@Test

public void testJdbc() {

DefaultSecurityManager securityManager = new DefaultSecurityManager();

JdbcRealm realm = new JdbcRealm();

// JdbcRealm要把數(shù)據(jù)源設(shè)上

realm.setDataSource(dataSource);

// 要查權(quán)限,則要打開開關(guān); 因為默認是關(guān)閉的

realm.setPermissionsLookupEnabled(true);

// 自定義查詢認證的sql語句, 對照著原碼里的格式來寫

String sql = "select admin_password from admin where admin_name = ?";

realm.setAuthenticationQuery(sql);

// 自定義角色查詢

String roleSql = "select rolename from role r, admin a where r.roleid = a.roleid and a.admin_name = ?";

realm.setUserRolesQuery(roleSql);

// 自定義權(quán)限查詢

// String pSql = "select p.pname from admin a, permission p, rolepermission r where a.roleId = r.roleId and r.permissionId = p.permissionId and a.admin_name = ?";

String pSql = "select permission from testrole where user_name = ?";

realm.setPermissionsQuery(pSql);

securityManager.setRealm(realm);

SecurityUtils.setSecurityManager(securityManager);

Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("admin", "1234");

// 認證

subject.login(token);

// 角色認證

subject.checkRole("管理員");

// 權(quán)限認證? <要先打開認證權(quán)限的開關(guān)>

subject.checkPermission("product:manager");

System.out.println("是否認證過:"+subject.isAuthenticated());

}