[关闭]
@coldxiangyu 2017-06-06T03:16:33.000000Z 字数 130754 阅读 1541

Shiro使用总结

WEB框架


本文参考http://guoyiqi.iteye.com/blog/1198685,该文内容很好,无奈排版实在太差,故在此重新进行整理。

我们首先了解下什么是shiro,Shiro 是 JAVA 世界中新近出现的权限框架,较之 JAAS 和 Spring Security,Shiro 在保持强大功能的同时,还在简单性和灵活性方面拥有巨大优势。
Shiro 是一个强大而灵活的开源安全框架,能够非常清晰的处理认证、授权、管理会话以及密码加密。如下是它所具有的特点:
1. 易于理解的 Java Security API;
2. 简单的身份认证(登录),支持多种数据源(LDAP,JDBC,Kerberos,ActiveDirectory 等);
3. 对角色的简单的签权(访问控制),支持细粒度的签权;
4. 支持一级缓存,以提升应用程序的性能;
5. 内置的基于 POJO 企业会话管理,适用于 Web 以及非 Web 的环境;
6. 异构客户端会话访问;
7. 非常简单的加密 API;
8. 不跟任何的框架或者容器捆绑,可以独立运行。
Shiro 主要有四个组件:
1. SecurityManager
典型的Facade,Shiro, 通过它对外提供安全管理的各种服务。
2. Authenticator
对“Who are you ?”进行核实。通常涉及用户名和密码。
这个组件负责收集 principals 和credentials,并将它们提交给应用系统。如果提交的 credentials跟应用系统中提供的 credentials吻合,就能够继续访问,否则需要重新提交 principals 和credentials,或者直接终止访问。
3. Authorizer
身份份验证通过后,由这个组件对登录人员进行访问控制的筛查,比如“who can do what”, 或者“who can do which actions”。Shiro 采用“基于 Realm”的方法,即用户(又称 Subject)、用户组、角色和 permission 的聚合体。
4. Session Manager
这个组件保证了异构客户端的访问,配置简单。它是基于 POJO/J2SE 的,不跟任何的客户端或者协议绑定。

Shiro 的认证和签权可以通过 JDBC、LDAP 或者 Active Directory 来访问数据库、目录服务器或者 Active Directory 中的人员以及认证 / 签权信息。SessionManager 通过会话 DAO 可以将会话保存在 cache 中,或者固化到数据库或文件系统中。

简介

apache shiro 是一个功能强大和易于使用的Java安全框架,为开发人员提供一个直观而全面的的解决方案的认证,授权,加密,会话管理。
在实际应用中,它实现了应用程序的安全管理的各个方面。
shiro的功能:
image_1bh4dg3k9u391clof1gbebfu9m.png-41.1kB
apache shiro能做什么?

下载并且使用:
  1. 确保系统内安装JDK1.5+和maven2.2+。
  2. 到shiro主页下载shiro.
  3. 解压缩
  1. unzip shiro-root-1.1.0-source-release.zip
  1. 进入到quickstart目录
  1. cd shiro-root-1.1.0/samples/quickstart
  1. 运行quickstart
  1. mvn compile exec:java

执行完成如下图:
image_1bh4dn7lr1r6aj9a1p9g1ti71gft13.png-162.1kB

Quickstart.java

  1. // get the currently executing user:
  2. Subject currentUser = SecurityUtils.getSubject();

使用SecurityUtils.getSubject(),我们可以得到当前正在执行的主题。
得到主题之后,你可以得到他对应的会话信息.

  1. // Do some stuff with a Session (no need for a web or EJB container!!!)
  2. Session session = currentUser.getSession();
  3. session.setAttribute("someKey", "aValue");
  4. String value = (String) session.getAttribute("someKey");
  5. if (value.equals("aValue")) {
  6. log.info("Retrieved the correct value! [" + value + "]");
  7. }

你可以得到http的session信息,也可以在非web环境中使用,得到相对应的会话信息。
如果在web应用程序中部署应用,默认情况下,应用将以HttpSession为基础。在企业级应用中,你在多个应用中可以使用相同的API,无论部署环境。而且使用任何客户端技术你都可以共享会话数据。
接下来判断登录信息

  1. // let's login the current user so we can check against roles and permissions:
  2. if (!currentUser.isAuthenticated()) {
  3. UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
  4. token.setRememberMe(true);
  5. try {
  6. currentUser.login(token);
  7. } catch (UnknownAccountException uae) {
  8. log.info("There is no user with username of " + token.getPrincipal());
  9. } catch (IncorrectCredentialsException ice) {
  10. log.info("Password for account " + token.getPrincipal() + " was incorrect!");
  11. } catch (LockedAccountException lae) {
  12. log.info("The account for username " + token.getPrincipal() + " is locked. " +
  13. "Please contact your administrator to unlock it.");
  14. }
  15. // ... catch more exceptions here (maybe custom ones specific to your application?
  16. catch (AuthenticationException ae) {
  17. //unexpected condition? error?
  18. }
  19. }

如果正确可以向下执行,如果不正确,就会对不同的业务进行处理。
比如用户名不正确,密码不正确,用户被锁定的异常,当然也可以使用自定义抛出的异常。
如果登录成功,那么下一步可以做什么呢?
提示当前用户:

  1. //say who they are:
  2. //print their identifying principal (in this case, a username):
  3. log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");

接着测试是否还有其它角色

  1. //test a role:
  2. if (currentUser.hasRole("schwartz")) {
  3. log.info("May the Schwartz be with you!");
  4. } else {
  5. log.info("Hello, mere mortal.");
  6. }

接着测试是否有特定的权限

  1. //test a typed permission (not instance-level)
  2. if (currentUser.isPermitted("lightsaber:weild")) {
  3. log.info("You may use a lightsaber ring. Use it wisely.");
  4. } else {
  5. log.info("Sorry, lightsaber rings are for schwartz masters only.");
  6. }

接着验证一个非常强大的实例级权限

  1. //a (very powerful) Instance Level permission:
  2. if (currentUser.isPermitted("winnebago:drive:eagle5")) {
  3. log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " +
  4. "Here are the keys - have fun!");
  5. } else {
  6. log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
  7. }

最后是使用程序注销:

  1. //all done - log out!
  2. currentUser.logout();

认证就是用户确认身份的过程,确认登录的用户身份能够操作的内容。

使用shiro认证分为以下几个步骤:
1,得到主体的认证和凭据。

  1. // let's login the current user so we can check against roles and permissions:
  2. if (!currentUser.isAuthenticated()) {
  3. UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
  4. token.setRememberMe(true);
  5. }

2,提交认证和凭据给身份验证系统。

  1. Subject currentUser = SecurityUtils.getSubject();
  2. currentUser.login(token);

3,判断是否允许访问,重试认证或者阻止访问。

  1. try {
  2. currentUser.login(token);
  3. } catch (UnknownAccountException uae) {
  4. log.info("There is no user with username of " + token.getPrincipal());
  5. } catch (IncorrectCredentialsException ice) {
  6. log.info("Password for account " + token.getPrincipal() + " was incorrect!");
  7. } catch (LockedAccountException lae) {
  8. log.info("The account for username " + token.getPrincipal() + " is locked. " +
  9. "Please contact your administrator to unlock it.");
  10. }
  11. // ... catch more exceptions here (maybe custom ones specific to your application?
  12. catch (AuthenticationException ae) {
  13. //unexpected condition? error?
  14. }

其中Remember Me的功能包括两个方法,一个是isRemembered

  1. boolean isRemembered()

非匿名登录的用户可以记住上次使用的主题的信息。
另一个isAuthenticated

  1. boolean isAuthenticated()

在此期间需要使用有效的凭据登录系统,否则值为false.

授权操作

授权的例子就是是否可以访问某个页面,可以操作某个按钮,是否可以编缉对应的数据等。
如何在shiro中使用授权:
1,使用编程方式

  1. //判断是否有管理员角色
  2. if (currentUser.hasRole("admin")) {
  3. }
  4. //判断用户是否有打印的权限
  5. Permission printPermission = new PrinterPermission(“laserjet3000n”,“print”);
  6. If (currentUser.isPermitted(printPermission)) {
  7. //do one thing (show the print button?)
  8. } else {
  9. //don’t show the button?
  10. }
  11. //也可以使用字符串的方式验证
  12. String perm = printer:print:laserjet4400n”;
  13. if(currentUser.isPermitted(perm)){
  14. //show the print button?
  15. } else {
  16. //don’t show the button?
  17. }

2,使用注释方式

  1. //判断用户是否有 创建账户权限
  2. //Will throw an AuthorizationException if none
  3. //of the caller’s roles imply the Account
  4. //'create' permission\u000B
  5. @RequiresPermissions(“account:create”)‏
  6. public void openAccount( Account acct ) {
  7. //create the account
  8. }
  9. //判断用户角色,如果符合角色,可以使用对应方法
  10. //Throws an AuthorizationException if the caller
  11. //doesn’t have the ‘teller’ role:
  12. @RequiresRoles( teller )
  13. public void openAccount( Account acct ) {
  14. //do something in here that only a teller
  15. //should do
  16. }

3,使用jsp taglib

  1. //判断用户是否有管理权限
  2. <%@ taglib prefix=“shiro uri=http://shiro.apache.org/tags %>
  3. <html>
  4. <body>
  5. <shiro:hasPermission name=“users:manage”>
  6. <a href=“manageUsers.jsp”>
  7. Click here to manage users
  8. </a>
  9. </shiro:hasPermission>
  10. <shiro:lacksPermission name=“users:manage”>
  11. No user management for you!
  12. </shiro:lacksPermission>
  13. </body>
  14. </html>

从高的级别来看shiro:

看一下官方的图:
image_1bh4ekj0d13tita8f3o1qukndq1g.png-40.5kB
应用程序调用subject(主题),主题可以是一个用户也可以是与系统交互的另一个系统,主题绑定shiro的权限管理,SecurityManager(安全管理),它控制与有与主题相关的安全操作。Realm(桥梁)它是安全与数据之间的桥,它封装了比如DAO的配置信息,可以指定连接的数据源,也可使用其它的认证方式,如LDAP等。
然后看一下详细的架构图:
image_1bh4elgf73apjtq8co59vp2g1t.png-165.7kB
Subject (org.apache.shiro.subject.Subject)
主题:与系统交互的第三方如(用户,cron服务,第三方应用)等。
SecurityManager (org.apache.shiro.mgt.SecurityManager)
shiro系统的核心,协调主题使用的操作,验证,配置等。
Authenticator (org.apache.shiro.authc.Authenticator)
身份验证组件,对企图登录系统的用户进行身份的验证。其中包含一个Authentication Strategy
(org.apache.shiro.authc.pam.AuthenticationStrategy)组件。配置验证成功与失败的条件。
Authorizer (org.apache.shiro.authz.Authorizer)
授权组件,指用户访问特定应用程序的机制。
SessionManager (org.apache.shiro.session.mgt.SessionManager)
管理会话如何创建生命周期。其中包括的sessiondao是管理会议数据的持久操作:SessionDAO (org.apache.shiro.session.mgt.eis.SessionDAO),代表执行sessionManager的CRUD操作。
CacheManager (org.apache.shiro.cache.CacheManager)
缓存管理模块。
Cryptography (org.apache.shiro.crypto.*)
加密模块。
Realms (org.apache.shiro.realm.Realm)
多种方式处理的桥梁。

多种配置方式:
与spring,jboss,guice等进行配置。
1,编程方式配置
例如:

  1. Realm realm = //instantiate or acquire a Realm instance. We'll discuss Realms later.
  2. SecurityManager securityManager = new DefaultSecurityManager(realm);
  3. //Make the SecurityManager instance available to the entire application via static memory:
  4. SecurityUtils.setSecurityManager(securityManager);

2,sessionManager对象图
如果你想使用sessionManager配置自定义的sessionDao信息,进行自定义会话管理.

  1. DefaultSecurityManager securityManager = new DefaultSecurityManager(realm);
  2. SessionDAO sessionDAO = new CustomSessionDAO();
  3. ((DefaultSessionManager)securityManager.getSessionManager()).setSessionDAO(sessionDAO);

3,INI配置
1) 创建一个INI从SecurityManager
可以从多种方式读取INI配置文件的信息,如文件系统,类路径等

  1. import org.apache.shiro.SecurityUtils;
  2. import org.apache.shiro.util.Factory;
  3. import org.apache.shiro.mgt.SecurityManager;
  4. import org.apache.shiro.config.IniSecurityManagerFactory;
  5. ...
  6. Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
  7. SecurityManager securityManager = factory.getInstance();
  8. SecurityUtils.setSecurityManager(securityManager);

2) 通过Ini实例读取
类似于Properties的方式

  1. import org.apache.shiro.SecurityUtils;
  2. import org.apache.shiro.util.Factory;
  3. import org.apache.shiro.mgt.SecurityManager;
  4. import org.apache.shiro.config.Ini;
  5. import org.apache.shiro.config.IniSecurityManagerFactory;
  6. ...
  7. Ini ini = new Ini();
  8. //populate the Ini instance as necessary
  9. ...
  10. Factory<SecurityManager> factory = new IniSecurityManagerFactory(ini);
  11. SecurityManager securityManager = factory.getInstance();
  12. SecurityUtils.setSecurityManager(securityManager);

加载之后就可以操作INI的配置了。
4,INI配置
每一个节点都是单独的,不可以重复,注释可以使用#或者;

  1. # =======================
  2. # Shiro INI configuration
  3. # =======================
  4. [main]
  5. # Objects and their properties are defined here,
  6. # Such as the securityManager, Realms and anything
  7. # else needed to build the SecurityManager
  8. [users]
  9. # The 'users' section is for simple deployments
  10. # when you only need a small number of statically-defined
  11. # set of User accounts.
  12. [roles]
  13. # The 'roles' section is for simple deployments
  14. # when you only need a small number of statically-defined
  15. # roles.
  16. [urls]
  17. # The 'urls' section is used for url-based security
  18. # in web applications. We'll discuss this section in the
  19. # Web documentation

1) [main]
配置sessionManager的实例和它的依赖。
配置示例

  1. [main]
  2. sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
  3. myRealm = com.company.security.shiro.DatabaseRealm
  4. myRealm.connectionTimeout = 30000
  5. myRealm.username = jsmith
  6. myRealm.password = secret
  7. myRealm.credentialsMatcher = $sha256Matcher
  8. securityManager.sessionManager.globalSessionTimeout = 1800000

定义一个对象

  1. [main]
  2. myRealm = com.company.shiro.realm.MyRealm
  3. ...

简单的属性设置

  1. ...
  2. myRealm.connectionTimeout = 30000
  3. myRealm.username = jsmith
  4. ...

配置信息将转入到对应的set方法中

  1. ...
  2. myRealm.setConnectionTimeout(30000);
  3. myRealm.setUsername("jsmith");
  4. ...

参考值
你可以使用$符号引用先前定义的一个对象的实例

  1. ...
  2. sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
  3. ...
  4. myRealm.credentialsMatcher = $sha256Matcher
  5. ...

嵌套属性

  1. ...
  2. securityManager.sessionManager.globalSessionTimeout = 1800000
  3. ...

将被注入到下面的程序中

  1. securityManager.getSessionManager().setGlobalSessionTimeout(1800000);

引用其它的属性

  1. sessionListener1 = com.company.my.SessionListenerImplementation
  2. ...
  3. sessionListener2 = com.company.my.other.SessionListenerImplementation
  4. ...
  5. securityManager.sessionManager.sessionListeners = $sessionListener1, $sessionListener2

以键值的配置方式

  1. object1 = com.company.some.Class
  2. object2 = com.company.another.Class
  3. ...
  4. anObject = some.class.with.a.Map.property
  5. anObject.mapProperty = key1:$object1, key2:$object2

2) [users]
在用户比较少的情况下这种配置信息是有效的

  1. [users]
  2. admin = secret
  3. lonestarr = vespa, goodguy, schwartz
  4. darkhelmet = ludicrousspeed, badguy, schwartz

3) [roles]
如果角色信息比较少的情况下可以使用这项配置

  1. [roles]
  2. # 'admin' role has all permissions, indicated by the wildcard '*'
  3. admin = *
  4. # The 'schwartz' role can do anything (*) with any lightsaber:
  5. schwartz = lightsaber:*
  6. # The 'goodguy' role is allowed to 'drive' (action) the winnebago (type) with
  7. # license plate 'eagle5' (instance specific id)
  8. goodguy = winnebago:drive:eagle5

4) [urls]
配置url等可访问的资源信息。

  1. [urls]
  2. /assets/** = anon
  3. /user/signup = anon
  4. /user/** = user
  5. /rpc/rest/** = perms[rpc:invoke], authc
  6. /** = authc

shiro(3)-shiro核心

身份认证

image_1bh4f7q2pe8f9k6ga7108q1rce2a.png-27.3kB
身份认证分三个步骤
1)提交主题和凭据
2)进行身份认证
3)判断是通过,重新提交还是不通过
验证顺序
image_1bh4f8fpb1e2j1t9o9pj3b1k3m2n.png-90.1kB
1)调用subject的login方法,提交主体和凭据。
2)得到对应操作的Security Manager
3)通过Sceurity Manager得到对应的Autherticator实例
4)根据配置策略查找对应的桥信息
5)通过桥信息到对应的配置处理进行身份验证
验证器
如果你想配置一个自定义的验证器
可以在配置文件中使用

  1. [main]
  2. ...
  3. authenticator = com.foo.bar.CustomAuthenticator
  4. securityManager.authenticator = $authenticator

配置策略信息
AtLeastOneSuccessfulStrategy 如果一个验证成功,则验证结果为成功
FirstSuccessfulStrategy 只有第一个成功,才算成功
AllSuccessfulStrategy 所有的都必须成功
对应的在配置文件中的策略使用如下
shiro.ini

  1. [main]
  2. ...
  3. authcStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy
  4. securityManager.authenticator.authenticationStrategy = $authcStrategy
  5. ...

执行顺序
1)隐式顺序

  1. blahRealm = com.company.blah.Realm
  2. ...
  3. fooRealm = com.company.foo.Realm
  4. ...
  5. barRealm = com.company.another.Realm

按上下顺序执行
2)指定顺序

  1. blahRealm = com.company.blah.Realm
  2. ...
  3. fooRealm = com.company.foo.Realm
  4. ...
  5. barRealm = com.company.another.Realm
  6. securityManager.realms = $fooRealm, $barRealm, $blahRealm
  7. ...

按指定的顺序执行

授权

控制谁有权限访问应用程序
授权的几个要素:权限,角色和用户。
三种权限的判断方式
1)编程
角色判断

  1. Subject currentUser = SecurityUtils.getSubject();
  2. if (currentUser.hasRole("administrator")) {
  3. //show the admin button
  4. } else {
  5. //don't show the button? Grey it out?
  6. }

hasRole(String roleName) 主题是否已分配给指定的角色
hasRoles(List roleNames) 是否包含指定的角色
hasAllRoles(Collection roleNames) 是否包含指定的所有角色
角色断言

  1. Subject currentUser = SecurityUtils.getSubject();
  2. //guarantee that the current user is a bank teller and
  3. //therefore allowed to open the account:
  4. currentUser.checkRole("bankTeller");
  5. openBankAccount();

checkRole(String roleName) 断言是否是指定角色
checkRoles(Collection roleNames) 断言是否包含以下角色
checkRoles(String... roleNames) 断言是否包含所有角色
如果判断指定用户是否有权限访问指定名称的打印机,
那么就会用到下列几个方法:

  1. Permission printPermission = new PrinterPermission("laserjet4400n", "print");
  2. Subject currentUser = SecurityUtils.getSubject();
  3. if (currentUser.isPermitted(printPermission)) {
  4. //show the Print button
  5. } else {
  6. //don't show the button? Grey it out?
  7. }

isPermitted(Permission p) 判断主题是否允许执行一个动作
isPermitted(List perms) 是否允许执行一组动作
isPermittedAll(Collection perms) 是否允许执行所有动作
基于字符串的权限检查

  1. Subject currentUser = SecurityUtils.getSubject();
  2. if (currentUser.isPermitted("printer:print:laserjet4400n")) {
  3. //show the Print button
  4. } else {
  5. //don't show the button? Grey it out?
  6. }

也可以如下使用

  1. Subject currentUser = SecurityUtils.getSubject();
  2. Permission p = new WildcardPermission("printer:print:laserjet4400n");
  3. if (currentUser.isPermitted(p) {
  4. //show the Print button
  5. } else {
  6. //don't show the button? Grey it out?
  7. }

权限断言类似于角色断言。
2)annocation方式

The RequiresAuthentication annotation
  1. @RequiresAuthentication
  2. public void updateAccount(Account userAccount) {
  3. //this method will only be invoked by a
  4. //Subject that is guaranteed authenticated
  5. ...
  6. }
  7. 等同于下述代码
  8. public void updateAccount(Account userAccount) {
  9. if (!SecurityUtils.getSubject().isAuthenticated()) {
  10. throw new AuthorizationException(...);
  11. }
  12. //Subject is guaranteed authenticated here
  13. ...
  14. }

The RequiresGuest annotation

  1. @RequiresGuest
  2. public void signUp(User newUser) {
  3. //this method will only be invoked by a
  4. //Subject that is unknown/anonymous
  5. ...
  6. }
  7. 等同于
  8. public void signUp(User newUser) {
  9. Subject currentUser = SecurityUtils.getSubject();
  10. PrincipalCollection principals = currentUser.getPrincipals();
  11. if (principals != null && !principals.isEmpty()) {
  12. //known identity - not a guest:
  13. throw new AuthorizationException(...);
  14. }
  15. //Subject is guaranteed to be a 'guest' here
  16. ...
  17. }

The RequiresPermissions annotation

  1. @RequiresPermissions("account:create")
  2. public void createAccount(Account account) {
  3. //this method will only be invoked by a Subject
  4. //that is permitted to create an account
  5. ...
  6. }
  7. 等同于
  8. public void createAccount(Account account) {
  9. Subject currentUser = SecurityUtils.getSubject();
  10. if (!subject.isPermitted("account:create")) {
  11. throw new AuthorizationException(...);
  12. }
  13. //Subject is guaranteed to be permitted here
  14. ...
  15. }

The RequiresRoles permission

  1. @RequiresRoles("administrator")
  2. public void deleteUser(User user) {
  3. //this method will only be invoked by an administrator
  4. ...
  5. }
  6. 等同于
  7. public void deleteUser(User user) {
  8. Subject currentUser = SecurityUtils.getSubject();
  9. if (!subject.hasRole("administrator")) {
  10. throw new AuthorizationException(...);
  11. }
  12. //Subject is guaranteed to be an 'administrator' here
  13. ...
  14. }

The RequiresUser annotation

  1. @RequiresUser
  2. public void updateAccount(Account account) {
  3. //this method will only be invoked by a 'user'
  4. //i.e. a Subject with a known identity
  5. ...
  6. }
  7. 等同于
  8. public void updateAccount(Account account) {
  9. Subject currentUser = SecurityUtils.getSubject();
  10. PrincipalCollection principals = currentUser.getPrincipals();
  11. if (principals == null || principals.isEmpty()) {
  12. //no identity - they're anonymous, not allowed:
  13. throw new AuthorizationException(...);
  14. }
  15. //Subject is guaranteed to have a known identity here
  16. ...
  17. }

授权顺序
image_1bh4fm5pe1laf1ednltv89a1l1f3k.png-83.8kB
1)应用程序调用主题,判断hasRole,isPermitted得到角色或者用户权限的列表。
2)组成对应的授权方法
3)协调如何授权
4)通过桥进行各种方式的授权

web应用
配置web.xml

  1. <listener>
  2. <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
  3. </listener>
  4. ...
  5. <filter>
  6. <filter-name>ShiroFilter</filter-name>
  7. <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
  8. </filter>
  9. <filter-mapping>
  10. <filter-name>ShiroFilter</filter-name>
  11. <url-pattern>/*</url-pattern>
  12. </filter-mapping>

如果你愿意你可以自定义一个web应用

  1. <context-param>
  2. <param-name>shiroEnvironmentClass</param-name>
  3. <param-value>com.foo.bar.shiro.MyWebEnvironment</param-value>
  4. </context-param>

如果你想改变shiro.ini的位置,那么你可以指定

  1. <context-param>
  2. <param-name>shiroConfigLocations</param-name>
  3. <param-value>YOUR_RESOURCE_LOCATION_HERE</param-value>
  4. </context-param>

shiro.ini中的[urls]配置
例如:

  1. ...
  2. [urls]
  3. /index.html = anon
  4. /user/create = anon
  5. /user/** = authc
  6. /admin/** = authc, roles[administrator]
  7. /rest/** = authc, rest
  8. /remoting/rpc/** = authc, perms["remote:invoke"]

假如你有如下设置

  1. /account/** = ssl, authc

/account下的任何应用程序都将触动ssl和authc链
在官方的示例中,有一个aspectj的示例,这个是一个银行的示例,简单的做了一下修改,演示一下其中几个方法的使用过程。
看以下几个类,包括账户信息,转账信息,以及一些异常处理程序,还包括一个业务操作类.
Account账户信息类

  1. import org.apache.commons.lang.builder.ToStringBuilder;
  2. import org.apache.commons.lang.builder.ToStringStyle;
  3. import java.sql.Timestamp;
  4. import java.util.ArrayList;
  5. import java.util.Date;
  6. import java.util.List;
  7. public class Account {
  8. private static long _SEQUENCE;
  9. private long _id;
  10. private String _ownerName;
  11. private volatile boolean _isActive;
  12. private double _balance;
  13. private final List<AccountTransaction> _transactions;
  14. private String _createdBy;
  15. private Date _creationDate;
  16. public Account(String anOwnerName) {
  17. _id = ++_SEQUENCE;
  18. _ownerName = anOwnerName;
  19. _isActive = true;
  20. _balance = 0.0d;
  21. _transactions = new ArrayList<AccountTransaction>();
  22. _createdBy = "unknown";
  23. _creationDate = new Date();
  24. }
  25. /**
  26. * Returns the id attribute.
  27. *
  28. * @return The id value.
  29. */
  30. public long getId() {
  31. return _id;
  32. }
  33. /**
  34. * Returns the ownerName attribute.
  35. *
  36. * @return The ownerName value.
  37. */
  38. public String getOwnerName() {
  39. return _ownerName;
  40. }
  41. /**
  42. * Returns the isActive attribute.
  43. *
  44. * @return The isActive value.
  45. */
  46. public boolean isActive() {
  47. return _isActive;
  48. }
  49. /**
  50. * Changes the value of the attributes isActive.
  51. *
  52. * @param aIsActive The new value of the isActive attribute.
  53. */
  54. public void setActive(boolean aIsActive) {
  55. _isActive = aIsActive;
  56. }
  57. /**
  58. * Changes the value of the attributes ownerName.
  59. *
  60. * @param aOwnerName The new value of the ownerName attribute.
  61. */
  62. public void setOwnerName(String aOwnerName) {
  63. _ownerName = aOwnerName;
  64. }
  65. /**
  66. * Returns the balance attribute.
  67. *
  68. * @return The balance value.
  69. */
  70. public double getBalance() {
  71. return _balance;
  72. }
  73. /**
  74. * Returns the transactions attribute.
  75. *
  76. * @return The transactions value.
  77. */
  78. public List<AccountTransaction> getTransactions() {
  79. return _transactions;
  80. }
  81. protected void applyTransaction(AccountTransaction aTransaction) throws NotEnoughFundsException, InactiveAccountException {
  82. if (!_isActive) {
  83. throw new InactiveAccountException("Unable to apply " + aTransaction.getType() + " of amount " + aTransaction.getAmount() + " to account " + _id);
  84. }
  85. synchronized (_transactions) {
  86. if (AccountTransaction.TransactionType.DEPOSIT == aTransaction.getType()) {
  87. _transactions.add(aTransaction);
  88. _balance += aTransaction.getAmount();
  89. } else if (AccountTransaction.TransactionType.WITHDRAWAL == aTransaction.getType()) {
  90. if (_balance < aTransaction.getAmount()) {
  91. throw new NotEnoughFundsException("Unable to withdraw " + aTransaction.getAmount() + "$ from account " + _id + " - current balance is " + _balance);
  92. }
  93. _transactions.add(aTransaction);
  94. _balance -= aTransaction.getAmount();
  95. } else {
  96. throw new IllegalArgumentException("The transaction passed in has an invalid type: " + aTransaction.getType());
  97. }
  98. }
  99. }
  100. /**
  101. * Changes the value of the attributes createdBy.
  102. *
  103. * @param aCreatedBy The new value of the createdBy attribute.
  104. */
  105. protected void setCreatedBy(String aCreatedBy) {
  106. _createdBy = aCreatedBy;
  107. }
  108. /**
  109. * Returns the createdBy attribute.
  110. *
  111. * @return The createdBy value.
  112. */
  113. public String getCreatedBy() {
  114. return _createdBy;
  115. }
  116. /**
  117. * Returns the creationDate attribute.
  118. *
  119. * @return The creationDate value.
  120. */
  121. public Date getCreationDate() {
  122. return _creationDate;
  123. }
  124. /* (non-Javadoc)
  125. * @see java.lang.Object#toString()
  126. */
  127. public String toString() {
  128. return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE).
  129. append("id", _id).
  130. append("ownerName", _ownerName).
  131. append("isActive", _isActive).
  132. append("balance", _balance).
  133. append("tx.count", _transactions.size()).
  134. append("createdBy", _createdBy).
  135. append("creationDate", new Timestamp(_creationDate.getTime())).
  136. toString();
  137. }
  138. }

AccountNotFoundException,账号不存在异常

  1. package org.apache.shiro.samples.aspectj.bank;
  2. public class AccountNotFoundException extends BankServiceException {
  3. public AccountNotFoundException(String aMessage) {
  4. super(aMessage);
  5. }
  6. }

AccountTransaction,账号转入与转出

  1. package org.apache.shiro.samples.aspectj.bank;
  2. import org.apache.commons.lang.builder.ToStringBuilder;
  3. import org.apache.commons.lang.builder.ToStringStyle;
  4. import java.sql.Timestamp;
  5. import java.util.Date;
  6. public class AccountTransaction {
  7. private static long _SEQUENCE;
  8. public enum TransactionType {
  9. DEPOSIT,
  10. WITHDRAWAL
  11. }
  12. private long _id;
  13. private TransactionType _type;
  14. private long _accountId;
  15. private double _amount;
  16. private String _createdBy;
  17. private Date _creationDate;
  18. public static AccountTransaction createDepositTx(long anAccountId, double anAmount) {
  19. return new AccountTransaction(TransactionType.DEPOSIT, anAccountId, anAmount);
  20. }
  21. public static AccountTransaction createWithdrawalTx(long anAccountId, double anAmount) {
  22. return new AccountTransaction(TransactionType.WITHDRAWAL, anAccountId, anAmount);
  23. }
  24. private AccountTransaction(TransactionType aType, long anAccountId, double anAmount) {
  25. _id = ++_SEQUENCE;
  26. _type = aType;
  27. _accountId = anAccountId;
  28. _amount = anAmount;
  29. _createdBy = "unknown";
  30. _creationDate = new Date();
  31. }
  32. /**
  33. * Returns the id attribute.
  34. *
  35. * @return The id value.
  36. */
  37. public long getId() {
  38. return _id;
  39. }
  40. /**
  41. * Returns the type attribute.
  42. *
  43. * @return The type value.
  44. */
  45. public TransactionType getType() {
  46. return _type;
  47. }
  48. /**
  49. * Returns the accountId attribute.
  50. *
  51. * @return The accountId value.
  52. */
  53. public long getAccountId() {
  54. return _accountId;
  55. }
  56. /**
  57. * Returns the amount attribute.
  58. *
  59. * @return The amount value.
  60. */
  61. public double getAmount() {
  62. return _amount;
  63. }
  64. /**
  65. * Changes the value of the attributes createdBy.
  66. *
  67. * @param aCreatedBy The new value of the createdBy attribute.
  68. */
  69. protected void setCreatedBy(String aCreatedBy) {
  70. _createdBy = aCreatedBy;
  71. }
  72. /**
  73. * Returns the createdBy attribute.
  74. *
  75. * @return The createdBy value.
  76. */
  77. public String getCreatedBy() {
  78. return _createdBy;
  79. }
  80. /**
  81. * Returns the creationDate attribute.
  82. *
  83. * @return The creationDate value.
  84. */
  85. public Date getCreationDate() {
  86. return _creationDate;
  87. }
  88. /* (non-Javadoc)
  89. * @see java.lang.Object#toString()
  90. */
  91. public String toString() {
  92. return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE).
  93. append("id", _id).
  94. append("type", _type).
  95. append("accountId", _accountId).
  96. append("amount", _amount).
  97. append("createdBy", _createdBy).
  98. append("creationDate", new Timestamp(_creationDate.getTime())).
  99. toString();
  100. }
  101. }

BankServerRunner,银行服务运行

  1. package org.apache.shiro.samples.aspectj.bank;
  2. public class BankServerRunner {
  3. private SecureBankService _bankService;
  4. public synchronized void start() throws Exception {
  5. if (_bankService == null) {
  6. _bankService = new SecureBankService();
  7. _bankService.start();
  8. }
  9. }
  10. public synchronized void stop() {
  11. if (_bankService != null) {
  12. try {
  13. _bankService.dispose();
  14. } finally {
  15. _bankService = null;
  16. }
  17. }
  18. }
  19. public BankService getBankService() {
  20. return _bankService;
  21. }
  22. public static void main(String[] args) {
  23. try {
  24. BankServerRunner server = new BankServerRunner();
  25. server.start();
  26. server.stop();
  27. } catch (Exception e) {
  28. e.printStackTrace();
  29. }
  30. }
  31. }

BankService,银行服务接口

  1. package org.apache.shiro.samples.aspectj.bank;
  2. import java.util.Date;
  3. public interface BankService {
  4. public long[] searchAccountIdsByOwner(String anOwnerName);
  5. public long createNewAccount(String anOwnerName);
  6. public double getBalanceOf(long anAccountId) throws AccountNotFoundException;
  7. public String getOwnerOf(long anAccountId) throws AccountNotFoundException;
  8. public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException;
  9. public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException;
  10. public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException;
  11. public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException;
  12. public boolean isAccountActive(long anAccountId) throws AccountNotFoundException;
  13. public static class TxLog {
  14. private Date _creationDate;
  15. private double _amount;
  16. private String _madeBy;
  17. public TxLog(Date aCreationDate, double aAmount, String aMadeBy) {
  18. super();
  19. _creationDate = aCreationDate;
  20. _amount = aAmount;
  21. _madeBy = aMadeBy;
  22. }
  23. /**
  24. * Returns the creationDate attribute.
  25. *
  26. * @return The creationDate value.
  27. */
  28. public Date getCreationDate() {
  29. return _creationDate;
  30. }
  31. /**
  32. * Returns the amount attribute.
  33. *
  34. * @return The amount value.
  35. */
  36. public double getAmount() {
  37. return _amount;
  38. }
  39. /**
  40. * Returns the madeBy attribute.
  41. *
  42. * @return The madeBy value.
  43. */
  44. public String getMadeBy() {
  45. return _madeBy;
  46. }
  47. }
  48. }

BankServiceException,银行服务异常

  1. package org.apache.shiro.samples.aspectj.bank;
  2. public class BankServiceException extends Exception {
  3. public BankServiceException(String aMessage) {
  4. super(aMessage);
  5. }
  6. public BankServiceException(String aMessage, Throwable aCause) {
  7. super(aMessage, aCause);
  8. }
  9. }

InactiveAccountException,存入账户异常

  1. package org.apache.shiro.samples.aspectj.bank;
  2. public class InactiveAccountException extends BankServiceException {
  3. public InactiveAccountException(String aMessage) {
  4. super(aMessage);
  5. }
  6. }

NotEnoughFundsException,账户不足异常

  1. package org.apache.shiro.samples.aspectj.bank;
  2. public class NotEnoughFundsException extends BankServiceException {
  3. public NotEnoughFundsException(String aMessage) {
  4. super(aMessage);
  5. }
  6. }

SecureBankService,安全银行的服务类,处理各种银行的业务

  1. package org.apache.shiro.samples.aspectj.bank;
  2. import org.apache.shiro.SecurityUtils;
  3. import org.apache.shiro.authz.annotation.RequiresPermissions;
  4. import org.apache.shiro.samples.aspectj.bank.AccountTransaction.TransactionType;
  5. import org.apache.shiro.subject.Subject;
  6. import org.slf4j.Logger;
  7. import org.slf4j.LoggerFactory;
  8. import java.util.ArrayList;
  9. import java.util.HashMap;
  10. import java.util.List;
  11. import java.util.Map;
  12. public class SecureBankService implements BankService {
  13. private static final Logger log = LoggerFactory.getLogger(SecureBankService.class);
  14. private volatile boolean _isRunning;
  15. private final List<Account> _accounts;
  16. private Map<Long, Account> _accountsById;
  17. /**
  18. * Creates a new {@link SecureBankService} instance.
  19. */
  20. public SecureBankService() {
  21. _accounts = new ArrayList<Account>();
  22. _accountsById = new HashMap<Long, Account>();
  23. }
  24. /**
  25. * Starts this service
  26. */
  27. public void start() throws Exception {
  28. _isRunning = true;
  29. log.info("银行服务开始...");
  30. }
  31. /**
  32. * Stop this service
  33. */
  34. public void dispose() {
  35. log.info("银行服务停止...");
  36. _isRunning = false;
  37. synchronized (_accounts) {
  38. _accountsById.clear();
  39. _accounts.clear();
  40. }
  41. log.info("银行服务停止!");
  42. }
  43. /**
  44. * Internal utility method that validate the internal state of this service.
  45. */
  46. protected void assertServiceState() {
  47. if (!_isRunning) {
  48. throw new IllegalStateException("银行的服务没有开始");
  49. }
  50. }
  51. public int getAccountCount() {
  52. return _accounts.size();
  53. }
  54. /* (non-Javadoc)
  55. * @see com.connectif.trilogy.root.security.BankService#createNewAccount(java.lang.String)
  56. */
  57. @RequiresPermissions("bankAccount:create")
  58. public long createNewAccount(String anOwnerName) {
  59. assertServiceState();
  60. log.info("创建新的账户给 " + anOwnerName);
  61. synchronized (_accounts) {
  62. Account account = new Account(anOwnerName);
  63. account.setCreatedBy(getCurrentUsername());
  64. _accounts.add(account);
  65. _accountsById.put(account.getId(), account);
  66. log.debug("创建新的账户: " + account);
  67. return account.getId();
  68. }
  69. }
  70. /* (non-Javadoc)
  71. * @see com.connectif.trilogy.root.security.BankService#searchAccountIdsByOwner(java.lang.String)
  72. */
  73. public long[] searchAccountIdsByOwner(String anOwnerName) {
  74. assertServiceState();
  75. log.info("查找已经存在的银行账户为 " + anOwnerName);
  76. ArrayList<Account> matchAccounts = new ArrayList<Account>();
  77. synchronized (_accounts) {
  78. for (Account a : _accounts) {
  79. if (a.getOwnerName().toLowerCase().contains(anOwnerName.toLowerCase())) {
  80. matchAccounts.add(a);
  81. }
  82. }
  83. }
  84. long[] accountIds = new long[matchAccounts.size()];
  85. int index = 0;
  86. for (Account a : matchAccounts) {
  87. accountIds[index++] = a.getId();
  88. }
  89. log.debug("找到 " + accountIds.length + " 相匹配的账户的名称 " + anOwnerName);
  90. return accountIds;
  91. }
  92. /* (non-Javadoc)
  93. * @see com.connectif.trilogy.root.security.BankService#getOwnerOf(long)
  94. */
  95. @RequiresPermissions("bankAccount:read")
  96. public String getOwnerOf(long anAccountId) throws AccountNotFoundException {
  97. assertServiceState();
  98. log.info("获得银行账户的所有者 " + anAccountId);
  99. Account a = safellyRetrieveAccountForId(anAccountId);
  100. return a.getOwnerName();
  101. }
  102. /* (non-Javadoc)
  103. * @see com.connectif.trilogy.root.security.BankService#getBalanceOf(long)
  104. */
  105. @RequiresPermissions("bankAccount:read")
  106. public double getBalanceOf(long anAccountId) throws AccountNotFoundException {
  107. assertServiceState();
  108. log.info("得到账户的余额 " + anAccountId);
  109. Account a = safellyRetrieveAccountForId(anAccountId);
  110. return a.getBalance();
  111. }
  112. /* (non-Javadoc)
  113. * @see com.connectif.trilogy.root.security.BankService#depositInto(long, double)
  114. */
  115. @RequiresPermissions("bankAccount:operate")
  116. public double depositInto(long anAccountId, double anAmount) throws AccountNotFoundException, InactiveAccountException {
  117. assertServiceState();
  118. log.info("存钱到 " + anAmount + " 这个账户 " + anAccountId);
  119. try {
  120. Account a = safellyRetrieveAccountForId(anAccountId);
  121. AccountTransaction tx = AccountTransaction.createDepositTx(anAccountId, anAmount);
  122. tx.setCreatedBy(getCurrentUsername());
  123. log.debug("创建一个新的交易 " + tx);
  124. a.applyTransaction(tx);
  125. log.debug("新的账户余额 " + a.getId() + " 存款后 " + a.getBalance());
  126. return a.getBalance();
  127. } catch (NotEnoughFundsException nefe) {
  128. throw new IllegalStateException("应该从未发生过", nefe);
  129. }
  130. }
  131. /* (non-Javadoc)
  132. * @see com.connectif.trilogy.root.security.BankService#withdrawFrom(long, double)
  133. */
  134. @RequiresPermissions("bankAccount:operate")
  135. public double withdrawFrom(long anAccountId, double anAmount) throws AccountNotFoundException, NotEnoughFundsException, InactiveAccountException {
  136. assertServiceState();
  137. log.info("取款 " + anAmount + " 从账户 " + anAccountId);
  138. Account a = safellyRetrieveAccountForId(anAccountId);
  139. AccountTransaction tx = AccountTransaction.createWithdrawalTx(anAccountId, anAmount);
  140. tx.setCreatedBy(getCurrentUsername());
  141. log.debug("创建一个新的交易 " + tx);
  142. a.applyTransaction(tx);
  143. log.debug("新的账户余额 " + a.getId() + " 取款后 " + a.getBalance());
  144. return a.getBalance();
  145. }
  146. /* (non-Javadoc)
  147. * @see com.connectif.trilogy.root.security.BankService#getTxHistoryFor(long)
  148. */
  149. @RequiresPermissions("bankAccount:read")
  150. public TxLog[] getTxHistoryFor(long anAccountId) throws AccountNotFoundException {
  151. assertServiceState();
  152. log.info("获取账户交易 " + anAccountId);
  153. Account a = safellyRetrieveAccountForId(anAccountId);
  154. TxLog[] txs = new TxLog[a.getTransactions().size()];
  155. int index = 0;
  156. for (AccountTransaction tx : a.getTransactions()) {
  157. log.debug("查过交易 " + tx);
  158. if (TransactionType.DEPOSIT == tx.getType()) {
  159. txs[index++] = new TxLog(tx.getCreationDate(), tx.getAmount(), tx.getCreatedBy());
  160. } else {
  161. txs[index++] = new TxLog(tx.getCreationDate(), -1.0d * tx.getAmount(), tx.getCreatedBy());
  162. }
  163. }
  164. return txs;
  165. }
  166. /* (non-Javadoc)
  167. * @see com.connectif.trilogy.root.security.BankService#closeAccount(long)
  168. */
  169. @RequiresPermissions("bankAccount:close")
  170. public double closeAccount(long anAccountId) throws AccountNotFoundException, InactiveAccountException {
  171. assertServiceState();
  172. log.info("截止账户 " + anAccountId);
  173. Account a = safellyRetrieveAccountForId(anAccountId);
  174. if (!a.isActive()) {
  175. throw new InactiveAccountException("这个账户 " + anAccountId + " 已经关闭");
  176. }
  177. try {
  178. AccountTransaction tx = AccountTransaction.createWithdrawalTx(a.getId(), a.getBalance());
  179. tx.setCreatedBy(getCurrentUsername());
  180. log.debug("创建一个新的交易 " + tx);
  181. a.applyTransaction(tx);
  182. a.setActive(false);
  183. log.debug("账户 " + a.getId() + " 现在是关闭的 " + tx.getAmount() + " 针对这个业主");
  184. return tx.getAmount();
  185. } catch (NotEnoughFundsException nefe) {
  186. throw new IllegalStateException("应该从来不发生", nefe);
  187. }
  188. }
  189. /* (non-Javadoc)
  190. * @see com.connectif.trilogy.root.security.BankService#isAccountActive(long)
  191. */
  192. @RequiresPermissions("bankAccount:read")
  193. public boolean isAccountActive(long anAccountId) throws AccountNotFoundException {
  194. assertServiceState();
  195. log.info("获取账户的活动状态 " + anAccountId);
  196. Account a = safellyRetrieveAccountForId(anAccountId);
  197. return a.isActive();
  198. }
  199. /**
  200. * Internal method that safelly (concurrency-wise) retrieves an account from the id passed in.
  201. *
  202. * @param anAccountId The identifier of the account to retrieve.
  203. * @return The account instance retrieved.
  204. * @throws AccountNotFoundException If no account is found for the provided identifier.
  205. */
  206. protected Account safellyRetrieveAccountForId(long anAccountId) throws AccountNotFoundException {
  207. Account account = null;
  208. synchronized (_accounts) {
  209. account = _accountsById.get(anAccountId);
  210. }
  211. if (account == null) {
  212. throw new AccountNotFoundException("没有找到ID为 " + anAccountId + " 的账户");
  213. }
  214. log.info("检查账户 " + account);
  215. return account;
  216. }
  217. /**
  218. * Internal utility method to retrieve the username of the current authenticated user.
  219. *
  220. * @return The name.
  221. */
  222. protected String getCurrentUsername() {
  223. Subject subject = SecurityUtils.getSubject();
  224. if (subject == null || subject.getPrincipal() == null || !subject.isAuthenticated()) {
  225. throw new IllegalStateException("无法检索当前验证的主题");
  226. }
  227. return SecurityUtils.getSubject().getPrincipal().toString();
  228. }
  229. }

在配置文件中配置了三组账户

  1. [users]
  2. root = secret, admin
  3. sally = 1234, superviser
  4. dan = 123, user
  5. 用户 root 密码secret 角色admin
  6. 用户 sally 密码1234 角色superviser
  7. 用户 dan密码123 角色user
  8. 角色信息包括
  9. [roles]
  10. admin = bankAccount:*
  11. superviser = bankAccount:create, bankAccount:read bankAccount:close
  12. user = bankAccount:create, bankAccount:read, bankAccount:operate

包括种种操作的权限分配
使用junit测试

  1. @BeforeClass
  2. public static void setUpClass() throws Exception {
  3. BasicConfigurator.resetConfiguration();
  4. BasicConfigurator.configure();
  5. logger = Logger.getLogger(SecureBankServiceTest.class.getSimpleName());
  6. Factory<SecurityManager> factory = new IniSecurityManagerFactory(
  7. "classpath:shiroBankServiceTest.ini");
  8. SecurityManager securityManager = factory.getInstance();
  9. SecurityUtils.setSecurityManager(securityManager);
  10. service = new SecureBankService();
  11. service.start();
  12. }

加载对应的ini中的信息,在每次运行之前
登录用户的操作方法

  1. // 作为用户登录,不能关闭账户
  2. protected void loginAsUser() {
  3. if (_subject == null) {
  4. _subject = SecurityUtils.getSubject();
  5. }
  6. // use dan to run as a normal user (which cannot close an account)
  7. _subject.login(new UsernamePasswordToken("dan", "123"));
  8. }
  9. // 作为超级用户登录,不能操作账户
  10. protected void loginAsSuperviser() {
  11. if (_subject == null) {
  12. _subject = SecurityUtils.getSubject();
  13. }
  14. // use sally to run as a superviser (which cannot operate an account)
  15. _subject.login(new UsernamePasswordToken("sally", "1234"));
  16. }

给张三创建账户,并且检查账户的情况

  1. @Test
  2. public void testCreateAccount() throws Exception {
  3. loginAsUser();
  4. createAndValidateAccountFor("张三");
  5. }
  6. protected long createAndValidateAccountFor(String anOwner) throws Exception {
  7. long createdId = service.createNewAccount(anOwner);
  8. assertAccount(anOwner, true, 0.0d, 0, createdId);
  9. return createdId;
  10. }
  11. public static void assertAccount(String eOwnerName, boolean eIsActive,
  12. double eBalance, int eTxLogCount, long actualAccountId)
  13. throws Exception {
  14. Assert.assertEquals(eOwnerName, service.getOwnerOf(actualAccountId));
  15. Assert.assertEquals(eIsActive, service.isAccountActive(actualAccountId));
  16. Assert.assertEquals(eBalance, service.getBalanceOf(actualAccountId));
  17. Assert.assertEquals(eTxLogCount,
  18. service.getTxHistoryFor(actualAccountId).length);
  19. }

看打印出来的信息

  1. 1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 62 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 120 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 121 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 122 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 123 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 132 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 张三
  20. 203 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]
  21. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]
  23. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]
  25. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]
  27. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=张三,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:40:26.71]
  29. 206 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  30. 206 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [66208001-e91d-4625-938f-1b1c08b2645c]
  31. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  32. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

创建张三的用户信息并且检查张三的账户的情况。
第二个测试
创建账户李四并且存入250到账户里,用户有创建和操作的权限,所以可以操作.

  1. @Test
  2. public void testDepositInto_singleTx() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("李四");
  5. makeDepositAndValidateAccount(accountId, 250.00d, "李四");
  6. }
  7. protected double makeDepositAndValidateAccount(long anAccountId,
  8. double anAmount, String eOwnerName) throws Exception {
  9. double previousBalance = service.getBalanceOf(anAccountId);
  10. int previousTxCount = service.getTxHistoryFor(anAccountId).length;
  11. double newBalance = service.depositInto(anAccountId, anAmount);
  12. Assert.assertEquals(previousBalance + anAmount, newBalance);
  13. assertAccount(eOwnerName, true, newBalance, 1 + previousTxCount,
  14. anAccountId);
  15. return newBalance;
  16. }

运行后的结果

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 56 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 59 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 115 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 171 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 李四
  20. 188 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  21. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  23. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  25. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  27. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  29. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  31. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  33. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 250.0 这个账户 1
  34. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  35. 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013]
  36. 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 250.0
  37. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  39. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  41. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  43. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=李四,isActive=true,balance=250.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:44:14.991]
  45. 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=250.0,createdBy=dan,creationDate=2011-09-12 20:44:15.013]
  46. 196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  47. 197 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [3b53dc16-67d5-4730-ae8a-872d113c7546]
  48. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  49. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

创建账户王五并且存入多笔款项

  1. @Test
  2. public void testDepositInto_multiTxs() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("王五");
  5. makeDepositAndValidateAccount(accountId, 50.00d, "王五");
  6. makeDepositAndValidateAccount(accountId, 300.00d, "王五");
  7. makeDepositAndValidateAccount(accountId, 85.00d, "王五");
  8. assertAccount("王五", true, 435.00d, 3, accountId);
  9. }

一共存入三笔,最后得到的数据的总和为435
看日志打出来的信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 49 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 62 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 129 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 王五
  20. 204 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  21. 204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 204 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  23. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  25. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  27. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  29. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  31. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  33. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1
  34. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  35. 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  36. 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0
  37. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  39. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  41. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  43. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  45. 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  46. 210 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  47. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  48. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  49. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  50. 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  51. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 300.0 这个账户 1
  52. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  53. 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]
  54. 211 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 350.0
  55. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  56. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  57. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  58. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  59. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  60. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  61. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  62. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  63. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  64. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]
  65. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  66. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  67. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  68. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  69. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  70. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]
  71. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 85.0 这个账户 1
  72. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=350.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  73. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]
  74. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 435.0
  75. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  76. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  77. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  78. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  79. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  80. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  81. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  82. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  83. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  84. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]
  85. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]
  86. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  87. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  88. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  89. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  90. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  91. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  92. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  93. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=王五,isActive=true,balance=435.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 20:52:54.72]
  94. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 20:52:54.739]
  95. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=DEPOSIT,accountId=1,amount=300.0,createdBy=dan,creationDate=2011-09-12 20:52:54.741]
  96. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=DEPOSIT,accountId=1,amount=85.0,createdBy=dan,creationDate=2011-09-12 20:52:54.742]
  97. 214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  98. 214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1d66c2ec-a668-478a-8f30-e3c65f80a16d]
  99. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  100. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

创建账户贾六并且取款,因为账户为空所以会抛出异常

  1. @Test(expected = NotEnoughFundsException.class)
  2. public void testWithdrawFrom_emptyAccount() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("贾六");
  5. service.withdrawFrom(accountId, 100.00d);
  6. }

看执行的结果

  1. 1 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 15 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 60 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 63 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 126 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 128 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 128 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 129 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 130 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 132 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 145 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 贾六
  20. 205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  21. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  23. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  25. 206 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  27. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  29. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1
  30. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=贾六,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 20:56:05.029]
  31. 210 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 20:56:05.047]
  32. 210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  33. 210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [05f3559d-d0c4-458c-a220-31389550576f]
  34. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  35. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

得到期望的NotEnoughFundsException,运行通过
然后创建账户周七,先存入50,然后取100,结果得到的与面相同,余额不足异常

  1. @Test(expected = NotEnoughFundsException.class)
  2. public void testWithdrawFrom_notEnoughFunds() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("周七");
  5. makeDepositAndValidateAccount(accountId, 50.00d, "周七");
  6. service.withdrawFrom(accountId, 100.00d);
  7. }

看打印出的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 59 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 61 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 118 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 119 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 119 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 120 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 121 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 131 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 179 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 周七
  20. 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  21. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  23. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  25. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  27. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  29. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  31. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  33. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 50.0 这个账户 1
  34. 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  35. 200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955]
  36. 200 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 50.0
  37. 200 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  39. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  41. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  43. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  45. 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=50.0,createdBy=dan,creationDate=2011-09-12 21:01:30.955]
  46. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1
  47. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=周七,isActive=true,balance=50.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:01:30.936]
  48. 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:01:30.956]
  49. 202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  50. 202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [a85a89c7-a805-4086-bd5b-109a0d54086c]
  51. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  52. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

再测试先存后取,先存入500,后取100,最后得到的结果为400

  1. @Test
  2. public void testWithdrawFrom_singleTx() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("国八");
  5. makeDepositAndValidateAccount(accountId, 500.00d, "国八");
  6. makeWithdrawalAndValidateAccount(accountId, 100.00d, "国八");
  7. assertAccount("国八", true, 400.00d, 2, accountId);
  8. }

看打印出的结果

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 10 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 11 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 59 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 115 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 116 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 116 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 116 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 117 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 124 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 国八
  20. 185 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  21. 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  23. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  25. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  27. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  29. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  31. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  33. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1
  34. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  35. 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]
  36. 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0
  37. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  39. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  41. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  43. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  45. 191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]
  46. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  47. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  48. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  49. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  50. 191 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]
  51. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1
  52. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  53. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]
  54. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0
  55. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  56. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  57. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  58. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  59. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  60. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  61. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  62. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  63. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]
  64. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]
  65. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  66. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  67. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  68. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  69. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  70. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  71. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  72. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=国八,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:03:17.085]
  73. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:03:17.103]
  74. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:03:17.104]
  75. 193 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  76. 193 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [192dddd6-7090-435c-bb65-b3b64a73d667]
  77. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  78. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

存入一笔取多笔

  1. @Test
  2. public void testWithdrawFrom_manyTxs() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("Zoe Smith");
  5. makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith");
  6. makeWithdrawalAndValidateAccount(accountId, 100.00d, "Zoe Smith");
  7. makeWithdrawalAndValidateAccount(accountId, 75.00d, "Zoe Smith");
  8. makeWithdrawalAndValidateAccount(accountId, 125.00d, "Zoe Smith");
  9. assertAccount("Zoe Smith", true, 200.00d, 4, accountId);
  10. }

查看打印的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 53 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 57 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 72 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 76 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 132 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 133 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 133 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 134 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 135 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 143 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith
  20. 205 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  21. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 205 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  23. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  25. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  27. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  29. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  31. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  33. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1
  34. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  35. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  36. 212 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0
  37. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  39. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  41. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  43. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 212 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  45. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  46. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  47. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  48. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  49. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  50. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  51. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 100.0 从账户 1
  52. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  53. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  54. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 400.0
  55. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  56. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  57. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  58. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  59. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  60. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  61. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  62. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  63. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  64. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  65. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  66. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  67. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  68. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  69. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  70. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  71. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 75.0 从账户 1
  72. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=400.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  73. 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]
  74. 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 325.0
  75. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  76. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  77. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  78. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  79. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  80. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  81. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  82. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  83. 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  84. 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  85. 215 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]
  86. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  87. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  88. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  89. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  90. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  91. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  92. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]
  93. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 125.0 从账户 1
  94. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=325.0,tx.count=3,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  95. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]
  96. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 200.0
  97. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  98. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  99. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  100. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  101. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  102. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  103. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  104. 216 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  105. 216 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  106. 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  107. 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]
  108. 217 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]
  109. 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  110. 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  111. 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  112. 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  113. 217 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  114. 220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  115. 220 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  116. 221 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=200.0,tx.count=4,createdBy=dan,creationDate=2011-09-12 21:04:28.312]
  117. 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:04:28.337]
  118. 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=100.0,createdBy=dan,creationDate=2011-09-12 21:04:28.338]
  119. 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=3,type=WITHDRAWAL,accountId=1,amount=75.0,createdBy=dan,creationDate=2011-09-12 21:04:28.339]
  120. 221 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=4,type=WITHDRAWAL,accountId=1,amount=125.0,createdBy=dan,creationDate=2011-09-12 21:04:28.341]
  121. 221 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  122. 221 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [1ecbe8f2-f2f5-468b-af2b-d82d6b1267fa]
  123. 223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  124. 223 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

存多少取多少

  1. @Test
  2. public void testWithdrawFrom_upToZero() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("Zoe Smith");
  5. makeDepositAndValidateAccount(accountId, 500.00d, "Zoe Smith");
  6. makeWithdrawalAndValidateAccount(accountId, 500.00d, "Zoe Smith");
  7. assertAccount("Zoe Smith", true, 0.00d, 2, accountId);
  8. }

查看打印的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 43 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 45 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 55 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 58 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 114 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 114 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 115 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 115 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 116 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 125 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 168 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Zoe Smith
  20. 186 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  21. 186 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 187 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  23. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  25. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  27. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 188 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  29. 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  31. 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 189 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  33. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 500.0 这个账户 1
  34. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  35. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]
  36. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 500.0
  37. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  39. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  41. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  43. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  45. 192 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]
  46. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  47. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  48. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  49. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  50. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]
  51. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 取款 500.0 从账户 1
  52. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=500.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  53. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]
  54. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 取款后 0.0
  55. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  56. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  57. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  58. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  59. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  60. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  61. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  62. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  63. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]
  64. 193 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]
  65. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  66. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  67. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  68. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  69. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  70. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  71. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  72. 194 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Zoe Smith,isActive=true,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:05:23.783]
  73. 194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.804]
  74. 194 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=500.0,createdBy=dan,creationDate=2011-09-12 21:05:23.806]
  75. 194 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  76. 195 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [12aeb47c-f3c1-46c1-baec-78da03762422]
  77. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  78. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

关闭账户余额为0的账户,普通用户没有权限,所以需要转到另外一个角色的账户进行操作

  1. @Test
  2. public void testCloseAccount_zeroBalance() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("Chris Smith");
  5. logoutCurrentSubject();
  6. loginAsSuperviser();
  7. double closingBalance = service.closeAccount(accountId);
  8. Assert.assertEquals(0.00d, closingBalance);
  9. assertAccount("Chris Smith", false, 0.00d, 1, accountId);
  10. }

查看打印出来的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 13 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 14 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 50 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 61 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 63 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 121 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 121 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 122 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 123 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 124 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 133 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith
  20. 207 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  21. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 207 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  23. 208 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  25. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  27. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 209 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  29. 210 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  30. 210 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [c4adc0a6-987c-4c94-ad38-d13f683c7f1d]
  31. 211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  32. 211 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  33. 211 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]
  34. 211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  35. 211 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  36. 211 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  37. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1
  38. 211 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  39. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516]
  40. 213 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主
  41. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  42. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  43. 213 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  44. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  45. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  46. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  47. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  48. 214 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:13:04.496]
  49. 214 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:13:04.516]
  50. 214 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally
  51. 214 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [f0988257-3441-489a-859c-538043ead6e3]
  52. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  53. 215 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

创建用户并且存入350,然后对这个用户进行关闭操作

  1. @Test
  2. public void testCloseAccount_withBalance() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("Gerry Smith");
  5. makeDepositAndValidateAccount(accountId, 385.00d, "Gerry Smith");
  6. logoutCurrentSubject();
  7. loginAsSuperviser();
  8. double closingBalance = service.closeAccount(accountId);
  9. Assert.assertEquals(385.00d, closingBalance);
  10. assertAccount("Gerry Smith", false, 0.00d, 2, accountId);
  11. }

查看打印的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 11 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 12 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 46 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 48 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 58 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 61 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 118 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 118 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 119 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 128 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 173 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Gerry Smith
  20. 190 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  21. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 190 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  23. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 191 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  25. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  27. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 192 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  29. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  30. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  31. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  32. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  33. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 存钱到 385.0 这个账户 1
  34. 193 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  35. 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]
  36. 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 新的账户余额 1 存款后 385.0
  37. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  38. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  39. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  40. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  41. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  42. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  43. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  44. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  45. 196 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]
  46. 196 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  47. 196 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [b2e689a3-cd4a-4785-962b-0df77758533b]
  48. 197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  49. 197 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  50. 197 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]
  51. 197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  52. 197 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  53. 197 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  54. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1
  55. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=true,balance=385.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  56. 197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674]
  57. 197 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 385.0 针对这个业主
  58. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  59. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  60. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  61. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  62. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  63. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  64. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  65. 198 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Gerry Smith,isActive=false,balance=0.0,tx.count=2,createdBy=dan,creationDate=2011-09-12 21:17:58.652]
  66. 198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=DEPOSIT,accountId=1,amount=385.0,createdBy=dan,creationDate=2011-09-12 21:17:58.672]
  67. 198 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=2,type=WITHDRAWAL,accountId=1,amount=385.0,createdBy=sally,creationDate=2011-09-12 21:17:58.674]
  68. 198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally
  69. 198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [6ffa0d67-7510-4205-9fa8-01b6bb9793f5]
  70. 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  71. 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

创建用户并且关闭正活动的账户

  1. @Test(expected = InactiveAccountException.class)
  2. public void testCloseAccount_alreadyClosed() throws Exception {
  3. loginAsUser();
  4. long accountId = createAndValidateAccountFor("Chris Smith");
  5. logoutCurrentSubject();
  6. loginAsSuperviser();
  7. double closingBalance = service.closeAccount(accountId);
  8. Assert.assertEquals(0.00d, closingBalance);
  9. assertAccount("Chris Smith", false, 0.00d, 1, accountId);
  10. service.closeAccount(accountId);
  11. }

查看打印的日志信息

  1. 0 [main] DEBUG org.apache.shiro.io.ResourceUtils - Opening resource from class path [shiroBankServiceTest.ini]
  2. 9 [main] DEBUG org.apache.shiro.config.Ini - Parsing [users]
  3. 12 [main] DEBUG org.apache.shiro.config.Ini - Parsing [roles]
  4. 13 [main] DEBUG org.apache.shiro.config.IniFactorySupport - Creating instance from Ini [sections=users,roles]
  5. 44 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [roles] section. Processing...
  6. 47 [main] DEBUG org.apache.shiro.realm.text.IniRealm - Discovered the [users] section. Processing...
  7. 57 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务开始...
  8. 60 [main] INFO SecureBankServiceTest -
  9. #########################
  10. ### 开始测试用例 1
  11. 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  12. 117 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  13. 117 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - dan, rememberMe=false]. Returned account [dan]
  14. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  15. 118 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  16. 119 [main] DEBUG org.apache.shiro.session.mgt.AbstractValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
  17. 120 [main] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
  18. 127 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  19. 178 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户给 Chris Smith
  20. 195 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建新的账户: Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  21. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  22. 195 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  23. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  24. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  25. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  26. 196 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  27. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  28. 197 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  29. 198 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}dan
  30. 198 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [8ff8f7c8-5d03-4e4f-b47d-0414cd43111d]
  31. 198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [[C and accountCredentials of type [java.lang.String]
  32. 198 [main] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison
  33. 199 [main] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - sally, rememberMe=false]. Returned account [sally]
  34. 199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  35. 199 [main] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup.
  36. 199 [main] DEBUG org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
  37. 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1
  38. 199 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=true,balance=0.0,tx.count=0,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  39. 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 创建一个新的交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777]
  40. 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 账户 1 现在是关闭的 0.0 针对这个业主
  41. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获得银行账户的所有者 1
  42. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  43. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户的活动状态 1
  44. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  45. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 得到账户的余额 1
  46. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  47. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 获取账户交易 1
  48. 201 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  49. 201 [main] DEBUG org.apache.shiro.samples.aspectj.bank.SecureBankService - 查过交易 AccountTransaction[id=1,type=WITHDRAWAL,accountId=1,amount=0.0,createdBy=sally,creationDate=2011-09-12 21:19:53.777]
  50. 202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 截止账户 1
  51. 202 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 检查账户 Account[id=1,ownerName=Chris Smith,isActive=false,balance=0.0,tx.count=1,createdBy=dan,creationDate=2011-09-12 21:19:53.755]
  52. 202 [main] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Logging out subject with primary principal {}sally
  53. 202 [main] DEBUG org.apache.shiro.session.mgt.AbstractSessionManager - Stopping session with id [53286615-5b71-4642-b3e8-916fb77fba60]
  54. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止...
  55. 203 [main] INFO org.apache.shiro.samples.aspectj.bank.SecureBankService - 银行服务停止!

其中判断权限使用的是annocation的方式
@RequiresPermissions("bankAccount:create") 是否有用户创建权限
@RequiresPermissions("bankAccount:read") 读权限
@RequiresPermissions("bankAccount:operate") 操作权限
@RequiresPermissions("bankAccount:close") 关闭权限
根据以上几个标签就可以得到对应的权限信息。

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注