???????
????Apache Shiro???????????????Java???????????????????????????????????????Shiro??????????API????????????????????κ???ó???????С???????ó????????????????ó???
???????????

????Authentication??????? Authorization??????? Session Management????????? Cryptography??????? ?????????????

??????????????????????? ????
????<dependency>
????<groupId>org.apache.shiro</groupId>
????<artifactId>shiro-core</artifactId>
????<version>1.3.2</version>
????<exclusions>
????<exclusion>
????<groupId>org.slf4j</groupId>
????<artifactId>slf4j-api</artifactId>
????</exclusion>
????</exclusions>
????</dependency>
????<dependency>
????<groupId>org.slf4j</groupId>
????<artifactId>slf4j-log4j12</artifactId>
????<version>1.7.23</version>
????</dependency>
???????????
????shiro.ini
????# ??????????????????????/???????????????
????[users]
????lee=123456
????log4j.properties
????#
????# Licensed to the Apache Software Foundation (ASF) under one
????# or more contributor license agreements.  See the NOTICE file
????# distributed with this work for additional information
????# regarding copyright ownership.  The ASF licenses this file
????# to you under the Apache License?? Version 2.0 (the
????# "License"); you may not use this file except in compliance
????# with the License.  You may obtain a copy of the License at
????#
????#     http://www.apache.org/licenses/LICENSE-2.0
????#
????# Unless required by applicable law or agreed to in writing??
????# software distributed under the License is distributed on an
????# "AS IS" BASIS?? WITHOUT WARRANTIES OR CONDITIONS OF ANY
????# KIND?? either express or implied.  See the License for the
????# specific language governing permissions and limitations
????# under the License.
????#
????log4j.rootLogger=INFO?? stdout
????log4j.appender.stdout=org.apache.log4j.ConsoleAppender
????log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
????log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n
????# General Apache libraries
????log4j.logger.org.apache=WARN
????# Spring
????log4j.logger.org.springframework=WARN
????# Default Shiro logging
????log4j.logger.org.apache.shiro=TRACE
????# Disable verbose logging
????log4j.logger.org.apache.shiro.util.ThreadContext=WARN
????log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN
????HelloShiro.java
????import org.apache.shiro.SecurityUtils;
????import org.apache.shiro.authc.AuthenticationException;
????import org.apache.shiro.authc.UsernamePasswordToken;
????import org.apache.shiro.config.IniSecurityManagerFactory;
????import org.apache.shiro.mgt.SecurityManager;
????import org.apache.shiro.subject.Subject;
????import org.apache.shiro.util.Factory;
????public class HelloShiro {
????public static void main(String[] args) {
????// ????????????????? SecurityManager ????
????Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
????// ??? SecurityManager ???
????SecurityManager securityManager = factory.getInstance();
????// ?? SecurityManager ??????? SecurityUtils
????SecurityUtils.setSecurityManager(securityManager);
????// ????????е????
????Subject currentUser = SecurityUtils.getSubject();
????// ???? token ??????????/????
????UsernamePasswordToken token = new UsernamePasswordToken("lee"??
????"123456");
????try {
????// ???
????currentUser.login(token);
????System.out.println("?????????");
????} catch (AuthenticationException e) {
????e.printStackTrace();
????System.out.println("?????????");
????}
????// ???
????currentUser.logout();
????}
????}
??????г??

???????????????????????????

??????????????? Shiro ?????
????????????????????
???????????????????????
????????
????<dependency>
????<groupId>com.mchange</groupId>
????<artifactId>c3p0</artifactId>
????<version>0.9.5.2</version>
????</dependency>
????<dependency>
????<groupId>mysql</groupId>
????<artifactId>mysql-connector-java</artifactId>
????<version>5.1.39</version>
????</dependency>
????<!-- org.apache.shiro.util.AbstractFactory.getInstance??? -->
????<dependency>
????<groupId>commons-logging</groupId>
????<artifactId>commons-logging</artifactId>
????<version>1.2</version>
????</dependency>
???????????
????jdbcRealm.ini
????[main]
????# ??????????????????
????jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
????# ?????
????dataSource=com.mchange.v2.c3p0.ComboPooledDataSource
????dataSource.driverClass=com.mysql.jdbc.Driver
????dataSource.jdbcUrl=jdbc:mysql://localhost:3306/java
????dataSource.user=root
????dataSource.password=root
????# ???? jdbcRealm ?????
????jdbcRealm.dataSource=$dataSource
????# ???? securityManager ?? realm???????????
????securityManager.realms=$jdbcRealm
????SQL ???
???????д SQL ???????£?Shiro ?????????????????????users???????????????????username??password????????£?

????JdbcShiro.java
????// ?????????????????????????????????? HelloShrio ???????
????Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:jdbcRealm.ini");
?????????????????
???????????????????????????????
????ShiroUtils.java
????import org.apache.shiro.SecurityUtils;
????import org.apache.shiro.authc.AuthenticationException;
????import org.apache.shiro.authc.UsernamePasswordToken;
????import org.apache.shiro.config.IniSecurityManagerFactory;
????import org.apache.shiro.mgt.SecurityManager;
????import org.apache.shiro.subject.Subject;
????import org.apache.shiro.util.Factory;
????public class ShiroUtils {
????public static Subject login(String iniResourcePath?? String username?? String password) {
????// ????????????????? SecurityManager ????
????Factory<SecurityManager> factory = new IniSecurityManagerFactory(iniResourcePath);
????// ??? SecurityManager ???
????SecurityManager securityManager = factory.getInstance();
????// ?? SecurityManager ??????? SecurityUtils
????SecurityUtils.setSecurityManager(securityManager);
????// ????????е????
????Subject currentUser = SecurityUtils.getSubject();
????// ???? token ??????????/????
????UsernamePasswordToken token = new UsernamePasswordToken(username?? password);
????try {
????// ???
????currentUser.login(token);
????System.out.println("?????????");
????} catch (AuthenticationException e) {
????e.printStackTrace();
????System.out.println("?????????");
????}
????return currentUser;
????}
????}