1.导入jar包
4.0.0
jxlv
udpf
war
1.0-SNAPSHOT
jiangXi LianWei Unified development platform Maven Webapp
http://maven.apache.org
1.8
UTF-8
4.2.5.RELEASE
3.2.8.RELEASE
1.6.10
1.6.6
3.2.6
1.2.5
junit
junit
4.11
test
org.springframework
spring-core
${spring-version}
org.springframework
spring-test
${spring-version}
org.springframework
spring-context
${spring-version}
org.springframework
spring-tx
${spring-version}
org.springframework
spring-context-support
${spring-version}
org.springframework
spring-jdbc
${spring-version}
org.springframework
spring-aop
${spring-version}
org.springframework
spring-beans
${spring-version}
org.springframework
spring-webmvc
${org.springframework-version}
org.mybatis
mybatis
${mybatis.version}
org.mybatis
mybatis-spring
1.2.2
javax
javaee-api
7.0
mysql
mysql-connector-java
5.1.21
cglib
cglib
3.2.5
com.alibaba
druid
1.0.18
commons-dbcp
commons-dbcp
1.2.2
org.slf4j
slf4j-api
${org.slf4j-version}
commons-lang
commons-lang
2.6
commons-logging
commons-logging
1.1.1
org.hibernate
hibernate-validator
5.2.4.Final
org.slf4j
jcl-over-slf4j
${org.slf4j-version}
runtime
org.slf4j
slf4j-log4j12
${org.slf4j-version}
runtime
log4j
log4j
1.2.17
javax.inject
javax.inject
1
javax.servlet
servlet-api
2.5
provided
javax.servlet.jsp
jsp-api
2.1
provided
javax.servlet
jstl
1.2
com.alibaba
fastjson
1.2.31
org.json
json
20140107
org.aspectj
aspectjweaver
1.8.10
com.github.pagehelper
pagehelper
5.0.1
org.freemarker
freemarker
2.3.26-incubating
org.apache.poi
poi-ooxml
3.9
commons-fileupload
commons-fileupload
1.3.1
commons-io
commons-io
2.4
commons-codec
commons-codec
1.9
org.codehaus.jackson
jackson-mapper-asl
1.9.4
org.apache.shiro
shiro-core
1.4.0
org.apache.shiro
shiro-web
1.4.0
org.apache.shiro
shiro-lang
1.4.0
org.apache.shiro
shiro-cache
1.4.0
org.apache.shiro
shiro-ehcache
1.4.0
org.apache.shiro
shiro-spring
1.4.0
org.apache.shiro
shiro-crypto-hash
1.4.0
org.apache.shiro
shiro-crypto-cipher
1.4.0
org.apache.shiro
shiro-config-core
1.4.0
org.apache.shiro
shiro-config-ogdl
1.4.0
org.apache.shiro
shiro-event
1.4.0
redis.clients
jedis
2.8.0
com.aliyun
aliyun-java-sdk-core
4.1.0
org.apache.maven.plugins
maven-compiler-plugin
2.3.2
${java-version}
${java-version}
UTF-8
${java.home}\jre\lib\rt.jar;${java.home}\jre\lib\jce.jar
UnifiedDevelopmenPlatform
${basedir}/src/main/java
**/*.properties
**/*.xml
${basedir}/src/main/resources
2.配置在web.xml里配置filter
shiroFilter
org.springframework.web.filter.DelegatingFilterProxy
targetFilterLifecycle
true
shiroFilter
/*
这里的
3.创建shiro配置文件spring_shiro.xml
/**=authc
redirect:/nopermission.jsp
3.创建认证,授权令牌
package shiro;
import csd.entity.User;
import csd.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
public class UserRealm extends AuthorizingRealm {
public UserRealm() {
System.out.println("实例化了令牌");
}
public String getName() {
return "UserRealm";
}
@Resource(name = "Iuser")
private UserService userService;
//授权操作
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("授权进行中");
User user = (User)principalCollection.getPrimaryPrincipal();
List permissions = new ArrayList();
if ("10086".equals(user.getUsername())) {
permissions.add("employee:edit");
} else if ("admin".equals(user.getUsername())) {
permissions.add("*:*");
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addStringPermissions(permissions);
return info;
}
//认证操作
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
System.out.println("认证进行中");
String username=(String) authenticationToken.getPrincipal();
//System.out.println("令牌的username为"+username);
User user = userService.login(username);
if (user == null){
return null;
}
AuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), getName());
return info;
}
}
4.需要准备的资源
页面.PNG
资源.PNG
5.controller层的编写
package csd.controller;
import csd.entity.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
@Controller
public class LoginController {
@RequestMapping(value = "/login",method= RequestMethod.GET)
public String login(Model model, HttpServletRequest req, User user)throws Exception{
System.out.println("进入了login方法");
System.out.println("用户名加密码"+user.getUsername()+","+user.getPassword());
//如果认证失败就从reques中获取异常信息,shiroLoginFailure是shiro异常类的权限命名
// String exceptionClassName=(String)req.getAttribute("shiroLoginFailure");
// if(exceptionClassName!=null){
// if(UnknownAccountException.class.getName().equals(exceptionClassName)){
// model.addAttribute("errorMsg","账号不存在");
// System.out.println("账号不存在");
// }else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)){
// model.addAttribute("errorMsg","账号或密码错误");
// System.out.println("账号或密码错误");
// }else {
// model.addAttribute("errorMsg","其他异常信息");
// }
// }
if(user.getUsername()!=null&&user.getPassword()!=null) {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPassword());
try {
//登录,即身份校验,由通过Spring注入的UserRealm会自动校验输入的用户名和密码在数据库中是否有对应的值
subject.login(token);
return "main";
} catch (Exception e) {
e.printStackTrace();
model.addAttribute("errorMsg", "账号或密码错误");
return "forward:/login.jsp";
}
}else {
return "forward:/login.jsp";
}
}
@RequestMapping("/index")
public String index(Model model, HttpServletRequest req)throws Exception{
System.out.println("进入了login方法");
return "forward:/login.jsp";
}
}
package csd.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class MainController {
@RequestMapping("/main")
public String main(){
System.out.println("进入了main");
return "main";
}
}
package csd.controller;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/employee")
public class EmployeeController {
@RequestMapping("/emp")
public String index(){
return "employee";
}
@RequestMapping("/del")
@RequiresPermissions("employee:del")
public String del(){
System.out.println("执行了员工的删除操作");
return "employee";
}
@RequestMapping("/add")
@RequiresPermissions("employee:add")
public String add(){
System.out.println("执行了员工的添加操作");
return "employee";
}
@RequestMapping("/edit")
@RequiresPermissions("employee:edit")
public String edit(){
System.out.println("执行了员工的编辑操作");
return "employee";
}
@RequestMapping("/select")
@RequiresPermissions("employee:select")
public String select(){
System.out.println("执行了员工的查询操作");
return "employee";
}
}
6.页面的准备
(1)login.jsp
<%--
Created by IntelliJ IDEA.
User: 联想
Date: 2019/6/30
Time: 12:38
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
Title
ee${errorMsg}
(2).nopermission.jsp
<%--
Created by IntelliJ IDEA.
User: 联想
Date: 2019/6/30
Time: 12:38
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
Title
没有权限
(3)main.jsp
<%--
Created by IntelliJ IDEA.
User: 联想
Date: 2019/6/30
Time: 12:48
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
Title
欢迎xx访问
注销
重新加载权限
员工列表
部门列表
(4).employee.jsp
<%--
Created by IntelliJ IDEA.
User: 联想
Date: 2019/7/1
Time: 18:14
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
Title