1. The implementation class inherits AuthorizingRealm
1. Implement the method doGetAuthenticationInfo and fill in map, realmPrincipals with the defined user entity class;
2. Implement the method doGetAuthorizationInfo and fill in roles and Permissions;
Second, create subject
Provide SecurityUtils getSubject method to create, securityManager.createSubject, and confirm in SubjectContext that securityManager, session and PrincipalCollection already exist in the map. Finally, DefaultWebSubjectFactory creates webDelegatingSubject and saves it in session.
3. Login verification
Login creation, the DelegatingSubject login method executes securityManager login, and the creation is the same as the second step.
4. Logout
The DelegatingSubject logout method executes the securityManager logout, deletes the subject in the session, and stops the session.
5. About ModularRealmAuthenticator
The ModularRealmAuthenticator class is setRealms when the project starts (defined in the first step, is not clear why is injected when the project starts), and the doSingleRealmAuthentication method calls realm doGetAuthorizationInfo
The above is the detailed content of Examples to explain shiro login authentication and permission control. For more information, please follow other related articles on the PHP Chinese website!
How to solve the problem that laptop network sharing does not have permissions?
Python thread pool and its principles and uses
How to connect to access database in vb
How to solve the "NTLDR is missing" error on your computer
Common tools for software testing
Session failure solution
Can Douyin recharge phone bills be refunded?
What is the appropriate virtual memory setting?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
