@Test

public void testJdbc() {

DefaultSecurityManager securityManager = new DefaultSecurityManager();

JdbcRealm realm = new JdbcRealm();

// JdbcRealm要把数据源设上

realm.setDataSource(dataSource);

// 要查权限,则要打开开关; 因为默认是关闭的

realm.setPermissionsLookupEnabled(true);

// 自定义查询认证的sql语句, 对照着原码里的格式来写

String sql = "select admin_password from admin where admin_name = ?";

realm.setAuthenticationQuery(sql);

// 自定义角色查询

String roleSql = "select rolename from role r, admin a where r.roleid = a.roleid and a.admin_name = ?";

realm.setUserRolesQuery(roleSql);

// 自定义权限查询

// String pSql = "select p.pname from admin a, permission p, rolepermission r where a.roleId = r.roleId and r.permissionId = p.permissionId and a.admin_name = ?";

String pSql = "select permission from testrole where user_name = ?";

realm.setPermissionsQuery(pSql);

securityManager.setRealm(realm);

SecurityUtils.setSecurityManager(securityManager);

Subject subject = SecurityUtils.getSubject();

UsernamePasswordToken token = new UsernamePasswordToken("admin", "1234");

// 认证

subject.login(token);

// 角色认证

subject.checkRole("管理员");

// 权限认证  <要先打开认证权限的开关>

subject.checkPermission("product:manager");

System.out.println("是否认证过:"+subject.isAuthenticated());

}