這篇文章主要講解了“Shiro核心類有哪些”��,文中的講解內(nèi)容簡(jiǎn)單清晰���,易于學(xué)習(xí)與理解,下面請(qǐng)大家跟著小編的思路慢慢深入�,一起來(lái)研究和學(xué)習(xí)“Shiro核心類有哪些”吧!
成都創(chuàng)新互聯(lián)是專業(yè)的休寧縣網(wǎng)站建設(shè)公司�,休寧縣接單;提供成都網(wǎng)站建設(shè)、網(wǎng)站制作,網(wǎng)頁(yè)設(shè)計(jì),網(wǎng)站設(shè)計(jì),建網(wǎng)站,PHP網(wǎng)站建設(shè)等專業(yè)做網(wǎng)站服務(wù);采用PHP框架,可快速的進(jìn)行休寧縣網(wǎng)站開(kāi)發(fā)網(wǎng)頁(yè)制作和功能擴(kuò)展;專業(yè)做搜索引擎喜愛(ài)的網(wǎng)站,專業(yè)的做網(wǎng)站團(tuán)隊(duì),希望更多企業(yè)前來(lái)合作!
一:SessionManager
1.簡(jiǎn)介
Shiro提供了完整的會(huì)話管理功能����,不依賴底層容器�����,JavaSE應(yīng)用和JavaEE應(yīng)用都可以使用���。
SessionManager管理著應(yīng)用中所有Subject的會(huì)話��,包括會(huì)話的創(chuàng)建���,維護(hù),刪除�����,失效,驗(yàn)證等工作���。
2.SessionManager接口
Session start(SessionContext context); 基于指定的上下文初始化數(shù)據(jù)啟動(dòng)新會(huì)話
Session getSession(SessionKey key) throws SessionException;
根據(jù)指定的SessionKey檢索會(huì)話���,如果找不到則返回null。如果找到了會(huì)話����,但會(huì)話但無(wú)效(已停止或已過(guò)期)則拋出SessionException異常。
3.AbstractSessionManager implements SessionManager
public void setGlobalSessionTimeout(long globalSessionTimeout)
設(shè)置全局Session的超時(shí)時(shí)間�����,默認(rèn)為30分鐘��。設(shè)置為負(fù)數(shù)表示永遠(yuǎn)都不超時(shí)���。
4.AbstractValidatingSessionManager extends AbstractNativeSessionManager
protected boolean sessionValidationSchedulerEnabled;
是否進(jìn)行Session驗(yàn)證
protected long sessionValidationInterval;
Session驗(yàn)證的時(shí)間間隔�,默認(rèn)為一小時(shí)
5.public class DefaultSessionManager extends AbstractValidatingSessionManager
private boolean deleteInvalidSessions;
是否刪除無(wú)效的Session
6.public class DefaultWebSessionManager extends DefaultSessionManager
private boolean sessionIdCookieEnabled;
是否從Cookie中獲取sessionId
private boolean sessionIdUrlRewritingEnabled;
二:AuthenticationToken
AuthenticationToken 用于收集用戶提交的身份(如用戶名)及憑據(jù)(如密碼)�����。Shiro會(huì)調(diào)用CredentialsMatcher對(duì)象的
doCredentialsMatch方法對(duì)AuthenticationInfo對(duì)象和AuthenticationToken進(jìn)行匹配�����。匹配成功則表示主體(Subject)認(rèn)證成功,否則表示認(rèn)證失敗���。
一般情況下UsernamePasswordToken已經(jīng)可以滿足我們的大我數(shù)需求�。當(dāng)我們遇到需要聲明自己的Token類時(shí)���,可以根據(jù)需求來(lái)實(shí)現(xiàn)AuthenticationToken�,
HostAuthenticationToken或RememberMeAuthenticationToken����。
三:Realm
Realm是安全驗(yàn)證數(shù)據(jù)的數(shù)據(jù)源�。
1.public interface Realm
String getName();
boolean supports(AuthenticationToken token);
AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException;
四:Subject與SubjectFactory
1.public interface Subject
一個(gè)Subject代表著應(yīng)用的一個(gè)用戶。
Object getPrincipal();
Subject的唯一標(biāo)識(shí)�����,比如用戶名����,用戶ID,手機(jī)號(hào)等
PrincipalCollection getPrincipals();
boolean isPermitted(String permission);
boolean isPermitted(Permission permission);
boolean[] isPermitted(String... permissions);
boolean[] isPermitted(List permissions);
void checkPermission(String permission) throws AuthorizationException;
void checkRole(String roleIdentifier) throws AuthorizationException;
void login(AuthenticationToken token) throws AuthenticationException;
boolean isAuthenticated();
boolean isRemembered();
2.public interface WebSubject extends Subject, RequestPairSource
ServletRequest getServletRequest();
ServletResponse getServletResponse();
3.public class DelegatingSubject implements Subject
protected PrincipalCollection principals;
protected boolean authenticated;
protected String host;
protected Session session;
protected boolean sessionCreationEnabled;
protected transient SecurityManager securityManager;
4.public class WebDelegatingSubject extends DelegatingSubject implements WebSubject
5.public interface SubjectContext extends Map
SubjectContext 將構(gòu)建Subject的所有屬性都組織到一起��,然后傳遞給一個(gè)SubjectFactory,用于構(gòu)成一個(gè)Subject.
6.public interface SubjectFactory
Subject createSubject(SubjectContext context);
創(chuàng)建Subject
7.public class DefaultSubjectFactory implements SubjectFactory
8.public class DefaultWebSubjectFactory extends DefaultSubjectFactory
五:SecurityManager
1.public interface SecurityManager extends Authenticator, Authorizer, SessionManager
Subject login(Subject subject, AuthenticationToken authenticationToken) throws AuthenticationException;
登錄
void logout(Subject subject);
登出
Subject createSubject(SubjectContext context);
2.public abstract class CachingSecurityManager implements SecurityManager, Destroyable, CacheManagerAware, EventBusAware
private CacheManager cacheManager;
private EventBus eventBus;
3.public abstract class RealmSecurityManager extends CachingSecurityManager
private Collection realms;
權(quán)限集合realms
4.public abstract class AuthenticatingSecurityManager extends RealmSecurityManager
private Authenticator authenticator;
SecurityManager用于身份驗(yàn)證操作的具體實(shí)例
5.public abstract class AuthorizingSecurityManager extends AuthenticatingSecurityManager
private Authorizer authorizer;
SecurityManager用于授權(quán)操作的具體實(shí)例
6.public abstract class SessionsSecurityManager extends AuthorizingSecurityManager
private SessionManager sessionManager;
SecurityManager用于管理所有Session的具體實(shí)例。
7.public class DefaultSecurityManager extends SessionsSecurityManager
protected RememberMeManager rememberMeManager;
記著引用中與當(dāng)前Subject關(guān)聯(lián)的Seeion,免重新登錄
protected SubjectDAO subjectDAO;
Subject的持久化存儲(chǔ)
protected SubjectFactory subjectFactory;
創(chuàng)建應(yīng)用Subject的工廠
8.public class DefaultWebSecurityManager extends DefaultSecurityManager implements WebSecurityManager
boolean isHttpSessionMode();
是否使用Servlet 容器的HttpSession
感謝各位的閱讀���,以上就是“Shiro核心類有哪些”的內(nèi)容了��,經(jīng)過(guò)本文的學(xué)習(xí)后��,相信大家對(duì)Shiro核心類有哪些這一問(wèn)題有了更深刻的體會(huì)�����,具體使用情況還需要大家實(shí)踐驗(yàn)證�。這里是創(chuàng)新互聯(lián)�����,小編將為大家推送更多相關(guān)知識(shí)點(diǎn)的文章����,歡迎關(guān)注!
網(wǎng)站題目:Shiro核心類有哪些
分享地址:
http://weahome.cn/article/johgee.html
重慶分公司
重慶分公司
