Velocity模版进行shiro验证
先在Spring配置Velocity视图解析器
<!-- Velocity视图解析器 默认视图 -->
<bean id="velocityViewResolver"
class="org.springframework.web.servlet.view.velocity.VelocityViewResolver">
<property name="contentType" value="text/html;charset=UTF-8" />
<property name="viewNames" value="*.html" />
<property name="suffix" value="" />
<property name="dateToolAttribute" value="date" />
<property name="numberToolAttribute" value="number" />
<property name="toolboxConfigLocation" value="/WEB-INF/velocity-toolbox.xml" />
<property name="requestContextAttribute" value="rc" />
<property name="order" value="0" />
</bean>
<bean id="velocityConfigurer"
class="org.springframework.web.servlet.view.velocity.VelocityConfigurer">
<property name="resourceLoaderPath" value="/WEB-INF/page/" />
<property name="velocityProperties">
<props>
<prop key="input.encoding">UTF-8</prop>
<prop key="output.encoding">UTF-8</prop>
<prop key="contentType">text/html;charset=UTF-8</prop>
</props>
</property>
</bean><?xml version="1.0" encoding="UTF-8" ?>
<toolbox>
<!-- velocity 自定义标签 -->
<tool>
<key>shiro</key>
<scope>application</scope>
<class>com.wstro.shiro.VelocityShiro</class>
</tool>
</toolbox>com.wstro.shiro.VelocityShiro
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Shiro权限标签(Velocity版)
*
* @author chenshun
* @email sunlightcs@gmail.com
* @date 2016年12月3日 下午11:32:47
*/
public class VelocityShiro {
private Logger logger = LoggerFactory.getLogger(getClass());
/**
* 是否拥有该权限
*
* @param permission
* 权限标识
* @return true:是 false:否
*/
public boolean hasPermission(String permission) {
logger.info(permission);
Subject subject = SecurityUtils.getSubject();
return subject != null && subject.isPermitted(permission);
}
/**
* 是否拥有该权限
*
* @param permission
* 权限标识
* @return true:是 false:否
*/
public static boolean hasPermissionInMethod(String permission) {
Subject subject = SecurityUtils.getSubject();
return subject != null && subject.isPermitted(permission);
}
}
ShiroUtils工具类
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import com.wstro.entity.SysUserEntity;
/**
* Shiro工具类
*
* @author chenshun
* @email sunlightcs@gmail.com
* @date 2016年11月12日 上午9:49:19
*/
public class ShiroUtils {
public static Session getSession() {
return SecurityUtils.getSubject().getSession();
}
public static Subject getSubject() {
return SecurityUtils.getSubject();
}
public static SysUserEntity getUserEntity() {
return (SysUserEntity)SecurityUtils.getSubject().getPrincipal();
}
public static Long getUserId() {
return getUserEntity().getUserId();
}
public static void setSessionAttribute(Object key, Object value) {
getSession().setAttribute(key, value);
}
public static Object getSessionAttribute(Object key) {
return getSession().getAttribute(key);
}
public static boolean isLogin() {
return SecurityUtils.getSubject().getPrincipal() != null;
}
public static void logout() {
SecurityUtils.getSubject().logout();
}
public static String getKaptcha(String key) {
String kaptcha = getSessionAttribute(key).toString();
getSession().removeAttribute(key);
return kaptcha;
}
}
前台Velocity模版直接调用就可以
#if($shiro.hasPermission("sys:project${projectcategory}:save")) <a
class="btn btn-primary" @click="add"><i class="fa fa-plus"></i>新增</a>
#end这里只实现了Permission验证。如果要多个自己可以模仿这个
https://zhousiwei.gitee.io/
