SSM项目与Shiro项目的整合(单体式项目)
1.项目的包结构:
2.jar包,配置文件及工具类
2.1pom.xml的配置
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.</modelVersion> <groupId>com.zy</groupId>
<artifactId>ssm-shiro</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging> <name>ssm-shiro Maven Webapp</name>
<!-- FIXME change it to the project's website -->
<url>http://www.example.com</url> <properties>
<project.build.sourceEncoding>UTF-</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
<shiro.version>1.2.</shiro.version>
<commons-logging.version>1.2</commons-logging.version>
<!--spring家族版本号-->
<spring.version>4.2..RELEASE</spring.version>
<!--aop版本-->
<org.aspectj.version>1.6.</org.aspectj.version>
<aopalliance.version>1.0</aopalliance.version>
<!--数据源,mybatis,分页相关配置-->
<druid.version>1.0.</druid.version>
<mybatis.version>3.2.</mybatis.version>
<mybatis.spring.version>1.3.</mybatis.spring.version>
<pageHelper.version>5.1.</pageHelper.version>
<mybatis-paginator.version>1.2.</mybatis-paginator.version>
<mysql.version>5.1.</mysql.version>
<!--jsp-->
<jstl.version>1.2</jstl.version>
<servlet.api>2.5</servlet.api>
<jsp.api.version>2.0</jsp.api.version>
<!--动态代理-->
<cglib.version>.1_3</cglib.version>
<!--日志-->
<org.slf4j.version>1.6.</org.slf4j.version>
<!--配置junit-->
<junit.version>4.11</junit.version>
<!--配置jackson的包-->
<jackson.version>2.4.</jackson.version>
</properties> <dependencies>
<!--配置jackson的包-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
</dependency>
<!--配置shiro的依赖-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-quartz</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons-logging.version}</version>
</dependency>
<!--配置spring核心包-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
<version>${spring.version}</version>
</dependency>
<!--配置springMVC-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<!--配置aop-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>${org.aspectj.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>${org.aspectj.version}</version>
</dependency>
<dependency>
<groupId>aopalliance</groupId>
<artifactId>aopalliance</artifactId>
<version>${aopalliance.version}</version>
</dependency>
<!--配置数据源,连接池,Mybatis,分页插件-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>${druid.version}</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>${mybatis.spring.version}</version>
</dependency>
<dependency>
<groupId>com.github.pagehelper</groupId>
<artifactId>pagehelper</artifactId>
<version>${pageHelper.version}</version>
</dependency>
<dependency>
<groupId>com.github.miemiedev</groupId>
<artifactId>mybatis-paginator</artifactId>
<version>${mybatis-paginator.version}</version>
</dependency>
<!--jsp相关-->
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>${jstl.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>${servlet.api}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>${jsp.api.version}</version>
<scope>provided</scope>
</dependency>
<!--动态代理-->
<dependency>
<groupId>cglib</groupId>
<artifactId>cglib</artifactId>
<version>${cglib.version}</version>
</dependency>
<!--配置日志-->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${org.slf4j.version}</version>
</dependency>
</dependencies> <build>
<finalName>ssm-shiro</finalName>
<!--配置静态资源不发布-->
<resources>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.xml</include>
<include>**/*.properties</include>
</includes>
</resource>
</resources>
<!--配置tomcat-->
<plugins>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<configuration>
<path>/</path>
<port></port>
</configuration>
</plugin>
</plugins> </build>
</project>
2.2配置springmvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd"> <!--开启自动扫包:注意这里只扫描controller层的包,防止重复扫描-->
<context:component-scan base-package="com.zy.controller"/> <!--开启注解驱动:用来替换处理器适配器和处理器映射器-->
<mvc:annotation-driven/> <!--视图解析器:配置返回的前缀及后缀-->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/"/>
<property name="suffix" value=".jsp"/>
</bean> <!--拦截静态资源并放行-->
<mvc:default-servlet-handler />
<!--此处的mapping指代前台引用的地址,location指代资源实际地址-->
<mvc:resources mapping="/js/**" location="/WEB-INF/js/"></mvc:resources>
<mvc:resources mapping="/css/**" location="/WEB-INF/css/"></mvc:resources>
<mvc:resources mapping="/fonts/**" location="/WEB-INF/fonts/"></mvc:resources>
<mvc:resources mapping="/images/**" location="/WEB-INF/images/"></mvc:resources>
<mvc:resources mapping="/layui/**" location="/WEB-INF/layui/"></mvc:resources> <!--开启aop注解支持-->
<aop:config proxy-target-class="true"/> <!--开启全局异常处理-->
<bean class="com.zy.common.MyExceptionHandler"/> </beans>
2.3配置spring相关内容
2.3.1配置applicationContext-dao.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mybatis-spring="http://mybatis.org/schema/mybatis-spring"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://mybatis.org/schema/mybatis-spring http://mybatis.org/schema/mybatis-spring.xsd"> <!--.配置自动扫描:注意这里只扫描dao层和service层的包,不扫描controller,防止与springmvc重复扫描-->
<context:component-scan base-package="com.zy.mapper"/>
<!--.读取配置文件-->
<context:property-placeholder location="classpath:db.properties"/>
<!--.配置数据库连接的基本情况-->
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
<!--.1数据库连接的基本属性的设置-->
<property name="url" value="${jdbc.url}"/>
<property name="username" value="${jdbc.username}"/>
<property name="password" value="${jdbc.password}"/>
<property name="driverClassName" value="${jdbc.driver}"/>
<!--.2配置最大最小值以及初始化的值-->
<property name="initialSize" value=""/>
<property name="minIdle" value=""/>
<property name="maxActive" value=""/>
</bean>
<!--.配置dao层,整合Mybatis-->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource"/>
<!--配置Mybatis的全局配置文件-->
<property name="configLocation" value="classpath:mybatis/sqlMappingConfig.xml"/>
<!--mapperLocations: 指定mapper文件的位置-->
<property name="mapperLocations" value="classpath:mybatis/mapper/*.xml"/>
</bean>
<!--.1也可以扫描与mapper层同级目录的文件配置
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.zy.mapper"/>
</bean>
-->
<!-- 扫描所有的mapper接口的实现,让这些mapper能够自动注入;
base-package:指定mapper接口的包名
-->
<mybatis-spring:scan base-package="com.zy.mapper"/>
</beans>
2.3.2配置applicationContext-service.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> <context:component-scan base-package="com.zy.service"/> </beans>
2.3.3配置applicationContext-tx.xml(事务)
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd"> <!--.添加事务-->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"/>
</bean>
<!--.基于XML的事务-->
<tx:advice transaction-manager="transactionManager" id="transactionInterceptor">
<tx:attributes>
<tx:method name="save*" propagation="REQUIRED"/>
<tx:method name="add*" propagation="REQUIRED"/>
<tx:method name="modify*" propagation="REQUIRED"/>
<tx:method name="update*" propagation="REQUIRED"/>
<tx:method name="delete*" propagation="REQUIRED"/>
<tx:method name="query*" propagation="SUPPORTS"/>
<tx:method name="get*" propagation="SUPPORTS"/>
<tx:method name="find*" propagation="SUPPORTS"/>
<tx:method name="select*" propagation="SUPPORTS"/>
</tx:attributes>
</tx:advice>
<!--配置切入点-->
<aop:config>
<aop:pointcut id="serviceAdvice" expression="execution(* com.zy.service..* .*(..))"></aop:pointcut>
<!--将事务织入切入对象中-->
<aop:advisor advice-ref="transactionInterceptor" pointcut-ref="serviceAdvice"/>
</aop:config>
</beans>
2.3.4配置applicationContext-shiro.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> <!--申明缓存管理器-->
<!--本地缓存,不推荐-->
<!--<bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager"/>-->
<!-- 缓存管理器使用Ehcache实现 -->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:ehcache.xml" />
</bean> <!--密码凭证管理器-->
<bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="md5"/>
<!--次数-->
<property name="hashIterations" value=""/>
</bean> <!--================================配置自定义的realm====================================-->
<bean id="tbUserRealm" class="com.zy.shiro.TbUserRealm">
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<!--配置缓存时,改为true-->
<property name="cachingEnabled" value="true"/>
</bean> <!--记住我的cookie-->
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="rememberMe"/>
<!--设置cookie有效期-->
<property name="maxAge" value=""/>
</bean>
<!--记住我管理器-->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<property name="cookie" ref="rememberMeCookie"/>
</bean>
<!--安全管理器-->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="tbUserRealm"/>
<!--注入记住我-->
<property name="rememberMeManager" ref="rememberMeManager"/>
<!--缓存管理器-->
<property name="cacheManager" ref="cacheManager"/>
</bean> <!--=====================开启切面支持,spring拦截支持=====================-->
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!--调用securityManagerUtils.setSecurityManager-->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<!--==============================shiro的web过滤器====================================-->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login/login"/>
<property name="successUrl" value="/login/loginCheck"/>
<property name="filterChainDefinitions">
<value>
<!--
anon:匿名使用,用户不登录也可以访问,如 /item/** = anon
authc:认证后才能使用 /order/** = authc
roles:需要特定角色才能访问 /admin/** = roles["admin,test"]
perms:需要特定权限才能访问 /admin/user/** = perms["user:add,user:delete"]
user:必须存在用户,登录而不限制检查 /** = user rest: restFul风格 /adimn/** = rest[user]
port: 限制访问端口 /admin/** = port[8088]
authcBasic: 限制协议请求是https
ssl: 安全的url请求,请求协议是http
-->
<!--切记此处路径名与前台传.递的路径名是一致的,除了在此处配置以外,还需要在spring.xml中进行配置-->
/css/** = anon<!--设置静态资源文件为游客可访问-->
/js/** = anon<!--设置静态资源文件为游客可访问-->
/fonts/** = anon<!--设置静态资源文件为游客可访问-->
/images/** = anon<!--设置静态资源文件为游客可访问-->
/layui/** = anon<!--设置静态资源文件为游客可访问-->
<!--配置用户退出
不用我们去实现退出,只要去访问一个退出的url(该 url是可以不存在),由LogoutFilter拦截住,清除session。
在applicationContext-shiro.xml配置LogoutFilter
-->
/login/logout = logout
<!--不拦截-->
/login/** = anon
/** = user
</value>
</property>
</bean> <!--生命周期的配置-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
</beans>
2.4配置mybatis相关内容
2.4.1配置sqlMappingConfig.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE configuration
PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<!--设置全局配置环境-->
<settings>
<!--开启全局缓存-->
<setting name="cacheEnabled" value="true"/>
<!--开启懒加载-->
<setting name="lazyLoadingEnabled" value="true"/>
<!--关闭延迟加载-->
<setting name="aggressiveLazyLoading" value="false"/>
</settings>
<!--配置分页插件pageHelper的拦截器:.0版本之后的配置-->
<plugins>
<plugin interceptor="com.github.pagehelper.PageInterceptor"></plugin>
</plugins>
</configuration>
2.4.2配置其他***Mappper.xml文件(以TbUserMapper.xml为例)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.zy.mapper.TbUserMapper"> <!--封装结果集-->
<resultMap id="tbUserResultMap" type="com.zy.model.TbUser">
<id column="id" property="id" jdbcType="INTEGER"/>
<result column="username" property="username" jdbcType="VARCHAR"/>
<result column="password" property="password" jdbcType="VARCHAR"/>
<result column="salt" property="salt" jdbcType="VARCHAR"/>
<result column="status" property="status" jdbcType="VARCHAR"/>
</resultMap> <!--
根据用户名查询用户信息
TbUser getTbUserByUserName(String username);
-->
<select id="getTbUserByUserName" resultMap="tbUserResultMap">
select id,username,password,salt,status
from tb_user
where username = #{username}
</select> <!--
// 注册用户
int addTbUser(TbUser tbUser);
-->
<insert id="addTbUser">
<selectKey keyProperty="id" order="AFTER" resultType="int">
select last_insert_id()
</selectKey>
insert into tb_user values(null,#{username},#{password},#{salt},#{status})
</insert> <!--
// 查询所有用户信息
List<TbUser> getAllUser();
-->
<select id="getAllUser" resultMap="tbUserResultMap">
select id,username,password,salt,status
from tb_user
</select> <!--
// 删除用户信息及其关联角色信息,还需要去关联表中删除该信息
void deleteUser(Integer id);
-->
<delete id="deleteUser">
delete from tb_user where id = #{id}
</delete>
<delete id="deleteUserRole">
delete from tb_user_role where user_id = #{id}
</delete> </mapper>
2.5配置db.properties
####配置mysql的连接
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/shiro
jdbc.username=root
jdbc.password= ####配置oracle的连接
orcl.driver=oracle.jdbc.OracleDriver
orcl.url=jdbc:oracle:thin:@localhost::orcl
orcl.username=tom
orcl.password=
2.6配置ehcache.xml
<?xml version="1.1" encoding="UTF-8"?>
<ehcache updateCheck="false" name="shirocache"> <diskStore path="D:\develop\ehcache" />
<defaultCache
maxElementsInMemory=""
maxElementsOnDisk=""
eternal="false"
overflowToDisk="false"
diskPersistent="false"
timeToIdleSeconds=""
timeToLiveSeconds=""
diskExpiryThreadIntervalSeconds=""
memoryStoreEvictionPolicy="LRU">
</defaultCache>
</ehcache>
2.7配置log4j.properties
### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{}:%L - %m%n ### direct messages to file log ###
log4j.appender.file=org.apache.log4j.FileAppender
log4j.appender.file.File=/scheduler.log
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{}:%L - %m%n ### set log levels - for more verbose logging change 'info' to 'debug' ### log4j.rootLogger=debug,stdout,file
2.8mapper层,以TbUserMapper为例
package com.zy.mapper; import com.zy.model.TbUser;
import org.springframework.stereotype.Repository; /**
* 用户信息的Mapper
*/
import java.util.List; /**
* Created by Administrator on 2018/7/3.
*
* 用户登录的mapper
*/
@Repository
public interface TbUserMapper { // 根据用户名查询用户信息
TbUser getTbUserByUserName(String username); // 注册用户
int addTbUser(TbUser tbUser); // 查询所有用户信息
List<TbUser> getAllUser(); // 删除用户信息及其关联角色信息
void deleteUser(Integer id);
void deleteUserRole(Integer id); }
2.9service层(以TbUserServiceI和TbUserServiceImpl为例)
package com.zy.service; import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.util.PageUtils; import java.util.List;
import java.util.Map; /**
* Created by Administrator on 2018/7/3.
*/
public interface TbUserServiceI { // 登录验证:根据用户名查询用户信息
TbUser getTbUserByUserName(String username); // 授权验证第一步:根据用户id查询用户角色
List<TbRole> getTbRoleByUserId(Integer id); // 授权验证:根据用户id查询用户权限信息
List<TbPermission> getTbPermissionByUserId(Integer userId); // 查询菜单信息
Map<TbPermission, List<TbPermission>> getMenuByUserId(Integer userId); // 注册用户
int addTbUser(TbUser tbUser); // 查询所有用户信息
PageUtils getAllUser(Integer pageNo); // 删除用户信息及其关联角色信息
void deleteUser(Integer id); }
package com.zy.service.impl; import com.github.pagehelper.PageHelper;
import com.github.pagehelper.PageInfo;
import com.zy.common.ConstantValue;
import com.zy.mapper.TbPermissionMapper;
import com.zy.mapper.TbRoleMapper;
import com.zy.mapper.TbUserMapper;
import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import com.zy.util.MD5;
import com.zy.util.PageUtils;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import java.util.HashMap;
import java.util.List;
import java.util.Map; /**
* Created by Administrator on 2018/7/3.
*
* 登录的业务层
*/
@Service("tbUserService")
public class TbUserServiceImpl implements TbUserServiceI { @Autowired
private TbUserMapper tbUserMapper; @Autowired
private TbRoleMapper tbRoleMapper; @Autowired
private TbPermissionMapper tbPermissionMapper; // 登录验证:根据用户名查询用户信息
@Override
public TbUser getTbUserByUserName(String username) {
TbUser tbUser = tbUserMapper.getTbUserByUserName(username);
return tbUser;
} // 授权验证第一步:根据用户id查询用户角色
@Override
public List<TbRole> getTbRoleByUserId(Integer id) {
List<TbRole> tbRoleList = tbRoleMapper.getTbRoleByUserId(id);
return tbRoleList;
} // 授权验证:根据用户id查询用户权限信息
@Override
public List<TbPermission> getTbPermissionByUserId(Integer userId) {
List<TbPermission> permissionList = tbPermissionMapper.getTbPermissionByUserId(userId);
return permissionList;
} // 查询菜单信息
@Override
public Map<TbPermission, List<TbPermission>> getMenuByUserId(Integer userId){
List<TbPermission> permissionList = tbPermissionMapper.getTopTbPermissionByUserId(userId);
Map<TbPermission, List<TbPermission>> map = new HashMap<TbPermission, List<TbPermission>>();
for(TbPermission tbPermission : permissionList){
if(tbPermission.getParentId() == null){
// 当用户id是确定的时候,根据父菜单id查询子菜单id
List<TbPermission> list = tbPermissionMapper.getTbPermissionByParentIdAndUserId(tbPermission.getId(),userId);
if(list != null){
map.put(tbPermission,list);
}
}
}
return map;
} // 注册用户
@Override
public int addTbUser(TbUser tbUser) {
// 获取salt
String salt=new SecureRandomNumberGenerator().nextBytes().toHex();
tbUser.setSalt(salt);
// 进行加密
String md5Pwd = MD5.getMD5(tbUser.getPassword(), salt);
tbUser.setPassword(md5Pwd);
// 设置状态
tbUser.setStatus(ConstantValue.USER_STATUS_UNLOCKED);
tbUserMapper.addTbUser(tbUser);
/*返回主键*/
Integer id = tbUser.getId();
return id;
} // 查询所有用户信息
@Override
public PageUtils getAllUser(Integer pageNo) {
PageHelper.startPage(pageNo, ConstantValue.PAGE_SIZE);
List<TbUser> userList = tbUserMapper.getAllUser();
PageUtils pageInfo = new PageUtils();
pageInfo.setRows(userList);
PageInfo<TbUser> pageInfoList = new PageInfo<TbUser>(userList);
pageInfo.setTotalPages(pageInfoList.getPages());
pageInfo.setCurrentPage(pageNo);
pageInfo.setPageSize(pageInfoList.getPageSize());
return pageInfo;
} // 删除用户信息及其关联角色信息
@Override
public void deleteUser(Integer id) {
tbUserMapper.deleteUser(id);
tbUserMapper.deleteUserRole(id);
} }
2.10权限Realm(以TbUserRealm 为例)
package com.zy.shiro; import com.zy.common.ConstantValue;
import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import com.zy.util.MD5;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired; import java.util.HashSet;
import java.util.List;
import java.util.Set; /**
* Created by Administrator on 2018/7/2.
*
* 认证及授权的realm
*/
public class TbUserRealm extends AuthorizingRealm { @Autowired
private TbUserServiceI tbUserService; /*
*
* 认证
* */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
/*获取输入的用户名及密码*/
String username = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials()); /*调用service层方法返回用户信息*/
TbUser tbUser = tbUserService.getTbUserByUserName(username);
/*如果用户信息为Null,则抛出用户不存在异常*/
if(tbUser == null){
throw new UnknownAccountException("用户名为空-----------------");
}
/*如果用户状态为1,则抛出账户锁定异常*/
if(tbUser.getStatus().equals(ConstantValue.USER_STATUS_LOCKED)){
throw new LockedAccountException("账号被锁定-----------------------");
}
/*比较密码是否一致,如果不一致,则抛出密码错误异常*/
final String md5Password = MD5.getMD5(password, tbUser.getSalt());
if(!md5Password.equals(tbUser.getPassword())){
throw new IncorrectCredentialsException("密码错误---------------------");
}
/*如果一切顺利,则返回该信息*/
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
tbUser,
md5Password,
ByteSource.Util.bytes(tbUser.getSalt()),
this.getName());
return info;
} /*
*
* 授权
*
* */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//从principals获取主身份信息
//将getPrimaryPrincipal方法返回值转为真实身份类型
//在上边的doGetAuthenticationInfo认证通过填充到SimpleAuthenticationInfo中身份类型
TbUser tbUser = (TbUser) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
if(tbUser != null){
//根据身份信息获取角色信息并且设置到PrincipalCollection中
List<TbRole> roleList = tbUserService.getTbRoleByUserId(tbUser.getId());
Set<String> roles = new HashSet<String>();
if(roleList != null){
for(TbRole tbRole : roleList){
if(tbRole.getRoleName() != null && !tbRole.getRoleName().equals("")){
roles.add(tbRole.getRoleName());
}
}
info.setRoles(roles);
}
//根据身份信息获取权限信息并且设置到PrincipalCollection中
List<TbPermission> permissionList = tbUserService.getTbPermissionByUserId(tbUser.getId());
if(permissionList != null){
Set<String> permissions = new HashSet<String>();
for(TbPermission tbPermission : permissionList){
if(tbPermission.getPerCode() != null && !tbPermission.getPerCode().trim().equals("")){
permissions.add(tbPermission.getPerCode());
}
}
info.setStringPermissions(permissions);
}
else{
throw new UnauthorizedException();
}
}
return info;
} }
2.11controller层(以LoginController 为例)
package com.zy.controller; import com.zy.common.ConstantValue;
import com.zy.model.TbPermission;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody; import javax.servlet.http.HttpSession;
import java.util.List;
import java.util.Map; /**
* Created by Administrator on 2018/7/3.
* <p>
* 登录注册相关的controller
*/
@Controller
@RequestMapping("login")
public class LoginController { @Autowired
private TbUserServiceI tbUserService; // 登录界面
@RequestMapping("login")
public String login() {
return "login/login";
} // 登录验证
@RequestMapping("loginCheck")
public String loginCheck(TbUser tbUser, String rememberMe,Map map) {
UsernamePasswordToken token = new UsernamePasswordToken(tbUser.getUsername(), tbUser.getPassword());
Subject subject = SecurityUtils.getSubject();
if (rememberMe == null) {
token.setRememberMe(false);
} else {
token.setRememberMe(true);
}
try {
subject.login(token);
return "forward:toIndex";
} catch (Exception e) {
map.put("msg","用户名或密码错误");
return "login/login";
}
} // 如果登录成功,则跳转到此处,由此处获取信息,并发送至前台页面
@RequestMapping("toIndex")
public String toIndex(Map map){
/*获取TbUserRealm中的Subject*/
final Subject subject = SecurityUtils.getSubject();
TbUser tbUser = (TbUser) subject.getPrincipal();
if(tbUser == null){
return "redirect:/login/login";
}
/*将用户信息放到map中*/
map.put("tbUser", tbUser);
/*查询菜单信息,并将菜单信息放置到map中*/
Map<TbPermission, List<TbPermission>> menu = tbUserService.getMenuByUserId(tbUser.getId());
map.put("menu",menu);
return "index";
} /*注册*/
/*注册前用户名查重*/
@RequestMapping("isUserExist")
@ResponseBody
public String isUserExist(String username) {
TbUser tbUser = tbUserService.getTbUserByUserName(username);
if (tbUser == null) {
return ConstantValue.USER_IS_NOT_EXIST;
}
return ConstantValue.USER_IS_EXIST;
} @RequestMapping("register")
public String register(String username, String password) {
/*用户注册*/
TbUser tbUser = new TbUser();
tbUser.setUsername(username);
tbUser.setPassword(password);
tbUserService.addTbUser(tbUser);
/*用户注册后,登录到首页展示页面*/
return "forward:loginCheck";
} /*用户退出登录*/
@RequestMapping("logout")
public String logout(HttpSession session){
/*清除缓存*/
session.invalidate();
return "redirect:/login/login";
} }
2.12model层(以TBUser为例)
package com.zy.model; import java.io.Serializable; /**
*
* 定义用户登录表中的实体类
* Created by Administrator on 2018/7/3.
*/
public class TbUser implements Serializable { private Integer id;
private String username;
private String password;
private String salt;
private String status; @Override
public String toString() {
return "TbUser{" +
"id=" + id +
", username='" + username + '\'' +
", password='" + password + '\'' +
", salt='" + salt + '\'' +
", status='" + status + '\'' +
'}';
} public Integer getId() {
return id;
} public void setId(Integer id) {
this.id = id;
} public String getUsername() {
return username;
} public void setUsername(String username) {
this.username = username;
} public String getPassword() {
return password;
} public void setPassword(String password) {
this.password = password;
} public String getSalt() {
return salt;
} public void setSalt(String salt) {
this.salt = salt;
} public String getStatus() {
return status;
} public void setStatus(String status) {
this.status = status;
} public TbUser() { } public TbUser(Integer id, String username, String password, String salt, String status) { this.id = id;
this.username = username;
this.password = password;
this.salt = salt;
this.status = status;
}
}
2.13webapp下的web.xml配置
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" > <web-app>
<display-name>ssmshiro</display-name> <!--配置spring-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/applicationContext-*.xml</param-value>
</context-param>
<!--配置乱码过滤器-->
<filter>
<filter-name>CharacterFilter</filter-name>
<filter-class>com.zy.util.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-</param-value>
</init-param>
</filter>
<!--配置shiro拦截-->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--配置spring-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--配置springmvc-->
<servlet>
<servlet-name>Dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:springmvc/springmvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!--配置欢迎界面-->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!--配置404和500-->
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/error/404.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/error/500.jsp</location>
</error-page>
</web-app>
SSM项目与Shiro项目的整合(单体式项目)的更多相关文章
- SpringBoot与Shiro的整合(单体式项目)
1.包结构 2.jar包,配置文件,类 2.1pom.xml文件配置 <?xml version="1.0" encoding="UTF-8"?> ...
- 上手spring boot项目(二)之spring boot整合shiro安全框架
题记:在学习了springboot和thymeleaf之后,想完成一个项目练练手,于是使用springboot+mybatis和thymeleaf完成一个博客系统,在完成的过程中出现的一些问题,将这些 ...
- ssm框架整合+maven项目创建
在引入外部maven插件后就可以创建一个maven项目了,这篇文章主要介绍ssm框架的整合和如何创建一个maven项目 1.在开发工具的项目空白区单击右键,依次选择New.Other,会出现如下界面, ...
- 01 整合IDEA+Maven+SSM框架的高并发的商品秒杀项目之业务分析与DAO层
作者:nnngu 项目源代码:https://github.com/nnngu/nguSeckill 这是一个整合IDEA+Maven+SSM框架的高并发的商品秒杀项目.我们将分为以下几篇文章来进行详 ...
- 【Java EE 学习 67 下】【OA项目练习】【SSH整合JBPM工作流】【JBPM项目实战】
一.SSH整合JBPM JBPM基础见http://www.cnblogs.com/kuangdaoyizhimei/p/4981551.html 现在将要实现SSH和JBPM的整合. 1.添加jar ...
- 从零开始搭建框架SSM+Redis+Mysql(二)之MAVEN项目搭建
从零开始搭建框架SSM+Redis+Mysql(二)之MAVEN项目搭建 废话不说,直接撸步骤!!! 1.创建主项目:ncc-parent 选择maven创建项目,注意在创建项目中,packing选择 ...
- 使用CXF做webservice整合现有项目的例子
从网上看了很多CXF的资料,大部分都是单独的作为一个webservice项目,对于在现有的spring项目上提供webservice服务的例子基本没有找到. 我做的这个例子是介绍怎么把cxf整合到现有 ...
- Spring_day02--log4j介绍_Spring整合web项目演示
log4j介绍 1 通过log4j可以看到程序运行过程中更详细的信息 (1)经常使用log4j查看日志 2 使用 (1)导入log4j的jar包 (2)复制log4j的配置文件,复制到src下面 3 ...
- Spring_day01--注入对象类型属性(重点)_P名称空间注入_注入复杂类型属性_IOC和DI区别_Spring整合web项目原理
注入对象类型属性(重点) Action要new一个service对象,Service中又要new一个Dao对象,现在把new的过程交给spring来操作 1 创建service类和dao类 (1)在s ...
随机推荐
- python绘图踩的坑
踩的坑 pyecharts安装地图包 pip install echarts-countries-pypkg 报错Unknown or unsupported command 'install' 这可 ...
- RK3288 HDMI增加特殊分辨率
转载请注明出处:https://www.cnblogs.com/lialong1st/p/9174475.html CPU:RK3288 系统:Android 5.1 本帖以 HDMI 800x600 ...
- awk:NF-NR-OFS-ORS-RS等参数
ARGC 命令行参数个数ARGV 命令行参数排列ENVIRON 支持队列中系统环境变量的使用FILENAME awk浏览的文件名FNR 浏览文件的记录数FS 设置输入域分隔符,等价于命令行 -F选项N ...
- mysql的三种安装方式(详细)
安装MySQL的方式常见的有三种: rpm包形式 通用二进制形式 源码编译 1,rpm包形式 (1) 操作系统发行商提供的 (2) MySQL官方提供的(版本更新,修复了更多常见BUG)www.mys ...
- GOF23设计模式之责任链模式(chain of responsibility)
一.责任链模式概述 将能够处理同一类请求的对象连成一条链,所提交的请求沿着链传递,链上的对象逐个判断是否有能力处理该请求. 如果能则处理,否则传递给链上的下一个对象去处理. 定义责任链 (1)通过链表 ...
- 数据结构与算法JavaScript描述——列表
1.列表的抽象数据类型定义 2.实现列表类: 2.1 append:给列表添加元素: 2.2 remove: 从列表中删除元素: 2.3 find方法: 2.4 length:列表中有多少个元素: ...
- 关于神经网络算法的 Python例程
# Back-Propagation Neural Networks# # Written in Python. See http://www.python.org/# Placed in the ...
- kubectl get pods The connection to the server was refused - did you specify the rig
1 主要是运行这个命令 alias kubectl='kubectl --kubeconfig=/etc/kubernetes/kubelet.conf'问题解决. 同时也用到如下命令: pas ...
- 设计模式—三种工厂模式(JAVA)
一:简单工厂: 有一个实际工厂,这个工厂只能造一类的产品,这一类产品就是一个产品接口,会有多个具体产品实现这个接口,例 如,一个手机厂,生产苹果手机,三星手机: 缺点:在工厂类中集中了所有实例的创建逻 ...
- WebApi 返值的实体值前缀加了个下划线
发现MODEL类中加了个可以被序列化的标记,把它去除即可. [Serializable]