Springboot整合Shiro-认证功能
- Springboot整合Shiro 认证
1.整合Druid和MyBatis
<!-- druid starter --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid-spring-boot-starter</artifactId> <version>1.1.10</version> </dependency> <!--mysql --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.47</version> </dependency> <!-- mybatis --> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.0</version> </dependency>
2.配置
spring.datasource.druid.url=jdbc:mysql://localhost:3306/test?characterEncoding=UTF-8&serverTimezone=GMT%2B8 spring.datasource.druid.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource..druidusername=root spring.datasource.druid.password=123456 spring.datasource.druid.initial-size=1 spring.datasource.druid.min-idle=1 spring.datasource.druid.max-active=20 mybatis.mapper-locations=classpath:mapper/*.xml mybatis.type-aliases-package=com.dd.shirodemo.pojo
3.整合shiro
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.1</version> </dependency>
4. Shiro配置
@Configuration public class ShiroConfig { @Bean public IniRealm getIniRealm(){ IniRealm iniRealm = new IniRealm("classpath:shiro.ini"); return iniRealm; } @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(IniRealm iniRealm){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //securityManager要完成校验,需要realm securityManager.setRealm(iniRealm); return securityManager; } @Bean public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean(); //过滤器就是shiro就行权限校验的核心,进行认证和授权是需要SecurityManager的 filter.setSecurityManager(securityManager); //设置shiro的拦截规则 // anon 匿名用户可访问 // authc 认证用户可访问 // user 使用RemeberMe的用户可访问 // perms 对应权限可访问 // role 对应的角色可访问 Map<String,String> filterMap = new HashMap<>(); filterMap.put("/","anon"); filterMap.put("/login.html","anon"); filterMap.put("/regist.html","anon"); filterMap.put("/user/login","anon"); filterMap.put("/user/regist","anon"); filterMap.put("/static/**","anon"); filterMap.put("/**","authc"); filter.setFilterChainDefinitionMap(filterMap); filter.setLoginUrl("/login.html"); //设置未授权访问的页面路径 filter.setUnauthorizedUrl("/login.html"); return filter; } }
5.认证测试
UserServiceImpl.java
@Service public class UserServiceImpl { public void checkLogin(String userName,String userPwd) throws Exception{ Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(userName,userPwd); subject.login(token); } }
UserController.java
@Controller @RequestMapping("user") public class UserController { @Resource private UserServiceImpl userService; @RequestMapping("login") public String login(String userName,String userPwd){ try { userService.checkLogin(userName,userPwd); System.out.println("------登录成功!"); return "index"; } catch (Exception e) { System.out.println("------登录失败!"); return "login"; } } }
login.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> login <hr/> <form action="user/login"> <p>帐号:<input type="text" name="userName"/></p> <p>密码:<input type="text" name="userPwd"/></p> <p><input type="submit" value="登录"/></p> </form> </body> </html>
2. Springboot整合Shiro认证功能(jdbcRealm+数据库)
1.导包:
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.1</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <!--整合Mysql--> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <!-- 整合 Mybatis --> <dependency> <groupId>org.mybatis</groupId> <artifactId>mybatis</artifactId> <version>3.4.6</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid-spring-boot-starter</artifactId> <version>1.1.10</version> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.0</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <optional>true</optional> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>org.junit.vintage</groupId> <artifactId>junit-vintage-engine</artifactId> </exclusion> </exclusions> </dependency>
2.准备数据库(数据库中字段必须符合jdbcrealm要求)
用户表users:
create table users( id int primary key auto_increment, username varchar(60) not null unique, password varchar(20) not null, password_salt varchar(20) ); insert into users(username,password) values('zhangsan','123456'); insert into users(username,password) values('lisi','123456'); insert into users(username,password) values('wangwu','123456'); insert into users(username,password) values('zhaoliu','123456'); insert into users(username,password) values('chenqi','123456');
用户角色信息表:
create table user_roles( id int primary key auto_increment, username varchar(60) not null, role_name varchar(100) not null ); -- admin系统管理员 -- cmanager 库管人员 -- xmanager 销售人员 -- kmanager 客服人员 -- zmanager 行政人员 insert into user_roles(username,role_name) values('zhangsan','admin'); insert into user_roles(username,role_name) values('lisi','cmanager'); insert into user_roles(username,role_name) values('wangwu','xmanager'); insert into user_roles(username,role_name) values('zhaoliu','kmanager'); insert into user_roles(username,role_name) values('chenqi','zmanager');
角色权限表
create table roles_permissions( id int primary key auto_increment, role_name varchar(100) not null, permission varchar(100) not null ); -- 权限 sys:c:save sys:c:delete... -- 管理员具备所有权限 insert into roles_permissions(role_name,permission) values("admin","*"); -- 库管人员 insert into roles_permissions(role_name,permission) values("cmanager","sys:c:save"); insert into roles_permissions(role_name,permission) values("cmanager","sys:c:delete"); insert into roles_permissions(role_name,permission) values("cmanager","sys:c:update"); insert into roles_permissions(role_name,permission) values("cmanager","sys:c:find"); -- 销售人员 insert into roles_permissions(role_name,permission) values("xmanager","sys:c:find"); insert into roles_permissions(role_name,permission) values("xmanager","sys:x:save"); insert into roles_permissions(role_name,permission) values("xmanager","sys:x:delete"); insert into roles_permissions(role_name,permission) values("xmanager","sys:x:update"); insert into roles_permissions(role_name,permission) values("xmanager","sys:x:find"); insert into roles_permissions(role_name,permission) values("xmanager","sys:k:save"); insert into roles_permissions(role_name,permission) values("xmanager","sys:k:delete"); insert into roles_permissions(role_name,permission) values("xmanager","sys:k:update"); insert into roles_permissions(role_name,permission) values("xmanager","sys:k:find"); -- 客服人员 insert into roles_permissions(role_name,permission) values("kmanager","sys:k:find"); insert into roles_permissions(role_name,permission) values("kmanager","sys:k:update"); -- 新增人员 insert into roles_permissions(role_name,permission) values("zmanager","sys:*:find");
3.配置Shiro
package com.dd.shirodemo2.config; import org.apache.catalina.realm.JDBCRealm; import org.apache.shiro.realm.jdbc.JdbcRealm; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.sql.DataSource; import java.util.HashMap; import java.util.Map; /** * @author 冬冬 */ @Configuration public class ShiroConfig { @Bean public JdbcRealm getJdbcRealm(DataSource dataSource) { JdbcRealm jdbcRealm = new JdbcRealm(); jdbcRealm.setDataSource(dataSource); jdbcRealm.setPermissionsLookupEnabled(true); return jdbcRealm; } @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(JdbcRealm jdbcRealm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(jdbcRealm); return securityManager; } @Bean public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean(); filter.setSecurityManager(securityManager); Map<String, String> filterMap = new HashMap<>(); filterMap.put("/", "anon"); filterMap.put("/login.html", "anon"); filterMap.put("/regist.html", "anon"); filterMap.put("/user/login", "anon"); filterMap.put("/user/regist", "anon"); filterMap.put("/static/**", "anon"); filterMap.put("/**", "authc"); filter.setFilterChainDefinitionMap(filterMap); filter.setLoginUrl("/login.html"); //设置未授权访问的页面路径 filter.setUnauthorizedUrl("/login.html"); return filter; } }
4.数据库配置
server.port=8086 #数据库连接的配置 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.url=jdbc:mysql://localhost:3306/shirotest?characterEncoding=UTF-8&serverTimezone=GMT%2B8 spring.datasource.username=root spring.datasource.password=123456 spring.datasource.type=com.alibaba.druid.pool.DruidDataSource # 初始化时建立物理连接的个数 spring.datasource.druid.initial-size=5 # 最大连接池数量 spring.datasource.druid.max-active=30 # 最小连接池数量 spring.datasource.druid.min-idle=5 # 获取连接时最大等待时间,单位毫秒 spring.datasource.druid.max-wait=60000 # 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒 spring.datasource.druid.time-between-eviction-runs-millis=60000 # 连接保持空闲而不被驱逐的最小时间 spring.datasource.druid.min-evictable-idle-time-millis=300000 # 用来检测连接是否有效的sql,要求是一个查询语句 spring.datasource.druid.validation-query=SELECT 1 FROM DUAL # 建议配置为true,不影响性能,并且保证安全性。申请连接的时候检测,如果空闲时间大于timeBetweenEvictionRunsMillis,执行validationQuery检测连接是否有效。 spring.datasource.druid.test-while-idle=true # 申请连接时执行validationQuery检测连接是否有效,做了这个配置会降低性能。 spring.datasource.druid.test-on-borrow=false # 归还连接时执行validationQuery检测连接是否有效,做了这个配置会降低性能。 spring.datasource.druid.test-on-return=false # 是否缓存preparedStatement,也就是PSCache。PSCache对支持游标的数据库性能提升巨大,比如说oracle。在mysql下建议关闭。 spring.datasource.druid.pool-prepared-statements=true # 要启用PSCache,必须配置大于0,当大于0时,poolPreparedStatements自动触发修改为true。 spring.datasource.druid.max-pool-prepared-statement-per-connection-size=50 # 配置监控统计拦截的filters,去掉后监控界面sql无法统计 spring.datasource.druid.filters=stat,wall # 通过connectProperties属性来打开mergeSql功能;慢SQL记录 spring.datasource.druid.connection-properties=druid.stat.mergeSql=true;druid.stat.slowSqlMillis=1 # 合并多个DruidDataSource的监控数据 spring.datasource.druid.use-global-data-source-stat=true # druid连接池监控 spring.datasource.druid.stat-view-servlet.login-username=admin spring.datasource.druid.stat-view-servlet.login-password=123456 # 排除一些静态资源,以提高效率 spring.datasource.druid.web-stat-filter.exclusions=*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/* #Thymeleaf配置 spring.thymeleaf.cache=false spring.thymeleaf.encoding=utf-8 spring.thymeleaf.mode=HTML5 spring.thymeleaf.prefix=classpath:/templates/ spring.thymeleaf.suffix=.html spring.resources.static-locations=classpath:/templates/,classpath:/static spring.servlet.multipart.max-file-size=-1 spring.servlet.multipart.max-request-size=-1
5.编写接口和页面测试(略)
3. Springboot整合Shiro认证授权功能(shiro的使用)
1.导包:
<dependency> <groupId>com.github.theborakompanioni</groupId> <artifactId>thymeleaf-extras-shiro</artifactId> <version>2.0.0</version> </dependency>
2.配置
ShiroConfig.java
@Bean public ShiroDialect getShiroDialect(){ return new ShiroDialect(); }
3.前端使用:
1.引入标签库
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:shiro="http://www.pollix.at/thymeleaf/shiro">
2.使用:
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org"
xmlns:shiro="http://www.pollix.at/thymeleaf/shiro">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
主界面
<hr/>
<p shiro:hasRole="admin"> 欢迎您,管理员</p>
<p shiro:hasRole="cmanager"> 欢迎您,cmanager</p>
<p shiro:hasRole="xmanager"> 欢迎您,xmanager</p>
<p shiro:hasRole="kmanager"> 欢迎您,kmanager</p>
<p shiro:hasRole="zmanager"> 欢迎您,zmanager</p>
<shiro:user>
您好[<shiro:principal/>]
</shiro:user>
<hr/>
仓库管理
<ul>
<shiro:hasPermission name="sys:c:save"><li><a href="#">入库</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:c:delete"><li><a href="#">出库</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:c:update"><li><a href="#">修改</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:c:find"><li><a href="#">查询</a></li></shiro:hasPermission>
</ul>
订单管理
<ul>
<shiro:hasPermission name="sys:x:save"><li><a href="#">添加订单</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:x:delete"><li><a href="#">删除订单</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:x:update"><li><a href="#">修改订单</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:x:find"><li><a href="#">查询订单</a></li></shiro:hasPermission>
</ul>
客户管理
<ul>
<shiro:hasPermission name="sys:k:save"><li><a href="#">添加客户</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:k:delete"><li><a href="#">删除客户</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:k:update"><li><a href="#">修改客户</a></li></shiro:hasPermission>
<shiro:hasPermission name="sys:k:find"><li><a href="#">查询客户</a></li></shiro:hasPermission>
</ul>
<a href="/user/logout">退出</a>
</body>
</html>
4.测试结果:
管理员登录
一般用户:
浙公网安备 33010602011771号