                        課程
                    
                        /后端開發(fā)
                        
                            /Java
                        
                        /Shiro安全框架入門

jdbcRealm 獲取permission subject.isPermitted("user:delete")總是false

//權(quán)限查詢
String?permissionSql="SELECT?t1.permission?FROM?roles_permissions?t1?INNER?JOIN?test_user_role?t2?"?+
????????"ON?t1.rolename=?t2.rolename?"?+
????????"AND?t2.username=??";
jdbcRealm.setPermissionsQuery(permissionSql);


//1.?構(gòu)建securityManager環(huán)境
DefaultSecurityManager?defaultSecurityManager=new?DefaultSecurityManager();
defaultSecurityManager.setRealm(jdbcRealm);
//2.?主體提交認(rèn)證請求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject?subject=SecurityUtils.getSubject();

UsernamePasswordToken?token?=new?UsernamePasswordToken("xiaoming","123");
//subject.login(token);

//System.out.println("loginresult:"+subject.isAuthenticated());
//System.out.println("++++");
//subject.checkRole("user");
//System.out.println("roleresult:"+subject.hasRole("user"));

//System.out.println("=====");
System.out.println("permissionresult:"+subject.isPermitted("user:delete"));

輸出結(jié)果：

permissionresult:false

這個permission結(jié)果怎么總是false？數(shù)據(jù)庫中執(zhí)行這個sql 結(jié)果就是 user:delete 。但是這里執(zhí)行就是false

求講解