Shiro的使用
/**
* 添加Shiro内置过滤器
* Shiro内置过滤器,可以实现权限相关的拦截器
* 常用的过滤器:
* anon:无需认证(登录)可以访问
* authc:必须认证才可以访问
* user:如果使用rememberMe的功能可以直接访问
* perms:该资源必须得到资源权限才可以访问
* role:该资源必须得到角色权限才可以访问
*/
<!--shiro依赖-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.3.2</version>
</dependency>
<!--shiro与thymeleaf整合-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
package com.wei.testshiro.shiro; import com.wei.testshiro.entity.Permission; import com.wei.testshiro.entity.User; import com.wei.testshiro.service.UserService; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import java.util.List; /** * @Auther: wei 这个类中主要执行两个逻辑 * 用户认证:判断用户是否登录成功 * 用户授权:授权用户一定的权限 * @Date:2019-05-09 * @Description:com.wei.testshiro.shiro * @Version:1.0 */ public class UserRealm extends AuthorizingRealm { @Autowired UserService userService; /** * 执行授权逻辑 * @param principalCollection * @return */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println("执行授权逻辑"); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); // info.addStringPermission("user:add"); //从数据库里获取该用户的权限 Subject subject = SecurityUtils.getSubject(); User user = (User) subject.getPrincipal(); List<String> permissions = userService.queryUserPermission(user.getId()); info.addStringPermissions(permissions); return info; } /** * 执行认证逻辑 * @param authenticationToken * @return * @throws AuthenticationException */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { System.out.println("执行认证逻辑"); UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; User user = userService.selectOne(token.getUsername()); if(user==null){ //用户名不存在 return null; } return new SimpleAuthenticationInfo(user,user.getPassword(),""); } }
1 package com.wei.testshiro.shiro; 2 3 import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; 4 import org.apache.shiro.spring.web.ShiroFilterFactoryBean; 5 import org.apache.shiro.web.mgt.DefaultWebSecurityManager; 6 import org.springframework.beans.factory.annotation.Qualifier; 7 import org.springframework.context.annotation.Bean; 8 import org.springframework.context.annotation.Configuration; 9 10 import java.util.LinkedHashMap; 11 import java.util.Map; 12 13 /** 14 * @Auther: wei 15 * @Date:2019-05-09 16 * @Description:com.wei.testshiro.shiro 17 * @Version:1.0 18 */ 19 @Configuration 20 public class ShiroConfig { 21 @Bean 22 public ShiroFilterFactoryBean shirFilter(@Qualifier("security")DefaultWebSecurityManager securityManager) { 23 System.out.println("ShiroConfiguration.shirFilter()"); 24 ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); 25 shiroFilterFactoryBean.setSecurityManager(securityManager); 26 //拦截器. 27 Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>(); 28 // 配置不会被拦截的链接 顺序判断 29 filterChainDefinitionMap.put("/static/**", "anon"); 30 filterChainDefinitionMap.put("/login.html", "anon"); 31 filterChainDefinitionMap.put("/tologin", "anon"); 32 filterChainDefinitionMap.put("/list", "anon"); 33 //授权过滤器 34 filterChainDefinitionMap.put("/add","perms[user:add]"); 35 filterChainDefinitionMap.put("/update","perms[user:update]"); 36 filterChainDefinitionMap.put("/delete","perms[user:delete]"); 37 //配置退出 过滤器,其中的具体的退出代码Shiro已经替我们实现了 38 filterChainDefinitionMap.put("/logout", "logout"); 39 //<!-- 过滤链定义,从上向下顺序执行,一般将/**放在最为下边 -->:这是一个坑呢,一不小心代码就不好使了; 40 //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问--> 41 //这一步一定要在最下边执行 42 filterChainDefinitionMap.put("/*", "authc"); 43 // 如果不设置默认会自动寻找Web工程根目录下的"/login.html"页面 44 shiroFilterFactoryBean.setLoginUrl("/login.html"); 45 // 登录成功后要跳转的链接 46 shiroFilterFactoryBean.setSuccessUrl("/list.html"); 47 48 49 50 //未授权界面; 51 shiroFilterFactoryBean.setUnauthorizedUrl("/403.html"); 52 shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); 53 return shiroFilterFactoryBean; 54 } 55 56 @Bean 57 public UserRealm myShiroRealm(){ 58 UserRealm myShiroRealm = new UserRealm(); 59 return myShiroRealm; 60 } 61 62 63 @Bean("security") 64 public DefaultWebSecurityManager securityManager(){ 65 DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); 66 securityManager.setRealm(myShiroRealm()); 67 return securityManager; 68 } 69 //与thymeleaf标签配合使用 70 @Bean 71 public ShiroDialect shiroDialect(){ 72 return new ShiroDialect(); 73 } 74 75 }
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:shiro="http://www.w3.org/1999/xhtml"> <head> <meta charset="UTF-8"> <title>列表页面</title> </head> <body> <!-- 验证当前用户是否为“访客”,即未认证(包含未记住)的用户。 --> Please <a href="login.html">login</a> <div shiro:hasPermission="user:add"> <a href="add">添加页面</a></br> </div> <div shiro:hasPermission="user:update"> <a href="update">修改页面</a><br> </div> <div shiro:hasPermission="user:delete"> <a href="delete">删除</a> </div> </body> </html>
package com.wei.testshiro.config; import org.springframework.stereotype.Component; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * @Auther: wei * * @Date:2019-05-10 * @Description:com.wei.testshiro.config * @Version:1.0 */ @Component public class WebMvcConfig implements WebMvcConfigurer { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("add").setViewName("user/add"); registry.addViewController("update").setViewName("user/update"); registry.addViewController("delete").setViewName("user/delete"); registry.addViewController("/list").setViewName("list"); registry.addViewController("/login.html").setViewName("login"); registry.addViewController("/403.html").setViewName("403"); } }
package com.wei.testshiro.controller; import com.wei.testshiro.entity.User; import com.wei.testshiro.service.UserService; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import java.util.HashMap; import java.util.Map; /** * @Auther: wei * @Date:2019-05-10 * @Description:com.wei.testshiro.controller * @Version:1.0 */ @Controller public class UserController { @Autowired UserService userService; @RequestMapping("/tologin") public String login(User user, Map<String,Object> map){ System.out.println(user.getName()+"用户开始登录"); User user1 = userService.selectOne(user.getName()); //获取Subject Subject subject = SecurityUtils.getSubject(); //封装用户数据 UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(user.getName(), user.getPassword()); //执行登录方法 try { subject.login(usernamePasswordToken); return "redirect:/list"; }catch (UnknownAccountException e){ //登录失败 用户名不存在 map.put("loginMsg","用户名不存在"); return "login"; }catch (IncorrectCredentialsException e){ //登录失败 用户名不存在 map.put("loginMsg","密码错误"); return "login"; } } }
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.1.4.RELEASE</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.wei</groupId> <artifactId>testshiro</artifactId> <version>0.0.1-SNAPSHOT</version> <name>testshiro</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> <spring-cloud.version>Greenwich.SR1</spring-cloud.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jdbc</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.0.1</version> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter</artifactId> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <!--shiro依赖--> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.3.2</version> </dependency> <!--连接池依赖--> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.4</version> </dependency> <!--shiro与thymeleaf整合--> <dependency> <groupId>com.github.theborakompanioni</groupId> <artifactId>thymeleaf-extras-shiro</artifactId> <version>2.0.0</version> </dependency> </dependencies> <dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>${spring-cloud.version}</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>
浙公网安备 33010602011771号