前言:最近在看一些shiro 的东西,看的也不是很明白,关于shiro 的研究这里就不详解了,这里只说下shiro 在web 开发中的集成(注: 这里引用的是别人的博文)
1:首先创建maven 项目
2:配置pom.xml 添加框架依赖包
4.0.0
com.pro.shiro.cas
shiroCas
war
0.0.1-SNAPSHOT
shiroCas Maven Webapp
http://maven.apache.org
UTF-8
zh_CN
1.7
${basedir}/src/test/resources/generatorConfig.xml
file:///${basedir}/src/test/resources/generatorConfig.properties
1.3.1
3.1
2.18.1
true
4.11
4.0.2.RELEASE
3.2.2
1.2.2
5.1.30
9.1-901.jdbc4
1.6.6
1.2.12
4.1.2
1.9.13
0.9.1.2
1.0.5
7.0.53
1.2
1.0
3.1
1.2.3
1.3.1
1.9
3.3
1.6.12
4.0.18.Final
5.1.1.Final
junit
junit
${junit.version}
org.springframework
spring-core
${spring.version}
org.springframework
spring-web
${spring.version}
org.springframework
spring-oxm
${spring.version}
org.springframework
spring-tx
${spring.version}
org.springframework
spring-jdbc
${spring.version}
org.springframework
spring-webmvc
${spring.version}
org.springframework
spring-aop
${spring.version}
org.springframework
spring-context-support
${spring.version}
org.springframework
spring-test
${spring.version}
org.mybatis
mybatis
${mybatis.version}
org.mybatis
mybatis-spring
${mybatis.spring.version}
mysql
mysql-connector-java
${mysql.connector.version}
com.alibaba
druid
${druid.version}
org.codehaus.jackson
jackson-mapper-asl
${jackson.version}
log4j
log4j
${log4j.version}
org.slf4j
slf4j-api
${slf4j.version}
org.slf4j
slf4j-log4j12
${slf4j.version}
javax.servlet
javax.servlet-api
3.0.1
provided
javax.servlet
jstl
${jstl.version}
commons-fileupload
commons-fileupload
${commons.fileupload.version}
org.apache.httpcomponents
httpclient
${httpclient.version}
commons-codec
commons-codec
${commons.codec.version}
commons-net
commons-net
${commons.net.version}
commons-logging
commons-logging
1.1.3
commons-collections
commons-collections
3.2.1
com.google.collections
google-collections
${google.collections.version}
cglib
cglib-nodep
${cglib.version}
org.apache.shiro
shiro-spring
${shiro.version}
org.apache.shiro
shiro-ehcache
${shiro.version}
org.apache.shiro
shiro-core
${shiro.version}
org.apache.shiro
shiro-web
${shiro.version}
org.apache.shiro
shiro-quartz
${shiro.version}
org.aspectj
aspectjweaver
${aspectj.version}
org.aspectj
aspectjrt
${aspectj.version}
org.hibernate
hibernate-validator
${hibernate.validator.version}
springShiroCas
3:配置web.xml
contextConfigLocation
classpath*:spring-*.xml
org.springframework.web.context.ContextLoaderListener
encodingFilter
org.springframework.web.filter.CharacterEncodingFilter
encoding
UTF-8
forceEncoding
true
encodingFilter
/*
shiroFilter
org.springframework.web.filter.DelegatingFilterProxy
true
targetFilterLifecycle
true
shiroFilter
/*
log4jConfigLocation
classpath:log4j.properties
log4jRefreshInterval
60000
org.springframework.web.util.Log4jConfigListener
dispatcher
org.springframework.web.servlet.DispatcherServlet
contextConfigLocation
classpath*:spring-mvc.xml
1
dispatcher
/rest/*
rest/index
404
/rest/page/404
500
/rest/page/500
org.apache.shiro.authz.AuthorizationException
/rest/page/401
4、spring配置 spring-mybatis.xml:
classpath*:jdbc.properties
true
false
true
true
true
true
FULL
BATCH
25000
5: 数据库配置文件 jdbc.properties
##JDBC Global Setting
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/quick4j?useUnicode=true&characterEncoding=utf-8
jdbc.username=root
jdbc.password=admin123
##DataSource Global Setting
#配置初始化大小、最小、最大
ds.initialSize=1
ds.minIdle=1
ds.maxActive=20
#配置获取连接等待超时的时间
ds.maxWait=60000
#配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒
ds.timeBetweenEvictionRunsMillis=60000
#配置一个连接在池中最小生存的时间,单位是毫秒
ds.minEvictableIdleTimeMillis=300000
6:缓存配置文件 ehcache.xml
7: ehcache-shiro.xml
8: Shiro 配置 : spring-shiro.xml要配置realms bean
apache shiro配置
/app/** = anon
/assets/** = anon
/rest/user/login = anon
/rest/user/admin = authc ,roles[admin] ,perms[user:create]
9:Spring MVC 配置
classpath:messages
classpath:org/hibernate/validator/ValidationMessages
text/plain;charset=UTF-8
application/json;charset=UTF-8
10:log4j.properties
# DEBUG,INFO,WARN,ERROR,FATAL
LOG_LEVEL=INFO
log4j.rootLogger=${LOG_LEVEL},CONSOLE,FILE
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
log4j.appender.CONSOLE.Encoding=utf-8
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
#log4j.appender.CONSOLE.layout.ConversionPattern=[%-5p] %d{yyyy-MM-dd HH:mm:ss} %C{8}@(%F:%L):%m%n
log4j.appender.CONSOLE.layout.ConversionPattern=[%-5p] %d{yyyy-MM-dd HH:mm:ss} %C{1}@(%F:%L):%m%n
log4j.appender.FILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.FILE.File=${catalina.base}/logs/quick4j.log
log4j.appender.FILE.Encoding=utf-8
log4j.appender.FILE.DatePattern='.'yyyy-MM-dd
log4j.appender.FILE.layout=org.apache.log4j.PatternLayout
#log4j.appender.FILE.layout=org.apache.log4j.HTMLLayout
log4j.appender.FILE.layout.ConversionPattern=[%-5p] %d{yyyy-MM-dd HH\:mm\:ss} %C{8}@(%F\:%L)\:%m%n
11: sql 文件在项目中
12:shiro 理解
1: 使用shiro 在访问资源的时候, 首先会通过shiro 进行过滤,具体过滤条件
/app/** = anon
/assets/** = anon
/rest/user/login = anon
/rest/user/admin = authc ,roles[admin] ,perms[user:create]
2:用户在进行登录的时候会进行身份的验证, 具体见UserController.java
附:shiroCas 下载