Java中shiro框架怎么调用

在Java中使用Shiro框架，可以按照以下步骤进行调用：

1. 添加Shiro依赖：在项目的pom.xml文件中添加Shiro相关的依赖，例如：

<dependency>
    <groupId>org.apache.shiro</groupId>
    <artifactId>shiro-core</artifactId>
    <version>1.7.1</version>
</dependency>
<dependency>
    <groupId>org.apache.shiro</groupId>
    <artifactId>shiro-web</artifactId>
    <version>1.7.1</version>
</dependency>

2. 配置Shiro：创建一个Shiro配置类，用于配置Shiro的相关参数，例如：

@Configuration
public class ShiroConfig {

    @Bean
    public Realm realm() {
        return new MyRealm();
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();
        filterFactoryBean.setSecurityManager(securityManager());
        filterFactoryBean.setLoginUrl("/login");
        filterFactoryBean.setUnauthorizedUrl("/unauthorized");

        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        filterChainDefinitionMap.put("/login", "anon");
        filterChainDefinitionMap.put("/logout", "logout");
        filterChainDefinitionMap.put("/**", "authc");

        filterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return filterFactoryBean;
    }

    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm());
        return securityManager;
    }
}

3. 创建自定义的Realm：实现Shiro的Realm接口，用于定义用户的身份认证和权限授权逻辑，例如：

public class MyRealm implements Realm {

    @Override
    public String getName() {
        return "myRealm";
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }

    @Override
    public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String username = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());

        // 根据用户名和密码进行身份认证逻辑

        return new SimpleAuthenticationInfo(username, password, getName());
    }

    @Override
    public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {
        String username = (String) principals.getPrimaryPrincipal();

        // 根据用户名进行权限授权逻辑

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRole("admin");
        authorizationInfo.addStringPermission("user:read");

        return authorizationInfo;
    }
}

4. 使用Shiro：在需要使用Shiro进行身份认证和权限授权的地方，通过SecurityUtils获取Subject对象，然后调用其相应的方法，例如：

Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
subject.login(token);

if (subject.isAuthenticated()) {
    // 身份认证成功的逻辑
} else {
    // 身份认证失败的逻辑
}

if (subject.hasRole("admin")) {
    // 拥有admin角色的逻辑
}

if (subject.isPermitted("user:read")) {
    // 拥有user:read权限的逻辑
}

以上是使用Shiro框架的基本调用方法，具体根据需求可以进行更详细的配置和使用。