文档:http://shiro.apache.org/cryptography.html
1) shiro加密解密
2) shiro加密应用
CryptographyUtil.java
package com.andrew.util;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.crypto.hash.Md5Hash;
public class CryptographyUtil {
/**
* base64加密
*
* @param str
* @return
*/
public static String encBase64(String str) {
return Base64.encodeToString(str.getBytes());
}
/**
* base64解密
*
* @param str
* @return
*/
public static String decBase64(String str) {
return Base64.decodeToString(str);
}
/**
* Md5加密
*
* @param str
* @param salt
* @return
*/
public static String md5(String str, String salt) {
return new Md5Hash(str, salt).toString();
}
public static void main(String[] args) {
String password = "123456";
System.out.println("Base64加密:" + CryptographyUtil.encBase64(password));
System.out.println("Base64解密:" + CryptographyUtil.decBase64(CryptographyUtil.encBase64(password)));
System.out.println("Md5加密:" + CryptographyUtil.md5(password, "andrew"));
}
}
运行结果:
Base64加密:MTIzNDU2
Base64解密:123456
Md5加密:fe6bcd14f8e15e83a6b9593c2e8eba60
2. Shiro支持特性
1) Web支持
2) 缓存支持
3) 并发支持
4) 测试支持
5) "RunAs"支持
6) "RememberMe"支持
if (subject.isRemembered()) {
System.out.println("---isRememberMe---");
} else {
token.setRememberMe(true);
}
3. Shiro整合Spring
官方文档:http://shiro.apache.org/spring.html create maven project --> maven-archetype-webapp --> GroupId: com.andrew.shiro Artifact Id: ShiroSpring Package: com.andrew.shiro jdk版本改为1.8
create table t_role (
id int(11) not null auto_increment,
rolename varchar(20) default null,
primary key (id)
) engine=innodb auto_increment=0 default charset=utf8;
insert into t_role(id,roleName) values(1,'admin');
insert into t_role(id,roleName) values(2,'teacher');
create table t_permission (
id int(11) not null auto_increment,
permissionname varchar(50) default null,
roleid int(11) default null,
primary key (id),
constraint t_permission_ibfk_1 foreign key (roleid) references t_role (id)
) engine=innodb auto_increment=0 default charset=utf8;
insert into t_permission(id, permissionName, roleId) values(1,'user:*',1);
insert into t_permission(id, permissionName, roleId) values(2,'student:*',2);
CREATE TABLE t_user (
id int(11) NOT NULL AUTO_INCREMENT,
userName varchar(20) DEFAULT NULL,
password varchar(20) DEFAULT NULL,
roleId int(11) DEFAULT NULL,
PRIMARY KEY (id),
KEY roleId (roleId),
CONSTRAINT t_user_ibfk_1 FOREIGN KEY (roleId) REFERENCES t_role (id)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
insert into t_user(id,userName,password,roleId) values (1,'andrew','123456',1);
insert into t_user(id,userName,password,roleId) values (2,'jack','123',2);
insert into t_user(id,userName,password,roleId) values (3,'marry','234',NULL);
insert into t_user(id,userName,password,roleId) values (4,'json','345',NULL);
CREATE TABLE users (
id int(11) NOT NULL AUTO_INCREMENT,
userName varchar(20) DEFAULT NULL,
password varchar(20) DEFAULT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
insert into users(id,userName,password) values (1,'java1234','123456');
src/main/java/com/andrew/controller/UserController.java
package com.andrew.controller;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import com.andrew.entity.User;
/**
* 用户Controller层
*
* @author Administrator
*/
@Controller
@RequestMapping("/user")
public class UserController {
/**
* 用户登录
*
* @param user
* @param request
* @return
*/
@RequestMapping("/login")
public String login(User user, HttpServletRequest request) {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(user.getUserName(), user.getPassword());
try {
subject.login(token);
Session session = subject.getSession();
System.out.println("sessionId:" + session.getId());
System.out.println("sessionHost:" + session.getHost());
System.out.println("sessionTimeout:" + session.getTimeout());
session.setAttribute("info", "session的数据");
return "redirect:/success.jsp";
} catch (Exception e) {
e.printStackTrace();
request.setAttribute("user", user);
request.setAttribute("errorMsg", "用户名或密码错误!");
return "index";
}
}
}
src/main/java/com/andrew/dao/UserDao.java
package com.andrew.dao;
import java.util.Set;
import com.andrew.entity.User;
public interface UserDao {
/**
* 通过用户名查询用户
*
* @param userName
* @return
*/
public User getByUserName(String userName);
/**
* 通过用户名查询角色信息
*
* @param userName
* @return
*/
public Set getRoles(String userName);
/**
* 通过用户名查询权限信息
*
* @param userName
* @return
*/
public Set getPermissions(String userName);
}
src/main/java/com/andrew/entity/User.java
package com.andrew.entity;
public class User {
private Integer id;
private String userName;
private String password;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
src/main/java/com/andrew/realm/MyRealm.java
package com.andrew.realm;
import javax.annotation.Resource;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import com.andrew.entity.User;
import com.andrew.service.UserService;
public class MyRealm extends AuthorizingRealm {
@Resource
private UserService userService;
/**
* 为当限前登录的用户授予角色和权
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userName = (String) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.setRoles(userService.getRoles(userName));
authorizationInfo.setStringPermissions(userService.getPermissions(userName));
return authorizationInfo;
}
/**
* 验证当前登录的用户
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
User user = userService.getByUserName(userName);
if (user != null) {
AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user.getUserName(), user.getPassword(), "xx");
return authcInfo;
} else {
return null;
}
}
}
src/main/java/com/andrew/service/UserService.java
package com.andrew.service;
import java.util.Set;
import com.andrew.entity.User;
public interface UserService {
/**
* 通过用户名查询用户
*
* @param userName
* @return
*/
public User getByUserName(String userName);
/**
* 通过用户名查询角色信息
*
* @param userName
* @return
*/
public Set getRoles(String userName);
/**
* 通过用户名查询权限信息
*
* @param userName
* @return
*/
public Set getPermissions(String userName);
}
src/main/java/com/andrew/service/impl/UserServiceImpl.java
package com.andrew.service.impl;
import java.util.Set;
import javax.annotation.Resource;
import org.springframework.stereotype.Service;
import com.andrew.dao.UserDao;
import com.andrew.entity.User;
import com.andrew.service.UserService;
@Service("userService")
public class UserServiceImpl implements UserService {
@Resource
private UserDao userDao;
public User getByUserName(String userName) {
return userDao.getByUserName(userName);
}
public Set getRoles(String userName) {
return userDao.getRoles(userName);
}
public Set getPermissions(String userName) {
return userDao.getPermissions(userName);
}
}
src/main/resources/com/andrew/mappers/UserMapper.xml
src/main/resources/applicationContext.xml
/login=anon
/admin*=authc
/student=roles[teacher]
/teacher=perms["user:create"]
src/main/resources/log4j.properties
log4j.rootLogger=DEBUG, Console
#Console
log4j.appender.Console=org.apache.log4j.ConsoleAppender
log4j.appender.Console.layout=org.apache.log4j.PatternLayout
log4j.appender.Console.layout.ConversionPattern=%d [%t] %-5p [%c] - %m%n
log4j.logger.java.sql.ResultSet=INFO
log4j.logger.org.apache=INFO
log4j.logger.java.sql.Connection=DEBUG
log4j.logger.java.sql.Statement=DEBUG
log4j.logger.java.sql.PreparedStatement=DEBUG
src/main/resources/mybatis-config.xml
src/main/resources/spring-mvc.xml
src/main/webapp/WEB-INF/web.xml
ShiroSpring
index.jsp
shiroFilter
org.springframework.web.filter.DelegatingFilterProxy
targetFilterLifecycle
true
shiroFilter
/*
contextConfigLocation
classpath:applicationContext.xml
encodingFilter
org.springframework.web.filter.CharacterEncodingFilter
true
encoding
UTF-8
encodingFilter
/*
org.springframework.web.context.ContextLoaderListener
springMVC
org.springframework.web.servlet.DispatcherServlet
contextConfigLocation
classpath:spring-mvc.xml
1
true
springMVC
*.do
src/main/webapp/index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
Insert title here
src/main/webapp/success.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
Insert title here
${info}
欢迎你!
欢迎有admin角色的用户!
欢迎有student:create权限的用户!
http://localhost:8080/ShiroSpring/index.jsp