SSM框架实现权限管理
实现权限管理的步骤:
springSecurity
1.认证 判断用户名和密码是否正确
2.授权 一个用户是否有权利执行某些操作
1.导jar包
2.web.xml 添加过滤器
3.写springsecurity.xml 核心配置文件
4.web.xml 里面加载springSecurity.xml
5.userService extend UserDetailsService
Role
6改写页面
一、pom.xml文件
4.0.0
com.zhongruan
ssyhan
pom
1.0-SNAPSHOT
ssm_bean
ssm_dao
ssm_service
ssm_web
UTF-8
1.8
1.8
5.0.2.RELEASE
5.0.1.RELEASE
3.2.6
1.7.7
1.2.17
0.9.5.2
1.1.2
org.springframework
spring-core
${spring.version}
org.springframework
spring-web
${spring.version}
org.springframework
spring-oxm
${spring.version}
org.springframework
spring-tx
${spring.version}
org.springframework
spring-jdbc
${spring.version}
org.springframework
spring-webmvc
${spring.version}
org.springframework
spring-aop
${spring.version}
org.springframework
spring-context-support
${spring.version}
org.springframework
spring-test
${spring.version}
org.mybatis
mybatis
${mybatis.version}
org.mybatis
mybatis-spring
1.2.2
javax
javaee-api
7.0
mysql
mysql-connector-java
5.1.30
commons-dbcp
commons-dbcp
1.2.2
jstl
jstl
1.2
log4j
log4j
${log4j.version}
com.mchange
c3p0
${c3p0.version}
taglibs
standard
${taglibs.version}
org.slf4j
slf4j-api
${slf4j.version}
org.slf4j
slf4j-log4j12
${slf4j.version}
javax.servlet
javax.servlet-api
3.1.0
provided
javax.servlet.jsp
javax.servlet.jsp-api
2.3.1
provided
com.github.pagehelper
pagehelper
5.1.2
org.springframework.security
spring-security-web
${spring.security.version}
org.springframework.security
spring-security-config
${spring.security.version}
org.springframework.security
spring-security-core
${spring.security.version}
org.springframework.security
spring-security-taglibs
${spring.security.version}
二、web.xml
contextConfigLocation
classpath*:applicationContext.xml,classpath*:spring-security.xml
org.springframework.web.context.ContextLoaderListener
org.springframework.web.context.request.RequestContextListener
characterEncodingFilter
org.springframework.web.filter.CharacterEncodingFilter
encoding
UTF-8
characterEncodingFilter
/*
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
dispatcherServlet
org.springframework.web.servlet.DispatcherServlet
contextConfigLocation
classpath:spring-mvc.xml
1
dispatcherServlet
*.do
三、spring-security配置文件
四、applicationContext.xml配置文件
mysql
true
五、db.properties配置文件
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/idea?useSSL=true&characterEncoding=utf-8
jdbc.username=root
jdbc.password=123
六、spring-mvc配置文件
七、log4j配置文件
# Global logging configuration
log4j.rootLogger=DEBUG, stdout
# Console output...
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%t] - %m%n
八、UserService
package com.zhongruan.service.impl;
import com.github.pagehelper.PageHelper;
import com.zhongruan.bean.UserInfo;
import com.zhongruan.bean.Role;
import com.zhongruan.dao.IRoleDao;
import com.zhongruan.dao.IUserDao;
import com.zhongruan.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import javax.xml.ws.ServiceMode;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@ServiceMode
public class UserService implements IUserService {
@Autowired
private IUserDao userDao;
@Autowired
private IRoleDao roleDao;
@Override
public List findAll(int page, int size) {
PageHelper.startPage(page,size);
return userDao.findAll();
}
@Override
public Boolean doLogin(UserInfo userInfo)
{
UserInfo userInfo1 = userDao.doLogin(userInfo);
if(null!=userInfo1)
{
return true;
}else
{
return false;
}
}
@Override
public void save(UserInfo userInfo) {
userDao.save(userInfo);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserInfo userInfo = userDao.findByUserName(username);
List roles = roleDao.findRoleByUserId(userInfo.getId());
userInfo.setRoles(roles);
User user = new User(userInfo.getUsername(),"{noop}"+userInfo.getPassword(),getAuthority(roles));
return user;
}
private Collection getAuthority(List roles)
{
List list=new ArrayList<>();
for(Role role: roles)
{
list.add(new SimpleGrantedAuthority("ROLE_"+role.getRoleName()));
}
return list;
}
}
九、jsp文件
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8" isELIgnored="false"%>
<%@taglib prefix="security" uri="http://www.springframework.org/security/tags"%>