原代碼: `ini配置文件(shiro-authenticator-all-success.ini) Java代碼 指定securityManager的authenticator實現(xiàn) authenticator=org.apache.shiro.authc.pam.ModularRealmAuthenticator securityManager.authenticator=$authenticator 指定securityManager.authenticator的authenticationStrategy allSuccessfulStrategy=org.apache.shiro.authc.pam.AllSuccessfulStrategy securityManager.authenticator.authenticationStrategy=$allSuccessfulStrategy Java代碼 收藏代碼myRealm1=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm1 myRealm2=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm2 myRealm3=com.github.zhangkaitao.shiro.chapter2.realm.MyRealm3 securityManager.realms=$myRealm1,$myRealm3 ` 2.1、首先通用化登錄邏輯 Java代碼 收藏代碼 private void login(String configFile) { //1、獲取SecurityManager工廠，此處使用Ini配置文件初始化SecurityManager Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory(configFile); //2、得到SecurityManager實例 并綁定給SecurityUtils org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); //3、得到Subject及創(chuàng)建用戶名/密碼身份驗證Token（即用戶身份/憑證） Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("zhang", "123"); subject.login(token); } 2.2、測試AllSuccessfulStrategy成功： Java代碼 收藏代碼 @Test public void testAllSuccessfulStrategyWithSuccess() { login("classpath:shiro-authenticator-all-success.ini"); Subject subject = SecurityUtils.getSubject(); //得到一個身份集合，其包含了Realm驗證成功的身份信息 PrincipalCollection principalCollection = subject.getPrincipals(); Assert.assertEquals(2, principalCollection.asList().size()); } 即PrincipalCollection包含了zhang和zhang@163.com身份信息。 github上的代碼我也弄下來了,確實是兩條身份信息,但是我自己跟著寫的怎么是一條呢?沒有那個zhangsan@163.comzhe'tiao 原文鏈接 我自己的: /** * 通用化登陸邏輯 */ private void login(String configFile) { //獲取安安全管理器工廠 Factory<SecurityManager> factory = new IniSecurityManagerFactory(configFile); //得到securityManager實力并綁定給securityUtils SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); //得到subject及創(chuàng)建賬號密碼身份驗證token Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123"); //登陸 subject.login(token); } /** * 測試AllSuccessfulStrategy成功 */ @Test public void testAllSuccessfulStrategyWithFail() { login("classpath:shiro-authenticator-all-success.ini"); Subject subject = SecurityUtils.getSubject(); //得到一個身份集合,其中包含了realm驗證成功的身份信息 PrincipalCollection principals = subject.getPrincipals(); List list = principals.asList(); } [main] #指定securityManager的authenticator實現(xiàn) authenticator=org.apache.shiro.authc.pam.ModularRealmAuthenticator securityManager.authenticator=$authenticator #指定securityManager.authenticator的authenticationStrategy allSuccessfulStrategy=org.apache.shiro.authc.pam.AllSuccessfulStrategy securityManager.authenticator.authenticationStrategy=$allSuccessfulStrategy myRealm1=com.rxiao.demo2.L2_MyRealm1 myRealm2=com.rxiao.demo2.L3_MyRealm2 myRealm3=com.rxiao.demo2.L4_MyRealm3 securityManager.realms=$myRealm1,$myRealm3