赞
踩
给项目添加认证与授权功能的框架, 就叫安全框架
认证: 验证用户身份的合法性(验证用户名和密码是否正确)
授权: 授权用户访问资源的权限
RBAC是Role-Based Access Control(基于角色的访问控制)的缩写。它是一种广泛应用于安全管理中的访问控制模型。RBAC模型通过授予用户不同的角色,并将角色与权限进行关联,来管理对资源的访问。
RBAC模型中的关键概念包括以下几个部分:
是一款主流的Java安全框架,不依赖任何容器,可以运行在Java SE和Java EE项目中,它的主要作用是对访问系统的用户进行身份认证、授权、会话管理、加密等操作。
Shiro 就是用来解决安全管理的系统化框架。Shiro是基于session的身份认证和访问控制框架。
用户、角色、权限。给角色赋予权限、给用户赋予角色
这里使用jsp来做前端页面,因此需要引入jsp依赖
<dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-devtools</artifactId> <scope>runtime</scope> <optional>true</optional> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <optional>true</optional> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <!--引入 Spring Boot 内嵌的 Tomcat 对 JSP 的解析包,不加解析不了 jsp 页面--> <!--如果只是使用 JSP 页面,可以只添加该依赖--> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-jasper</artifactId> </dependency> <!--如果要使用 servlet 必须添加该以下两个依赖--> <!-- servlet 依赖的 jar 包--> <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> </dependency> <!-- jsp 依赖 jar 包--> <dependency> <groupId>javax.servlet.jsp</groupId> <artifactId>javax.servlet.jsp-api</artifactId> <version>2.3.1</version> </dependency> <!--如果使用 JSTL 必须添加该依赖--> <!--jstl 标签依赖的 jar 包 start--> <dependency> <groupId>javax.servlet</groupId> <artifactId>jstl</artifactId> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-starter</artifactId> <version>1.5.3</version> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> <configuration> <excludes> <exclude> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </exclude> </excludes> </configuration> </plugin> </plugins> <!-- SpringBoot 要求 jsp 文件必须编译到指定的META-INF/resources 目录下才能访问,否则访问不到。其它官方已经建议使用模版技术 --> <resources> <resource> <!--源文件位置--> <directory>src/main/webapp</directory> <!--指定编译到META-INF/resource,该目录不能随便写--> <targetPath>META-INF/resources</targetPath> <!--指定要把哪些文件编译进去,**表示 webapp 目录及子目录,*.*表示所有文件--> <includes> <include>**/*.*</include> </includes> </resource> </resources> </build>
在webapp文件夹中创建index.jsp和login.jsp
<%@page contentType="text/html;UTF-8" pageEncoding="UTF-8" isErrorPage="false" %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>首页</title> </head> <body> <%--受限资源--%> <h1>系统主页</h1> <ul> <li><a href="#">用户管理</a></li> <li><a href="#">商品管理</a></li> <li><a href="#">订单管理</a></li> <li><a href="#">物流管理</a></li> </ul> </body> </html>
<%@page contentType="text/html;UTF-8" pageEncoding="UTF-8" isErrorPage="false" %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>登录</title> </head> <body> <h1>登录界面</h1> <form action="${pageContext.request.contextPath}/login" method="post"> 用户名:<input type="text" name="username" > <br/> 密码 : <input type="text" name="password"> <br> <input type="submit" value="登录"> </form> </body> </html>
package com.zjl.realm; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public class CustomerRealm extends AuthorizingRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { return null; } }
package com.zjl.config; import com.zjl.realm.CustomerRealm; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.Map; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Configuration public class ShiroConfig { //ShiroFilter过滤所有请求 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //给ShiroFilter配置安全管理器 shiroFilterFactoryBean.setSecurityManager(securityManager); //配置系统受限资源 //配置系统公共资源 Map<String, String> map = new HashMap<String, String>(); map.put("/","anon");//表示这个资源需要认证和授权 map.put("/index","authc");//表示这个资源需要认证和授权 // 设置认证界面路径 shiroFilterFactoryBean.setLoginUrl("/login"); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } //创建安全管理器 @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(realm); return securityManager; } //创建自定义Realm @Bean public Realm getRealm() { CustomerRealm realm = new CustomerRealm(); return realm; } }
访问:http://localhost:8080/index,会跳转到login
附Controller代码
package com.zjl.controller; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Controller public class IndexController { @RequestMapping("/") public String login(){ return "login"; } @RequestMapping("/index") public String index(){ return "index"; } }
<a href="${pageContext.request.contextPath}/logout">退出登录</a>
package com.zjl.controller; import lombok.extern.slf4j.Slf4j; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Controller @Slf4j public class IndexController { @RequestMapping("/") public String login(){ return "login"; } @RequestMapping("/index") public String index(){ return "index"; } @RequestMapping("logout") public String logout() { Subject subject = SecurityUtils.getSubject(); subject.logout(); return "redirect:/"; } @RequestMapping("/login") public String login(String username, String password) { //获取主题对象 Subject subject = SecurityUtils.getSubject(); try { subject.login(new UsernamePasswordToken(username,password)); log.info("登录成功!!!"); return "redirect:/index"; } catch (UnknownAccountException e) { e.printStackTrace(); log.error("用户错误!!!"); } catch (IncorrectCredentialsException e) { log.error("密码错误!!!"); } return "redirect:/"; } }
package com.zjl.realm; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public class CustomerRealm extends AuthorizingRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String principal = (String) authenticationToken.getPrincipal(); if ("zhangsan".equals(principal)) { return new SimpleAuthenticationInfo(principal,"123456",this.getName()); } return null; } }
package com.zjl.config; import com.zjl.realm.CustomerRealm; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.Map; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Configuration public class ShiroConfig { //ShiroFilter过滤所有请求 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //给ShiroFilter配置安全管理器 shiroFilterFactoryBean.setSecurityManager(securityManager); //配置系统受限资源 //配置系统公共资源 Map<String, String> map = new HashMap<String, String>(); map.put("/login","anon");//表示这个为公共资源 不能被拦截 map.put("/**","authc");//表示这个受限资源需要认证和授权 // 设置认证界面路径 shiroFilterFactoryBean.setLoginUrl("/"); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } //创建安全管理器 @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(realm); return securityManager; } //创建自定义Realm @Bean public Realm getRealm() { CustomerRealm realm = new CustomerRealm(); return realm; } }
未登录、退出都不能访问index.jsp
登录后可以正常访问
/* Navicat Premium Data Transfer Date: 11/04/2024 14:22:47 */ SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for t_user -- ---------------------------- DROP TABLE IF EXISTS `user`; CREATE TABLE `user` ( `id` int(6) NOT NULL AUTO_INCREMENT, `username` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, `password` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, `salt` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB AUTO_INCREMENT = 1 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic; SET FOREIGN_KEY_CHECKS = 1;
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.47</version>
</dependency>
<dependency>
<groupId>tk.mybatis</groupId>
<artifactId>mapper-spring-boot-starter</artifactId>
<version>2.1.5</version>
</dependency>
package com.zjl.utils; import java.util.Random; /** * @author: zjl * @datetime: 2024/4/11 * @desc:随机盐 */ public class SaltUtil { public static String getSalt(int n) { char[] chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890!@#$%^&*()".toCharArray(); StringBuilder sb = new StringBuilder(); for (int i = 0; i < n; i++) { char c = chars[new Random().nextInt(chars.length)]; sb.append(c); } return sb.toString(); } public static void main(String[] args) { System.out.println(getSalt(4)); } }
package com.zjl.utils; import org.springframework.beans.BeansException; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContextAware; import org.springframework.stereotype.Component; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Component public class ApplicationContextUtil implements ApplicationContextAware { private static ApplicationContext context; @Override public void setApplicationContext(ApplicationContext applicationContext) throws BeansException { context = applicationContext; } //根据bean名字获取工厂中指定bean 对象 public static <T> T getBean(Class<T> c) { return context.getBean(c); } public static <T> T getBean(String beanName, Class<T> c) { return context.getBean(beanName,c); } }
package com.zjl.pojo; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; import lombok.ToString; import lombok.experimental.Accessors; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Data @Accessors(chain = true) @NoArgsConstructor @AllArgsConstructor @ToString public class User { private String id; private String username; private String password; private String salt; }
package com.zjl.mapper; import com.zjl.pojo.User; import org.apache.ibatis.annotations.Select; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public interface UserMapper { void insert(User user); @Select("select id,username,password,salt from user where username = #{username}") User selectByUserName(String username); }
<insert id="insert" parameterType="com.zjl.pojo.User" useGeneratedKeys="true" keyProperty="id">
insert into user values(#{id},#{username},#{password},#{salt})
</insert>
service
package com.zjl.service; import com.zjl.mapper.UserMapper; import com.zjl.pojo.User; import com.zjl.utils.SaltUtil; import org.apache.shiro.crypto.hash.Md5Hash; import org.springframework.stereotype.Service; import javax.annotation.Resource; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Service public class UserService { @Resource private UserMapper userMapper; public void register(User user) { //1.获取随机盐 String salt = SaltUtil.getSalt(8); //2.将随机盐保存到数据 user.setSalt(salt); //3.明文密码进行md5 + salt + hash散列 Md5Hash MD5 = new Md5Hash(user.getPassword(),salt,1024); user.setPassword(MD5.toHex()); userMapper.insert(user); } public User getUserByUsername(String username) { return userMapper.selectByUserName(username); } }
controller
@Resource private UserService userService; @RequestMapping("/submit") public String register(User user) { try { userService.register(user); return "redirect:/"; } catch (Exception e) { e.printStackTrace(); return "redirect:/register.jsp"; } } @RequestMapping("/register") public String register(){ return "register"; }
<%@page contentType="text/html;UTF-8" pageEncoding="UTF-8" isErrorPage="false" %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>注册</title> </head> <body> <h1>注册界面</h1> <form action="${pageContext.request.contextPath}/submit" method="post"> 用户名:<input type="text" name="username" > <br/> 密码 : <input type="text" name="password"> <br> <input type="submit" value="立即注册"> </form> </body> </html>
package com.zjl.realm; import com.zjl.pojo.User; import com.zjl.service.UserService; import com.zjl.utils.ApplicationContextUtil; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.stereotype.Component; import org.springframework.util.ObjectUtils; import javax.annotation.Resource; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public class CustomerRealm extends AuthorizingRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String principal = (String) authenticationToken.getPrincipal(); UserService userService = ApplicationContextUtil.getBean(UserService.class); User user = userService.getUserByUsername(principal); if (!ObjectUtils.isEmpty(user)) { return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), ByteSource.Util.bytes(user.getSalt()), this.getName()); } return null; } }
package com.zjl.config; import com.zjl.realm.CustomerRealm; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.Map; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Configuration public class ShiroConfig { //ShiroFilter过滤所有请求 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //给ShiroFilter配置安全管理器 shiroFilterFactoryBean.setSecurityManager(securityManager); //配置系统受限资源 //配置系统公共资源 Map<String, String> map = new HashMap<String, String>(); map.put("/login", "anon");//表示这个为公共资源 一定是在受限资源上面 map.put("/register", "anon");//表示这个为公共资源 一定是在受限资源上面 map.put("/submit", "anon");//表示这个为公共资源 一定是在受限资源上面 map.put("/**", "authc");//表示这个受限资源需要认证和授权 // 设置认证界面路径 shiroFilterFactoryBean.setLoginUrl("/"); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } //创建安全管理器 @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(realm); return securityManager; } //创建自定义Realm @Bean public Realm getRealm() { CustomerRealm realm = new CustomerRealm(); HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); //设置使用MD5加密算法 credentialsMatcher.setHashAlgorithmName("md5"); //散列次数 credentialsMatcher.setHashIterations(1024); realm.setCredentialsMatcher(credentialsMatcher); return realm; } }
/* Navicat Premium Data Transfer Date: 11/04/2024 15:57:40 */ SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for pers -- ---------------------------- DROP TABLE IF EXISTS `pers`; CREATE TABLE `pers` ( `id` int(6) NOT NULL AUTO_INCREMENT, `name` varchar(80) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, `url` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB AUTO_INCREMENT = 1 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Table structure for role -- ---------------------------- DROP TABLE IF EXISTS `role`; CREATE TABLE `role` ( `id` int(6) NOT NULL AUTO_INCREMENT, `name` varchar(60) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB AUTO_INCREMENT = 1 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Table structure for role_perms -- ---------------------------- DROP TABLE IF EXISTS `role_perms`; CREATE TABLE `role_perms` ( `id` int(6) NOT NULL, `roleid` int(6) NULL DEFAULT NULL, `permsid` int(6) NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Table structure for t_user -- ---------------------------- DROP TABLE IF EXISTS `user`; CREATE TABLE `user` ( `id` int(6) NOT NULL AUTO_INCREMENT, `username` varchar(40) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, `password` varchar(40) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, `salt` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Table structure for user_role -- ---------------------------- DROP TABLE IF EXISTS `user_role`; CREATE TABLE `user_role` ( `id` int(6) NOT NULL, `userid` int(6) NULL DEFAULT NULL, `roleid` int(6) NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; SET FOREIGN_KEY_CHECKS = 1;
package com.zjl.pojo; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; import lombok.ToString; import lombok.experimental.Accessors; import java.io.Serializable; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Data @Accessors(chain = true) @NoArgsConstructor @AllArgsConstructor @ToString public class User implements Serializable { private String id; private String username; private String password; private String salt; //定义角色集合 private List<Role> roles; } package com.zjl.pojo; import lombok.*; import lombok.experimental.Accessors; import java.io.Serializable; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Data @Accessors(chain = true) @AllArgsConstructor @NoArgsConstructor public class Perms implements Serializable { private String id; private String name; private String url; } package com.zjl.pojo; import lombok.*; import lombok.experimental.Accessors; import java.io.Serializable; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Data @Accessors(chain = true) @AllArgsConstructor @NoArgsConstructor public class Role implements Serializable { private String id; private String name; //定义权限的集合 private List<Perms> perms; }
package com.zjl.mapper; import com.zjl.pojo.Perms; import com.zjl.pojo.Role; import com.zjl.pojo.User; import org.apache.ibatis.annotations.Select; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public interface UserMapper { void insert(User user); @Select("select id,username,password,salt from user where username = #{username}") User selectByUserName(String username); //根据用户名查询所有角色 User selectRolesByUserName(String username); //根据角色id查询权限集合 Role selectPermByRoleId(String id); //根据角色id查询权限集合 List<Perms> selectPermsByRoleId(String id); }
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.zjl.mapper.UserMapper"> <insert id="insert" parameterType="com.zjl.pojo.User" useGeneratedKeys="true" keyProperty="id"> insert into user values(#{id},#{username},#{password},#{salt}) </insert> <resultMap id="userMap" type="com.zjl.pojo.User"> <id column="uid" property="id"/> <result column="username" property="username"/> <!--角色信息--> <collection property="roles" javaType="list" ofType="com.zjl.pojo.Role"> <id column="id" property="id"/> <result column="rname" property="name"/> </collection> </resultMap> <select id="selectRolesByUserName" parameterType="String" resultMap="userMap"> SELECT u.id uid,u.username,r.id,r.NAME rname FROM user u LEFT JOIN user_role ur ON u.id=ur.userid LEFT JOIN role r ON ur.roleid=r.id WHERE u.username=#{username} </select> <resultMap id="roleMap" type="com.zjl.pojo.Role"> <result column="name" property="name"/> <collection property="perms" javaType="list" ofType="com.zjl.pojo.Perms"> <id column="id" property="id"/> <result column="name" property="name"/> <result column="url" property="url"/> </collection> </resultMap> <select id="selectPermByRoleId" parameterType="String" resultMap="roleMap"> SELECT r.`name`,p.`id`,p.`name`,p.`url` FROM role r LEFT JOIN role_perms rp ON r.`id` = rp.`roleid` LEFT JOIN pers p ON rp.`permsid` = p.`id` WHERE r.`id` = #{id} </select> <select id="selectPermsByRoleId" parameterType="String" resultType="com.zjl.pojo.Perms"> SELECT p.id,p.NAME,p.url,r.NAME FROM role r LEFT JOIN role_perms rp ON r.id=rp.roleid LEFT JOIN pers p ON rp.permsid=p.id WHERE r.id=#{id} </select> </mapper>
package com.zjl.service; import com.zjl.mapper.UserMapper; import com.zjl.pojo.Perms; import com.zjl.pojo.Role; import com.zjl.pojo.User; import com.zjl.utils.SaltUtil; import org.apache.shiro.crypto.hash.Md5Hash; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ @Service public class UserService { @Resource private UserMapper userMapper; public void register(User user) { //1.获取随机盐 String salt = SaltUtil.getSalt(8); //2.将随机盐保存到数据 user.setSalt(salt); //3.明文密码进行md5 + salt + hash散列 Md5Hash MD5 = new Md5Hash(user.getPassword(),salt,1024); user.setPassword(MD5.toHex()); userMapper.insert(user); } public User getUserByUsername(String username) { return userMapper.selectByUserName(username); } public User getRoleByUsername(String username) { return userMapper.selectRolesByUserName(username); } public Role findPermByRoleId(String id) { return userMapper.selectPermByRoleId(id); } public List<Perms> findPermsByRoleId2(String id) { return userMapper.selectPermsByRoleId(id); } }
package com.zjl.realm; import com.zjl.pojo.Perms; import com.zjl.pojo.User; import com.zjl.service.UserService; import com.zjl.utils.ApplicationContextUtil; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.util.CollectionUtils; import org.springframework.util.ObjectUtils; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public class CustomerRealm extends AuthorizingRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { String principal = (String) principalCollection.getPrimaryPrincipal(); //获取UserService对象 UserService userService = ApplicationContextUtil.getBean(UserService.class); //基于角色授权 User user = userService.getRoleByUsername(principal); System.out.println("user======="+user); if (!CollectionUtils.isEmpty(user.getRoles())) { SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); user.getRoles().forEach(role ->{ info.addRole(role.getName()); /*Role role2 = userService.findPermByRoleId(role.getId()); System.out.println("role2======"+role2); if (!CollectionUtils.isEmpty(role2.getPerms())) { role2.getPerms().forEach(perm -> info.addStringPermission(perm.getName())); }*/ //权限信息 List<Perms> perms = userService.getPermsByRoleId(role.getId()); System.out.println("perms========"+perms); if(!CollectionUtils.isEmpty(perms) && perms.get(0)!=null ){ perms.forEach(perm->{ info.addStringPermission(perm.getName()); }); } }); return info; } return null; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String principal = (String) authenticationToken.getPrincipal(); UserService userService = ApplicationContextUtil.getBean(UserService.class); User user = userService.getUserByUsername(principal); if (!ObjectUtils.isEmpty(user)) { return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), ByteSource.Util.bytes(user.getSalt()), this.getName()); } return null; } }
<%@page contentType="text/html;UTF-8" pageEncoding="UTF-8" isErrorPage="false" %> <%@taglib prefix="shiro" uri="http://shiro.apache.org/tags" %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>首页</title> </head> <body> <%--受限资源--%> <h1>系统主页</h1> <a href="${pageContext.request.contextPath}/user/logout">退出登录</a> <ul> <shiro:hasRole name="user"> <li><a href="#">用户管理</a></li> <ul> <shiro:hasPermission name="user:save:*"> <li><a href="#">增加</a></li> </shiro:hasPermission> <shiro:hasPermission name="user:delete:*"> <li><a href="#">删除</a></li> </shiro:hasPermission> <shiro:hasPermission name="user:update:*"> <li><a href="#">修改</a></li> </shiro:hasPermission> <shiro:hasPermission name="user:find:*"> <li><a href="#">查询</a></li> </shiro:hasPermission> </ul> </shiro:hasRole> <shiro:hasRole name="admin"> <li><a href="#">商品管理</a></li> <li><a href="#">订单管理</a></li> <li><a href="#">物流管理</a></li> </shiro:hasRole> </ul> </body> </html>
<!--引入shiro和ehcache-->
<!-- <dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.5.3</version>
</dependency> -->
<!--redis整合springboot-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
spring:
redis:
host: localhost
port: 6379
password: 123456
database: 0
package com.zjl.redis; import com.zjl.utils.ApplicationContextUtil; import org.apache.shiro.cache.Cache; import org.apache.shiro.cache.CacheException; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.serializer.StringRedisSerializer; import java.util.Collection; import java.util.Set; /** * @author: zjl * @datetime: 2024/4/12 * @desc:自定义redis缓存的实现 */ public class RedisCache<k,v> implements Cache<k,v> { private String cacheName; public RedisCache() { } public RedisCache(String cacheName) { this.cacheName = cacheName; } @Override public v get(k k) throws CacheException { return (v) getRedisTemplate().opsForHash().get(this.cacheName, k.toString()); } @Override public v put(k k, v v) throws CacheException { System.out.println("put key: "+k); System.out.println("put value:"+v); getRedisTemplate().opsForHash().put(this.cacheName,k.toString(), v); return null; } @Override public v remove(k k) throws CacheException { System.out.println("=============remove============="); return (v) getRedisTemplate().opsForHash().delete(this.cacheName,k.toString()); } @Override public void clear() throws CacheException { System.out.println("=============clear=============="); getRedisTemplate().delete(this.cacheName); } @Override public int size() { return getRedisTemplate().opsForHash().size(this.cacheName).intValue(); } @Override public Set<k> keys() { return getRedisTemplate().opsForHash().keys(this.cacheName); } @Override public Collection<v> values() { return getRedisTemplate().opsForHash().values(this.cacheName); } private RedisTemplate getRedisTemplate(){ RedisTemplate redisTemplate = ApplicationContextUtil.getBean("redisTemplate",RedisTemplate.class); redisTemplate.setKeySerializer(new StringRedisSerializer()); redisTemplate.setHashKeySerializer(new StringRedisSerializer()); return redisTemplate; } }
package com.zjl.redis; import org.apache.shiro.cache.Cache; import org.apache.shiro.cache.CacheException; import org.apache.shiro.cache.CacheManager; /** * @author: zjl * @datetime: 2024/4/12 * @desc: */ public class RedisCacheManager implements CacheManager { //参数1:认证或者是授权缓存的统一名称 @Override public <K, V> Cache<K, V> getCache(String cacheName) throws CacheException { System.out.println(cacheName); return new RedisCache<K,V>(cacheName); } }
package com.zjl.utils; import org.apache.shiro.codec.Base64; import org.apache.shiro.codec.CodecSupport; import org.apache.shiro.codec.Hex; import org.apache.shiro.util.ByteSource; import java.io.File; import java.io.InputStream; import java.io.Serializable; import java.util.Arrays; /** * @author: zjl * @datetime: 2024/4/12 * @desc:自定义salt实现 实现序列化接口 */ public class MyByteSource implements ByteSource, Serializable { private byte[] bytes; private String cachedHex; private String cachedBase64; public MyByteSource(byte[] bytes) { this.bytes = bytes; } public MyByteSource(char[] chars) { this.bytes = CodecSupport.toBytes(chars); } public MyByteSource(String string) { this.bytes = CodecSupport.toBytes(string); } public MyByteSource(ByteSource source) { this.bytes = source.getBytes(); } public MyByteSource(File file) { this.bytes = (new MyByteSource.BytesHelper()).getBytes(file); } public MyByteSource(InputStream stream) { this.bytes = (new MyByteSource.BytesHelper()).getBytes(stream); } public static boolean isCompatible(Object o) { return o instanceof byte[] || o instanceof char[] || o instanceof String || o instanceof ByteSource || o instanceof File || o instanceof InputStream; } @Override public byte[] getBytes() { return this.bytes; } @Override public boolean isEmpty() { return this.bytes == null || this.bytes.length == 0; } @Override public String toHex() { if (this.cachedHex == null) { this.cachedHex = Hex.encodeToString(this.getBytes()); } return this.cachedHex; } @Override public String toBase64() { if (this.cachedBase64 == null) { this.cachedBase64 = Base64.encodeToString(this.getBytes()); } return this.cachedBase64; } @Override public String toString() { return this.toBase64(); } @Override public int hashCode() { return this.bytes != null && this.bytes.length != 0 ? Arrays.hashCode(this.bytes) : 0; } @Override public boolean equals(Object o) { if (o == this) { return true; } else if (o instanceof ByteSource) { ByteSource bs = (ByteSource) o; return Arrays.equals(this.getBytes(), bs.getBytes()); } else { return false; } } private static final class BytesHelper extends CodecSupport { private BytesHelper() { } public byte[] getBytes(File file) { return this.toBytes(file); } public byte[] getBytes(InputStream stream) { return this.toBytes(stream); } } }
package com.zjl.realm; import com.zjl.pojo.Perms; import com.zjl.pojo.User; import com.zjl.service.UserService; import com.zjl.utils.ApplicationContextUtil; import com.zjl.utils.MyByteSource; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.util.CollectionUtils; import org.springframework.util.ObjectUtils; import java.util.List; /** * @author: zjl * @datetime: 2024/4/11 * @desc: */ public class CustomerRealm extends AuthorizingRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { String principal = (String) principalCollection.getPrimaryPrincipal(); //获取UserService对象 UserService userService = ApplicationContextUtil.getBean(UserService.class); //基于角色授权 User user = userService.getRoleByUsername(principal); System.out.println("user======="+user); if (!CollectionUtils.isEmpty(user.getRoles())) { SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); user.getRoles().forEach(role ->{ info.addRole(role.getName()); /*Role role2 = userService.findPermByRoleId(role.getId()); System.out.println("role2======"+role2); if (!CollectionUtils.isEmpty(role2.getPerms())) { role2.getPerms().forEach(perm -> info.addStringPermission(perm.getName())); }*/ //权限信息 List<Perms> perms = userService.getPermsByRoleId(role.getId()); System.out.println("perms========"+perms); if(!CollectionUtils.isEmpty(perms) && perms.get(0)!=null ){ perms.forEach(perm->{ info.addStringPermission(perm.getName()); }); } }); return info; } return null; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String principal = (String) authenticationToken.getPrincipal(); //获取UserService对象 UserService userService = ApplicationContextUtil.getBean(UserService.class); User user = userService.getUserByUsername(principal); if (!ObjectUtils.isEmpty(user)) { return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), new MyByteSource(user.getSalt()), this.getName()); } return null; } }
//3.创建自定义realm @Bean public Realm getRealm() { CustomerRealm realm = new CustomerRealm(); HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); //设置使用MD5加密算法 credentialsMatcher.setHashAlgorithmName("md5"); //散列次数 credentialsMatcher.setHashIterations(1024); realm.setCredentialsMatcher(credentialsMatcher); //开启缓存管理器 realm.setCacheManager(new RedisCacheManager()); realm.setCachingEnabled(true);//开启缓存 realm.setAuthenticationCachingEnabled(true);//开启认证缓存 realm.setAuthenticationCacheName("authentication"); realm.setAuthorizationCachingEnabled(true);//开启授权缓存 realm.setAuthorizationCacheName("authorization"); return realm; }
package com.zjl.utils; import javax.imageio.ImageIO; import java.awt.*; import java.awt.geom.AffineTransform; import java.awt.image.BufferedImage; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.OutputStream; import java.util.Arrays; import java.util.Random; /** * @author: zjl * @datetime: 2024/4/12 * @desc: */ public class VerifyCodeUtils{ //使用到Algerian字体,系统里没有的话需要安装字体,字体只显示大写,去掉了1,0,i,o几个容易混淆的字符 public static final String VERIFY_CODES = "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"; private static Random random = new Random(); /** * 使用系统默认字符源生成验证码 * @param verifySize 验证码长度 * @return */ public static String generateVerifyCode(int verifySize){ return generateVerifyCode(verifySize, VERIFY_CODES); } /** * 使用指定源生成验证码 * @param verifySize 验证码长度 * @param sources 验证码字符源 * @return */ public static String generateVerifyCode(int verifySize, String sources){ if(sources == null || sources.length() == 0){ sources = VERIFY_CODES; } int codesLen = sources.length(); Random rand = new Random(System.currentTimeMillis()); StringBuilder verifyCode = new StringBuilder(verifySize); for(int i = 0; i < verifySize; i++){ verifyCode.append(sources.charAt(rand.nextInt(codesLen-1))); } return verifyCode.toString(); } /** * 生成随机验证码文件,并返回验证码值 * @param w * @param h * @param outputFile * @param verifySize * @return * @throws IOException */ public static String outputVerifyImage(int w, int h, File outputFile, int verifySize) throws IOException{ String verifyCode = generateVerifyCode(verifySize); outputImage(w, h, outputFile, verifyCode); return verifyCode; } /** * 输出随机验证码图片流,并返回验证码值 * @param w * @param h * @param os * @param verifySize * @return * @throws IOException */ public static String outputVerifyImage(int w, int h, OutputStream os, int verifySize) throws IOException{ String verifyCode = generateVerifyCode(verifySize); outputImage(w, h, os, verifyCode); return verifyCode; } /** * 生成指定验证码图像文件 * @param w * @param h * @param outputFile * @param code * @throws IOException */ public static void outputImage(int w, int h, File outputFile, String code) throws IOException{ if(outputFile == null){ return; } File dir = outputFile.getParentFile(); if(!dir.exists()){ dir.mkdirs(); } try{ outputFile.createNewFile(); FileOutputStream fos = new FileOutputStream(outputFile); outputImage(w, h, fos, code); fos.close(); } catch(IOException e){ throw e; } } /** * 输出指定验证码图片流 * @param w * @param h * @param os * @param code * @throws IOException */ public static void outputImage(int w, int h, OutputStream os, String code) throws IOException{ int verifySize = code.length(); BufferedImage image = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB); Random rand = new Random(); Graphics2D g2 = image.createGraphics(); g2.setRenderingHint(RenderingHints.KEY_ANTIALIASING,RenderingHints.VALUE_ANTIALIAS_ON); Color[] colors = new Color[5]; Color[] colorSpaces = new Color[] { Color.WHITE, Color.CYAN, Color.GRAY, Color.LIGHT_GRAY, Color.MAGENTA, Color.ORANGE, Color.PINK, Color.YELLOW }; float[] fractions = new float[colors.length]; for(int i = 0; i < colors.length; i++){ colors[i] = colorSpaces[rand.nextInt(colorSpaces.length)]; fractions[i] = rand.nextFloat(); } Arrays.sort(fractions); g2.setColor(Color.GRAY);// 设置边框色 g2.fillRect(0, 0, w, h); Color c = getRandColor(200, 250); g2.setColor(c);// 设置背景色 g2.fillRect(0, 2, w, h-4); //绘制干扰线 Random random = new Random(); g2.setColor(getRandColor(160, 200));// 设置线条的颜色 for (int i = 0; i < 20; i++) { int x = random.nextInt(w - 1); int y = random.nextInt(h - 1); int xl = random.nextInt(6) + 1; int yl = random.nextInt(12) + 1; g2.drawLine(x, y, x + xl + 40, y + yl + 20); } // 添加噪点 float yawpRate = 0.05f;// 噪声率 int area = (int) (yawpRate * w * h); for (int i = 0; i < area; i++) { int x = random.nextInt(w); int y = random.nextInt(h); int rgb = getRandomIntColor(); image.setRGB(x, y, rgb); } shear(g2, w, h, c);// 使图片扭曲 g2.setColor(getRandColor(100, 160)); int fontSize = h-4; Font font = new Font("Algerian", Font.ITALIC, fontSize); g2.setFont(font); char[] chars = code.toCharArray(); for(int i = 0; i < verifySize; i++){ AffineTransform affine = new AffineTransform(); affine.setToRotation(Math.PI / 4 * rand.nextDouble() * (rand.nextBoolean() ? 1 : -1), (w / verifySize) * i + fontSize/2, h/2); g2.setTransform(affine); g2.drawChars(chars, i, 1, ((w-10) / verifySize) * i + 5, h/2 + fontSize/2 - 10); } g2.dispose(); ImageIO.write(image, "jpg", os); } private static Color getRandColor(int fc, int bc) { if (fc > 255) fc = 255; if (bc > 255) bc = 255; int r = fc + random.nextInt(bc - fc); int g = fc + random.nextInt(bc - fc); int b = fc + random.nextInt(bc - fc); return new Color(r, g, b); } private static int getRandomIntColor() { int[] rgb = getRandomRgb(); int color = 0; for (int c : rgb) { color = color << 8; color = color | c; } return color; } private static int[] getRandomRgb() { int[] rgb = new int[3]; for (int i = 0; i < 3; i++) { rgb[i] = random.nextInt(255); } return rgb; } private static void shear(Graphics g, int w1, int h1, Color color) { shearX(g, w1, h1, color); shearY(g, w1, h1, color); } private static void shearX(Graphics g, int w1, int h1, Color color) { int period = random.nextInt(2); boolean borderGap = true; int frames = 1; int phase = random.nextInt(2); for (int i = 0; i < h1; i++) { double d = (double) (period >> 1) * Math.sin((double) i / (double) period + (6.2831853071795862D * (double) phase) / (double) frames); g.copyArea(0, i, w1, 1, (int) d, 0); if (borderGap) { g.setColor(color); g.drawLine((int) d, i, 0, i); g.drawLine((int) d + w1, i, w1, i); } } } private static void shearY(Graphics g, int w1, int h1, Color color) { int period = random.nextInt(40) + 10; // 50; boolean borderGap = true; int frames = 20; int phase = 7; for (int i = 0; i < w1; i++) { double d = (double) (period >> 1) * Math.sin((double) i / (double) period + (6.2831853071795862D * (double) phase) / (double) frames); g.copyArea(i, 0, 1, h1, 0, (int) d); if (borderGap) { g.setColor(color); g.drawLine(i, (int) d, i, 0); g.drawLine(i, (int) d + h1, i, h1); } } } public static void main(String[] args) throws IOException { //获取验证码 String s = generateVerifyCode(4); //将验证码放入图片中 outputImage(260,60,new File("/Users/chenyannan/Desktop/安工资料/aa.jpg"),s); System.out.println(s); } }
<%@page contentType="text/html;UTF-8" pageEncoding="UTF-8" isErrorPage="false" %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>登录</title> </head> <body> <h1>登录界面</h1> <form action="${pageContext.request.contextPath}/login" method="post"> 用户名:<input type="text" name="username"> <br/> 密码 : <input type="text" name="password"> <br/> 请输入验证码: <input type="text" name="code"><img src="${pageContext.request.contextPath}/getImage" alt=""><br/> <input type="submit" value="登录"> </form> </body> </html>
@RequestMapping("getImage") public void getImage(HttpSession session, HttpServletResponse response) throws IOException { //生成验证码 String code = VerifyCodeUtils.generateVerifyCode(4); //验证码放入session session.setAttribute("code",code); //验证码存入图片 ServletOutputStream os = response.getOutputStream(); response.setContentType("image/png"); VerifyCodeUtils.outputImage(220,60,os,code); } //修改认证流程 @RequestMapping("login") public String login(String username, String password,String code,HttpSession session) { //比较验证码 String codes = (String) session.getAttribute("code"); try { if (codes.equalsIgnoreCase(code)){ //获取主体对象 Subject subject = SecurityUtils.getSubject(); subject.login(new UsernamePasswordToken(username, password)); return "redirect:/index"; }else{ throw new RuntimeException("验证码错误!"); } } catch (UnknownAccountException e) { e.printStackTrace(); System.out.println("用户名错误!"); } catch (IncorrectCredentialsException e) { e.printStackTrace(); System.out.println("密码错误!"); }catch (Exception e){ e.printStackTrace(); System.out.println(e.getMessage()); } return "redirect:/"; }
map.put("/getImage","anon");//验证码
<!-- 需要在jsp页面中引入标签 -->
<%@ taglib uri="http://shiro.apache.org/tags" prefix="shiro" %>
标签:
<shiro:authenticated> 登录之后
<shiro:notAuthenticated> 不在登录状态时
<shiro:guest> 用户在没有RememberMe时
<shiro:user> 用户在RememberMe时
<shiro:hasAnyRoles name="abc,123" > 在有abc或者123角色时
<shiro:hasRole name="abc"> 拥有角色abc
<shiro:lacksRole name="abc"> 没有角色abc
<shiro:hasPermission name="abc"> 拥有权限资源abc <shiro:lacksPermission name="abc"> 没有abc权限资源
<shiro:principal> 显示用户身份名称
<shiro:principal property="username"/> 显示用户身份中的属性值
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<!-- 验证当前用户是否为“访客”,即未认证(包含未记住)的用户。 --> <p shiro:guest="">Please <a href="login.html">login</a></p> <!-- 认证通过或已记住的用户。 --> <p shiro:user=""> Welcome back John! Not John? Click <a href="login.html">here</a> to login. </p> <!-- 已认证通过的用户。不包含已记住的用户,这是与user标签的区别所在。 --> <p shiro:authenticated=""> Hello, <span shiro:principal=""></span>, how are you today? </p> <a shiro:authenticated="" href="updateAccount.html">Update your contact information</a> <!-- 输出当前用户信息,通常为登录帐号信息。 --> <p>Hello, <shiro:principal/>, how are you today?</p> <!-- 未认证通过用户,与authenticated标签相对应。与guest标签的区别是,该标签包含已记住用户。 --> <p shiro:notAuthenticated=""> Please <a href="login.html">login</a> in order to update your credit card information. </p> <!-- 验证当前用户是否属于该角色。 --> <a shiro:hasRole="admin" href="admin.html">Administer the system</a><!-- 拥有该角色 --> <!-- 与hasRole标签逻辑相反,当用户不属于该角色时验证通过。 --> <p shiro:lacksRole="developer"><!-- 没有该角色 --> Sorry, you are not allowed to developer the system. </p> <!-- 验证当前用户是否属于以下所有角色。 --> <p shiro:hasAllRoles="developer, 2"><!-- 角色与判断 --> You are a developer and a admin. </p> <!-- 验证当前用户是否属于以下任意一个角色。 --> <p shiro:hasAnyRoles="admin, vip, developer,1"><!-- 角色或判断 --> You are a admin, vip, or developer. </p> <!--验证当前用户是否拥有指定权限。 --> <a shiro:hasPermission="userInfo:add" href="createUser.html">添加用户</a><!-- 拥有权限 --> <!-- 与hasPermission标签逻辑相反,当前用户没有制定权限时,验证通过。 --> <p shiro:lacksPermission="userInfo:del"><!-- 没有权限 --> Sorry, you are not allowed to delete user accounts. </p> <!-- 验证当前用户是否拥有以下所有角色。 --> <p shiro:hasAllPermissions="userInfo:view, userInfo:add"><!-- 权限与判断 --> You can see or add users. </p> <!-- 验证当前用户是否拥有以下任意一个权限。 --> <p shiro:hasAnyPermissions="userInfo:view, userInfo:del"><!-- 权限或判断 --> You can see or delete users. </p> <a shiro:hasPermission="pp" href="createUser.html">Create a new User</a>
若页面标签不起作用一定要记住加入方言处理
@Bean(name = “shiroDialect”)
public ShiroDialect shiroDialect(){
return new ShiroDialect();
}
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。