrimaryPrincipal(); if(user == null...SysUserEntity user = sysUserMapper.selectOne(token.getUsername()); //账号不存在 if(user == null...().getPrincipal(); } public static Long getUserId() { return getUserEntity().getUserId...().getPrincipal() !...= null; } public static void logout() { SecurityUtils.getSubject().logout(); } }
SecurityUtils.setSecurityManager(defaultSecurityManager); //获取主体对象 Subject subject = SecurityUtils.getSubject...AuthenticationToken token) throws AuthenticationException { String principal = (String) token.getPrincipal...SecurityUtils.setSecurityManager(defaultSecurityManager); //获取主体对象 Subject subject = SecurityUtils.getSubject...AuthenticationToken token) throws AuthenticationException { String principal = (String) token.getPrincipal...SecurityUtils.setSecurityManager(defaultSecurityManager); //获取主体对象 Subject subject = SecurityUtils.getSubject
AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null...doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { return null...userRealm(){ return new UserRealm(); } } shiro使用方法 基本配置 获取当前subject Subject subject = SecurityUtils.getSubject...token.getUsername().equals(userName)) { return null; } //可将用户信息对象存入第一个参数内 return...(); //获取用户信息 Blogger blogger = (Blogger) subject.getPrincipal(); //判断是否为root用户 //真实项目中通过判断数据库字段权限类型
Quickstart.java // get the currently executing user: Subject currentUser = SecurityUtils.getSubject...(); 使用SecurityUtils.getSubject(),我们可以得到当前正在执行的主题。...UnknownAccountException uae) { log.info("There is no user with username of " + token.getPrincipal...catch (IncorrectCredentialsException ice) { log.info("Password for account " + token.getPrincipal...} catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal
SecurityUtils.setSecurityManager(securityManager); // 获取当前认证主体 Subject subject = SecurityUtils.getSubject...SecurityUtils.setSecurityManager(securityManager); // 获取当前认证主体 Subject subject = SecurityUtils.getSubject...usernamePasswordToken); System.out.println(subject.isAuthenticated()); System.out.println(subject.getPrincipal...()); System.out.println(subject.getPrincipal() + "是否拥有ADMIN角色:" + subject.hasRole("ADMIN"));...} } 执行测试,查看控制台打印,说明权限授予成功 Section 04 - Subject 用户主体Subject Subject常用方法: getPrincipal(): 返回用户在应用中唯一的用户名
调用 SecurityUtils.getSubject(); Subject currentUser = SecurityUtils.getSubject(); // 测试使用...catch (UnknownAccountException uae) { log.info("---->没有查询到用户名" + token.getPrincipal()...catch (IncorrectCredentialsException ice) { log.info("----> 用户的密码错误 " + token.getPrincipal...(AuthenticationException ae) { } } log.info("----> 用户 [" + currentUser.getPrincipal...调用 SecurityUtils.getSubject(),获取当前的 Subject.; 2. 调用 Subject 的 isAuthenticated() 测试有没有登录。 3.
@boot 中filter SecurityUtils.getSubject()No SecurityManager accessible 场景: * 在spring boot +spring...shiro * 自定义filter的拦截器 并从doFilter中调用 SecurityUtils.getSubject().getPrincipal() * 抛出 * No
let's see what you can do: // get the currently executing user: Subject currentUser = SecurityUtils.getSubject...} catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal...public String login(String username, String password, Model model){ //获取当前用户 Subject subject = SecurityUtils.getSubject...SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); // 数据库中加入一个权限字段,可以这样查找 Subject subject = SecurityUtils.getSubject...(); //认证部分传入,可以获取 User principal = (User) subject.getPrincipal(); info.addStringPermission
} return false; } Boolean isAjax = isAjax(request); if (subject.getPrincipal...(); if (subject.isAuthenticated()) { return (String)subject.getPrincipal();...UserEntity getLoginUser() { Subject subject = SecurityUtils.getSubject(); if (subject.isAuthenticated...null : (UserEntity)loginUser; } return null; } /** * 获取当前登陆用户id *...= null) { return user.getId(); } return null; } /** * 获取当前用户是否登陆
领取专属 10元无门槛券
手把手带您无忧上云