使用SHIRO的步骤:
1,导入jar
2,配置web.xml
3,建立dbRelm
4,在Spring中配置

添加所需jar包:

  1. <!--Apache Shiro所需的jar包-->
  2. <dependency>
  3. <groupId>org.apache.shiro</groupId>
  4. <artifactId>shiro-core</artifactId>
  5. <version>1.2.2</version>
  6. </dependency>
  7. <dependency>
  8. <groupId>org.apache.shiro</groupId>
  9. <artifactId>shiro-web</artifactId>
  10. <version>1.2.2</version>
  11. </dependency>
  12. <dependency>
  13. <groupId>org.apache.shiro</groupId>
  14. <artifactId>shiro-spring</artifactId>
  15. <version>1.2.2</version>
  16. </dependency>
  17. </dependencies>

web.xml中配置shrio的过滤器:

  1. <!-- Shiro配置 -->
  2. <filter>
  3. <filter-name>shiroFilter</filter-name>
  4. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  5. </filter>
  6. <filter-mapping>
  7. <filter-name>shiroFilter</filter-name>
  8. <url-pattern>/*</url-pattern>
  9. </filter-mapping>

权限控制类:

public class ShiroRealm extends AuthorizingRealm {

    private static final Logger log = Logger.getLogger(ShiroRealm.class);

    @Autowired
private SysUsersService userService;
@Autowired
private SysUserRolesService userRoleService;
@Autowired
private SysRolePermissionsService sysRolePermissionsService;
@Autowired
private SysPermissionsService sysPermissionsService; /**
* 为当前登录的Subject授予角色和权限
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { // 获取当前登录的用户名,等价于(String)principals.fromRealm(this.getName()).iterator().next()
String currentUsername = (String) super.getAvailablePrincipal(principals);
List<String> roleList = new ArrayList<String>();
List<String> permissionList = new ArrayList<String>();
// 从数据库中获取当前登录用户的详细信息
// roleList.add("admin"); SysUsers user = userService.getUserByUsername(currentUsername);
if(null != user){
//超级用户直接获取所有权限
if(user.getIsAdministrator()==1){
List<SysPermissions> pList = sysPermissionsService.getAll();
if(pList!=null && pList.size()>0){
for (SysPermissions p: pList) {
permissionList.add(p.getPermissionKey());
}
}
}else {
//获取用户角色列表
List<SysUserRoles> roles = userRoleService.getUserRolesByUserName(currentUsername);
List<Integer> roleIdList = new ArrayList<>();
if (roles != null&&roles.size()>0) {
for (SysUserRoles role : roles) {
System.out.println(role.getRoleKey());
log.debug("授予角色>>>" + role.getRoleKey());
roleList.add(role.getRoleKey());
roleIdList.add(role.getRoleId());
}
}
//获取用户权限列表
List<SysRolePermissions> permissionsList = sysRolePermissionsService.getPermissionsByRoleIds(roleIdList);
if (permissionsList != null && permissionsList.size() > 0) {
for (SysRolePermissions pmss : permissionsList) {
if (!StringUtils.isBlank(pmss.getPermissionKey())) {
log.debug("授予权限>>>>" + pmss.getPermissionKey());
permissionList.add(pmss.getPermissionKey());
}
}
}
} }else {
throw new AuthorizationException();
} // if (null != user) {
// // 实体类User中包含有用户角色的实体类信息
// if (null != user.getRoles() && user.getRoles().size() > 0) {
// // 获取当前登录用户的角色
// for (Role role : user.getRoles()) {
// if (!StringUtils.isBlank(role.getName())) {
// log.debug("授予角色>>>" + role.getName());
// roleList.add(role.getName());
// }
// }
// }
// // 实体类User中包含有角色权限的实体类信息
// if (null != user.getPermissions() && user.getPermissions().size() > 0) {
// for (Permission pmss : user.getPermissions()) {
// if (!StringUtils.isBlank(pmss.getPermission())) {
// log.debug("授予权限>>>>" + pmss.getPermission());
// permissionList.add(pmss.getPermission());
// }
// }
// }
// } else {
// throw new AuthorizationException();
// }
// 为当前用户设置角色和权限
SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
simpleAuthorInfo.addRoles(roleList);
simpleAuthorInfo.addStringPermissions(permissionList); return simpleAuthorInfo;
} /**
* 验证当前登录的Subject
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
// 获取基于用户名和密码的令牌
UsernamePasswordToken token = (UsernamePasswordToken) authcToken; SysUsers user = userService.getUserByUsername(token.getUsername()); AuthenticationInfo authcInfo = null;
if (user == null) {
throw new UnknownAccountException();// 未知账户
}
else if(!user.getPassword().equals(ParseMD5.parseStrToMd5L32(String.valueOf(token.getPassword())))){
throw new UnknownAccountException();// 账户密码错误,与管理员联系
}
else if (user.getStatus() == 0) {
throw new LockedAccountException();// 账户已锁定,与管理员联系
}
else {
authcInfo = new SimpleAuthenticationInfo(user.getUsername(),
token.getPassword(),
getName()); this.setSession("currentUser", user.getUsername());
} return authcInfo;
} /**
* 更新授权信息缓存
*/
public void clearCachedAuthorizationInfo(String principal) {
SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
clearCachedAuthorizationInfo(principals);
} /**
* ShiroSession设置
*
* @see 使用时直接用HttpSession.getAttribute(key)就可以取到
*/
private void setSession(Object key, Object value) {
Subject currentUser = SecurityUtils.getSubject();
if (null != currentUser) {
Session session = currentUser.getSession();
if (null != session) {
session.setAttribute(key, value);
}
}
}
}

在spring的配置文件中配置:新建spring-shrio.xml文件:

  1. <?xml version="1.0" encoding="UTF-8" ?>
  2. <beans xmlns="http://www.springframework.org/schema/beans"
  3. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4. xmlns:aop="http://www.springframework.org/schema/aop"
  5. xmlns:tx="http://www.springframework.org/schema/tx"
  6. xmlns:context="http://www.springframework.org/schema/context"
  7. xsi:schemaLocation="
  8. http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
  9. http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
  10. http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
  11. http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
  12. <!-- 配置权限管理器 -->
  13. <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
  14. <!-- ref对应我们写的realm  MyShiro -->
  15. <property name="realm" ref="myShiro"/>
  16. <!-- 使用下面配置的缓存管理器 -->
  17. <property name="cacheManager" ref="cacheManager"/>
  18. </bean>
  19. <!-- 配置shiro的过滤器工厂类,id- shiroFilter要和我们在web.xml中配置的过滤器一致 -->
  20. <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
  21. <!-- 调用我们配置的权限管理器 -->
  22. <property name="securityManager" ref="securityManager"/>
  23. <!-- 配置我们的登录请求地址 -->
  24. <property name="loginUrl" value="/login"/>    <!--login方法我们自定义一个控制器-->
  25. <!-- 配置我们在登录页登录成功后的跳转地址,如果你访问的是非/login地址,则跳到您访问的地址 -->
  26. <property name="successUrl" value="/main"/>
  27. <!-- 如果您请求的资源不再您的权限范围,则跳转到/unauthorized请求地址 -->
  28. <property name="unauthorizedUrl" value="/unauthorized"/>
  29. <!-- 权限配置 -->
  30. <property name="filterChainDefinitions">
  31. <value>
  32. <!-- anon表示此地址不需要任何权限即可访问 -->
  33. /static/**=anon
  34. <!-- perms[user:query]表示访问此连接需要权限为user:query的用户 -->
  35. /user=perms[user:query]
  36. <!-- roles[manager]表示访问此连接需要用户的角色为manager -->
  37. /user/add=roles[manager]
  38. /user/del/**=roles[admin]
  39. /user/edit/**=roles[manager]
  40. <!--所有的请求(除去配置的静态资源请求或请求地址为anon的请求)都要通过登录验证,如果未登录则跳到/login-->
  41. /** = authc
  42. </value>
  43. </property>
  44. </bean>
  45. <bean id="myShiro" class="ShrioRealm"/><!--权限控制类的全类名-->
  46. <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager" />
  47. <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
  48. </beans>

对于登录,未授权,错误的请求url写上请求控制处理方法:

package net.lcheng.manage.controller;

import net.lcheng.commons.utils.ParseMD5;
import net.lcheng.manage.utils.ControllerUtils;
import net.lcheng.manage.vo.PasswordModel;
import net.lcheng.model.SysUsers;
import net.lcheng.service.SysPermissionsService;
import net.lcheng.service.SysUsersService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import javax.validation.Valid; @Controller
public class HomeController { @Autowired
private SysUsersService usersService;
@Autowired
private SysPermissionsService permissionsService; @RequestMapping("/main")
// @RequiresRoles("admin")
// @RequiresPermissions("user:create")
public String main(Model model) throws Exception {
ControllerUtils.common(model,permissionsService,"");
return "main";
} /**权限不足错误页面*/
@RequestMapping("/unauthorized")
public String unauthorized(Model model){
Subject currentUser = SecurityUtils.getSubject();//获取当前用户
if(currentUser.isAuthenticated()) {
model.addAttribute("userName",currentUser.getPrincipals());
}
return "unauthorized";
} /**错误页面*/
@RequestMapping("/error")
public String error(Model model){
Subject currentUser = SecurityUtils.getSubject();//获取当前用户
if(currentUser.isAuthenticated()) {
model.addAttribute("userName",currentUser.getPrincipals());
}
return "error";
} @RequestMapping(value = "/change_pwd",method = RequestMethod.GET)
public String changePwd(Model model){
model.addAttribute("PasswordModel",new PasswordModel());
ControllerUtils.common(model,permissionsService,""); return "change_pwd";
}
@RequestMapping(value = "/change_pwd",method = RequestMethod.POST)
public String changePwdPost(Model model,@Valid @ModelAttribute("PasswordModel") PasswordModel user, BindingResult result){
Subject currentUser = SecurityUtils.getSubject();//获取当前用户
ControllerUtils.common(model,permissionsService,""); if (result.hasErrors()) {
return "change_pwd";
} SysUsers sysUser = usersService.getUserByUsername(currentUser.getPrincipals().toString());
if(sysUser!=null) {
if(!sysUser.getPassword().equals(ParseMD5.parseStrToMd5L32(user.getOldPwd()))){
model.addAttribute("error", "原密码错误");
return "change_pwd";
}
if(!user.getNewPwd().equals(user.getRePwd())){
model.addAttribute("error", "二次密码不一致");
return "change_pwd";
} if(ParseMD5.parseStrToMd5L32(user.getNewPwd()).equals(ParseMD5.parseStrToMd5L32(user.getOldPwd()))){
model.addAttribute("error", "新密码和原密码一样");
return "change_pwd";
} usersService.changePassword(sysUser.getId(), ParseMD5.parseStrToMd5L32(user.getNewPwd()));
model.addAttribute("error", "密码修改成功,请使用新密码重新登录!");
}else{
model.addAttribute("error", "用户不存在");
} return "change_pwd";
} }
package net.lcheng.manage.controller;

import net.lcheng.commons.utils.ParseMD5;
import net.lcheng.manage.vo.LoginEntity;
import net.lcheng.model.SysUsers;
import net.lcheng.service.SysUsersService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import javax.validation.Valid; /**
* Created by qiliping on 15/12/1.
* 登录Controller
*/
@Controller
public class LoginController {
@Autowired
private SysUsersService sysUsersService; /**
* 登录GET
*/
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String Index(Model model) {
if (!model.containsAttribute("LoginEntity")) {
model.addAttribute("LoginEntity", new LoginEntity());
}
return "login";
} /***
* 用户登陆
* <p>注解配置,只允许POST提交到该方法
*
* @param username
* @param password
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(Model model, @Valid @ModelAttribute("LoginEntity") LoginEntity user, BindingResult result) {
if (result.hasErrors()) {
return "login";
}
SysUsers userModel = sysUsersService.getUserByUsername(user.getUsername()); if (userModel != null) {
String inputPwd = ParseMD5.parseStrToMd5L32(user.getPassword());
if (!userModel.getPassword().equals(inputPwd)) {
model.addAttribute("error", "登录密码错误");
return "login";
}
if (userModel.getStatus() != 1) {
model.addAttribute("error", "无效的用户");
return "login";
}
//登录成功
SecurityUtils.getSubject().login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));
return "redirect:/main";
} else {
model.addAttribute("error", "用户不存在");
return "login";
} } /***
* 退出
* @param model
* @return
*/
@RequestMapping(value = "logout")
public String logout(Model model) { SecurityUtils.getSubject().logout(); return "redirect:/login"; } /***
* 验证参数是否为空
*
* @param params
* @return
*/
private boolean checkParams(String[] params) {
for (String param : params) {
if (param == "" || param == null || param.isEmpty()) {
return false;
}
}
return true;
}
}

SpringMVC集成shrio框架的更多相关文章

  1. SpringMVC集成缓存框架Ehcache

    在互联网应用中,应用并发比传统企业及应用会高出很多.解决并发的根本在于系统的响应时间与单位时间的吞吐量.思路可分为:一减少系统的不必要开支(如缓存),二是提高系统单位时间内的运算效率(如集群). 在硬 ...

  2. SpringMVC整合Tiles框架

    SpringMVC整合Tiles框架 Tiles组件 tiles-iconfig.xml Tiles是一个JSP布局框架. Tiles框架为创建Web页面提供了一种模板机制,它能将网页的布局和内容分离 ...

  3. SpringMVC集成springfox-swagger2自动生成接口文档

    本节内容: 什么是Swaggger Springfox与Swagger的关系 SpringMVC集成springfox-swagger2 一.什么是Swaggger Swagger是一个流行的API开 ...

  4. MP实战系列(十)之SpringMVC集成SpringFox+Swagger2

    该示例基于之前的实战系列,如果公司框架是使用JDK7以上及其Spring+MyBatis+SpringMVC/Spring+MyBatis Plus+SpringMVC可直接参考该实例. 不过建议最好 ...

  5. Spring学习之旅(六)--SpringMVC集成

    对大多数 Java 开发来说,基于 web 的应用程序是我们主要的关注点. Spring 也提供了对于 web 的支持,基于 MVC 模式的 Spring MVC 能够帮助我们灵活和松耦合的完成 we ...

  6. Spring Boot集成Shrio实现权限管理

    Spring Boot集成Shrio实现权限管理   项目地址:https://gitee.com/dsxiecn/spring-boot-shiro.git   Apache Shiro是一个强大且 ...

  7. 手把手Maven搭建SpringMVC+Spring+MyBatis框架(超级详细版)

    手把手Maven搭建SpringMVC+Spring+MyBatis框架(超级详细版) SSM(Spring+SpringMVC+Mybatis),目前较为主流的企业级架构方案.标准的MVC设计模式, ...

  8. EhCache WebCache 与 SpringMVC集成时 CacheManager冲突的问题

    转自:点击打开链接 http://www.cnblogs.com/daxin/p/3560989.html EhCache WebCache 与 SpringMVC集成时 CacheManager冲突 ...

  9. Springmvc整合tiles框架简单入门示例(maven)

    Springmvc整合tiles框架简单入门示例(maven) 本教程基于Springmvc,spring mvc和maven怎么弄就不具体说了,这边就只简单说tiles框架的整合. 先贴上源码(免积 ...

随机推荐

  1. php学习笔记——基础知识(1)

    1.PHP 脚本在服务器上执行,然后向浏览器发送回纯 HTML 结果. 2.基础 PHP 语法 1)PHP 脚本可放置于文档中的任何位置. 2)PHP 脚本以 <?php 开头,以 ?> ...

  2. BFS - leetcode [宽度优先遍历]

    127. Word Ladder int size = q.size(); for(int k = 0; k < size; k++){//for 次数 找到一个erase一个 q里面加入的是所 ...

  3. how many different bst given n nodes?

    Reference: http://stackoverflow.com/questions/3042412/with-n-no-of-nodes-how-many-different-binary-a ...

  4. edgerouter bonding

    configure set interfaces bonding bond0 mode 802.3ad set interfaces ethernet eth1 bond-group bond0 se ...

  5. maven package:Max maven Unsupported major.minor version 51.0

    编译maven项目时报错:Max maven Unsupported major.minor version 51.0 major.minor version 51.0 对应的是JDK1.7 majo ...

  6. @Autowired与 @Resource

    @Autowired, @Resource 1.注解类型: Autowired可用于构造器.属性.方法.注解 @Target({ElementType.CONSTRUCTOR, ElementType ...

  7. lucene 索引删除

    1.IndexWriter和IndexReader都有删除索引的方法:deleteDocuments(); 不建议使用IndexReader删除索引:使用IndexReader进行删除时,必须关闭所有 ...

  8. 使用SQL Server视图的优缺点

    SQL Server视图我们经常会用的到,下面就为您介绍使用SQL Server视图的优缺点,希望可以对您SQL Server视图有更多的了解. 在程序设计的时候必须先了解视图的优缺点,这样可以扬长避 ...

  9. MySQL的保留关键字,使用时尽量避免

    今天用phpmyadmin时,注意到一个提示: 列名 'update' 是一个MySQL 保留关键字. 突然意识到还是应该尽量避免这些保留关键字,也百度了一下.找到了这些关键字,列出来下 使用mysq ...

  10. Nis+Nfs+Autofs

    Nis: NIS服务的应用结构中分为NIS服务器和NIS客户机两种角色 NIS服务器集中维护用户的帐号信息(数据库)供NIS客户机进行查询 用户登录任何一台NIS客户机都会从NIS服务器进行登录认证, ...