用户（UserAccount）和领域的概念在Apache Shiro中如何关联？

用户（UserAccount）和领域的概念在Apache Shiro中如何关联？

您可以定义

Realms

in
之间的关系

authenticationStrategy

。让我们来看一个例子。仅当用户针对所有领域通过身份验证时，才会对用户进行身份验证。您可以进行自己的authenticationStrategy实现，该实现只说一个成功的身份验证就足够了。

在示例中，我们结合了JDBC领域来存储用户名（没有密码），并根据LDAP对其进行身份验证。

可以说，您将添加另一个LDAP领域并创建authenticationStrategy，其中不需要针对领域的所有身份验证。但是，只需对LDAP成功进行一次身份验证就足够了。

shiro.ini

ds = org.apache.shiro.jndi.JndiObjectFactoryds.requiredType = javax.sql.DataSourceds.resourceName = java:comp/env/jdbc/xxxnoPassWordCredentialMatcher = eu.corp.domain.auth.NoPassMatcherldapRealm = eu.corp.domain.auth.CustomActiveDirectoryRealmldapRealm.searchbase = OU=USERS,OU=EN,DC=our,DC=corpldapRealm.url = ldap://our.corp:389ldapRealm.principalSuffix = @our.corpjdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealmjdbcRealm.permissionsLookupEnabled = truejdbcRealm.dataSource = $dsjdbcRealm.credentialsMatcher = $noPassWordCredentialMatcherjdbcRealm.authenticationQuery = SELECt name FROM auth WHERe name = ?jdbcRealm.userRolesQuery = SELECt role.shortcut FROM auth LEFT JOIN auth_role ON auth_role.auth_id = auth.id LEFT JOIN role ON role.id = auth_role.role_id WHERe auth.name = ?jdbcRealm.permissionsQuery = SELECt permission.shortcut FROM role JOIN role_permission ON role_permission.role_id = role.id JOIN permission ON permission.id = role_permission.permission_id WHERe role.shortcut = ?cacheManager = org.apache.shiro.cache.ehcache.EhCacheManagersecurityManager.cacheManager = $cacheManagersecurityManager.realms = $ldapRealm, $jdbcRealmauthcStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategysecurityManager.authenticator.authenticationStrategy = $authcStrategy