File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 2929### Shiro 功能
3030
3131<p align =" center " >
32- <img src =" https://raw.githubusercontent.com/dunwu/java-stack /master/images/javatool /shiro/shiro-features.png " >
32+ <img src =" https://raw.githubusercontent.com/dunwu/java-web /master/images/standalone/security /shiro/shiro-features.png " >
3333</p >
3434
3535- ** Authentication** - 身份认证/登录,验证用户是不是拥有相应的身份;
@@ -48,15 +48,15 @@ tags:
4848### Shiro 架构
4949
5050<p align =" center " >
51- <img src =" https://raw.githubusercontent.com/dunwu/java-stack /master/images/javatool /shiro/ShiroBasicArchitecture.png " >
51+ <img src =" https://raw.githubusercontent.com/dunwu/java-web /master/images/standalone/security /shiro/ShiroBasicArchitecture.png " >
5252</p >
5353
5454- ** Subject** - 主体,代表了当前“用户”,这个用户不一定是一个具体的人,与当前应用交互的任何东西都是 Subject,如网络爬虫,机器人等;即一个抽象概念;所有 Subject 都绑定到 SecurityManager,与 Subject 的所有交互都会委托给 SecurityManager;可以把 Subject 认为是一个门面;SecurityManager 才是实际的执行者;
5555- ** SecurityManager** - 安全管理器;即所有与安全有关的操作都会与 SecurityManager 交互;且它管理着所有 Subject;可以看出它是 Shiro 的核心,它负责与后边介绍的其他组件进行交互,如果学习过 SpringMVC,你可以把它看成 DispatcherServlet 前端控制器;
5656- ** Realm** - 域,Shiro 从从 Realm 获取安全数据(如用户、角色、权限),就是说 SecurityManager 要验证用户身份,那么它需要从 Realm 获取相应的用户进行比较以确定用户身份是否合法;也需要从 Realm 得到用户相应的角色/权限进行验证用户是否能进行操作;可以把 Realm 看成 DataSource,即安全数据源。
5757
5858<p align =" center " >
59- <img src =" https://raw.githubusercontent.com/dunwu/java-stack /master/images/javatool /shiro/ShiroArchitecture.png " >
59+ <img src =" https://raw.githubusercontent.com/dunwu/java-web /master/images/standalone/security /shiro/ShiroArchitecture.png " >
6060</p >
6161
6262- ** Subject** - 主体,可以看到主体可以是任何可以与应用交互的“用户”;
You can’t perform that action at this time.
0 commit comments