3.1乐导、pom.xml文件
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.8</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<!-- Spring Boot-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.6.1</version>
</dependency>
<!-- Mybatis -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<!-- Test -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.9</version>
</dependency>
3.2、配置文件
dataSource=org.springframework.jdbc.datasource.DriverManagerDataSource
#數(shù)據(jù)庫url
spring.datasource.url=jdbc:mysql://127.0.0.1:3306/user?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true
#數(shù)據(jù)庫賬號
spring.datasource.username=root
#數(shù)據(jù)庫密碼
spring.datasource.password=123456
spring.driver-class-name=com.mysql.jdbc.Driver
server.port=8044
#mybatis的 xml 文件:放在resources下面
mybatis.mapper-locations=classpath:repository/*.xml
#這個配置使用的mapper文件所在目錄
mybatis.type-aliases-package=com.huihui.chapter2.mapper
# 頁面訪問路徑
spring.thymeleaf.prefix=/WEB-INF/views/
spring.thymeleaf.suffix=.html
spring.thymeleaf.mode=HTML5
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=false
#################################################日志####################################################
#com.mycompany.mavenspringboot.mapper sql日志 DEBUG級別輸出
logging.level.com.huihui.chapter2.mapper=DEBUG
logging.file=logs/spring-boot-logging.log
logging.pattern.console=%d{yyyy/MM/dd-HH:mm:ss} [%thread] %-5level %logger- %msg%n
logging.pattern.file=%d{yyyy/MM/dd-HH:mm} [%thread] %-5level %logger- %msg%n
3.3浸颓、數(shù)據(jù)庫設(shè)計
數(shù)據(jù)庫跟上一篇一樣物臂,看過的跳過
shiro_user表:
DROP TABLE IF EXISTS `shiro_user`;
CREATE TABLE `shiro_user` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`USER_NAME` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
`PASSWORD` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
PRIMARY KEY (`ID`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
INSERT INTO `shiro_user` VALUES (1, 'test', '123456');
shiro_user_role表:
DROP TABLE IF EXISTS `shiro_user_role`;
CREATE TABLE `shiro_user_role` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`USER_NAME` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
`ROLE_NAME` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
PRIMARY KEY (`ID`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
INSERT INTO `shiro_user_role` VALUES (1, 'test', 'role1');
shiro_role_permission表:
DROP TABLE IF EXISTS `shiro_role_permission`;
CREATE TABLE `shiro_role_permission` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ROLE_NAME` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
`PERM_NAME` varchar(255) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL,
PRIMARY KEY (`ID`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
INSERT INTO `shiro_role_permission` VALUES (1, 'role1', 'perm1');
3.4旺拉、程序的入口
Application.java類是springBoot程序的入口
@SpringBootApplication
//掃描你項目所有的java類
@ComponentScan(basePackages = {"com.huihui"})
//掃描mapper所在的位置
@MapperScan({"com.huihui.chapter2.mapper"})
public class Application {
public static void main(String[] args) throws Exception{
SpringApplication.run(Application.class,args);
}
}
3.5、開始寫接口代碼
先看一下項目的結(jié)構(gòu)
代碼從數(shù)據(jù)庫開始寫起:
@Repository
public interface UserMapper {
String queryUserPassword(@Param("userName")String userName);
List<String> queryUserRole(@Param("userName")String userName);
List<String> queryRolePermission(@Param("roleName")String roleName);
List<String> queryUserPermission(@Param("userName")String userName);
}
mapper對應(yīng)的xml文件:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.huihui.chapter2.mapper.UserMapper">
<select id="queryUserPassword" resultType="string">
select password from shiro_user where user_name = #{userName, jdbcType=VARCHAR}
</select>
<select id="queryUserRole" resultMap="roleMap">
select role_name from shiro_user_role where user_name = #{userName, jdbcType=VARCHAR}
</select>
<resultMap id="permissionMap" type="java.lang.String">
<result column="perm_name" jdbcType="VARCHAR"/>
</resultMap>
<resultMap id="roleMap" type="java.lang.String">
<result column="role_name" jdbcType="VARCHAR"/>
</resultMap>
<select id="queryUserPermission" resultMap="permissionMap">
SELECT
srp.perm_name
FROM
shiro_user_role sur
INNER JOIN shiro_role_permission srp ON sur.role_name = srp.role_name
WHERE
sur.user_name = #{userName, jdbcType=VARCHAR}
</select>
<select id="queryRolePermission" resultMap="permissionMap">
select perm_name from shiro_role_permission where role_name = #{roleName, jdbcType=VARCHAR}
</select>
</mapper>
接下來是service:
@Service
public class UserService {
@Autowired
UserMapper userMapper;
@Autowired
MyUserRealm myUserRealm;
/**
* 登錄
* @param username
* @param password
* @throws Exception
*/
public void doLogin(String username, String password) throws Exception {
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(true);//是否記住用戶
try {
currentUser.login(token);//執(zhí)行登錄
} catch (UnknownAccountException uae) {
throw new Exception("賬戶不存在");
} catch (IncorrectCredentialsException ice) {
throw new Exception("密碼不正確");
} catch (LockedAccountException lae) {
throw new Exception("用戶被鎖定了 ");
} catch (AuthenticationException ae) {
ae.printStackTrace();
throw new Exception("未知錯誤");
}
}
}
/**
* 根據(jù)用戶名查詢密碼
* @param userName
* @return
*/
public String queryUserPassword(String userName){
return userMapper.queryUserPassword(userName);
}
/**
* 查詢當前用戶對應(yīng)的權(quán)限
* @param userName
* @return
*/
public List<String> queryUserPermission(String userName){
return userMapper.queryUserPermission(userName);
}
}
controller:
@Controller
public class UserController {
@Autowired
UserService userService;
@RequestMapping(value = "/index",method = RequestMethod.POST)
public String goLogin() {
return "/index.html";
}
@RequestMapping(value = "/logout",method = RequestMethod.POST)
public String login() {
Subject currentUser = SecurityUtils.getSubject();
currentUser.logout();
return "/index.html";
}
@RequestMapping(value = "/",method = RequestMethod.GET)
public String index() {
return "/index.html";
}
@RequestMapping(value = "/login",method = RequestMethod.POST)
public String login(String username, String password) {
try {
userService.doLogin(username, password);
} catch (Exception e) {
return "redirect:/hello";
}
return "redirect:/hello";
}
@RequestMapping(value = "/hello")
public String hello(){
return "hello.html";
}
@RequestMapping(value = "/hello1")
//需要訪問此接口的權(quán)限
@RequiresPermissions("perm3")
public String hello1(){
return "hello2.html";
}
}
寫一個異常攔截器棵磷,攔截沒有權(quán)限和未登錄的異常:
@ControllerAdvice
public class ExceptionInterceptor {
@ExceptionHandler({ UnauthorizedException.class, AuthorizationException.class })
public String authorizationException(HttpServletRequest req, HttpServletResponse response, Exception e) {
return "沒有權(quán)限";
}
@ExceptionHandler({ UnauthenticatedException.class, AuthenticationException.class })
public String authenticationException(HttpServletRequest req, HttpServletResponse response, Exception e) {
return "請登錄";
}
}
寫一個Realm繼承AuthorizingRealm账阻,重寫獲取權(quán)限,登錄等方法:
public class MyUserRealm extends AuthorizingRealm {
@Autowired
UserService userService;
public AuthorizationInfo queryAuthorizationInfo(PrincipalCollection principals){
return this.getAuthorizationInfo(principals);
}
// 獲取用戶的權(quán)限
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userName = principals.fromRealm(getName()).iterator().next().toString();
if(userName != null){
//獲取用戶所有權(quán)限 根據(jù)自己的需求編寫獲取授權(quán)信息泽本,這里簡化代碼獲取了用戶對應(yīng)的所有權(quán)限
List<String> perms = userService.queryUserPermission(userName);
if(perms != null && !perms.isEmpty()){
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for(String each : perms){
//將權(quán)限添加到用戶信息中
info.addStringPermission(each);
}
return info;
}
}
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
//通過表單接受的用戶名淘太,調(diào)用currentUser.login的時候執(zhí)行
String userName = token.getUsername();
if(userName != null && !"".equals(userName)){
//查詢密碼
String password = userService.queryUserPassword(userName);
if(password != null){
return new SimpleAuthenticationInfo(userName,password,getName());
}
}
return null;
}
@Override
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
@Override
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}
@Override
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}
}
接下來寫一些配置的屬性,可以寫在配置文件里面规丽,也可以用java類代替蒲牧,我這邊是用java類直接寫的:
@Configuration
public class ShiroUserConfig {
@Bean
public MyUserRealm myUserRealm(){
MyUserRealm realm = new MyUserRealm();
return realm;
}
@Bean
public DefaultWebSecurityManager securityManager(){
DefaultWebSecurityManager webSecurityManager = new DefaultWebSecurityManager();
webSecurityManager.setRealm(myUserRealm());
return webSecurityManager;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilter(){
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager());
// 配置訪問權(quán)限
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
//filterChainDefinitionMap.put("/index", "anon"); // 表示可以匿名訪問
// filterChainDefinitionMap.put("/*", "authc");// 表示需要認證才可以訪問
// filterChainDefinitionMap.put("/user/login", "perms[權(quán)限添加]");
factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return factoryBean;
}
/*** 開啟Shiro的注解*/
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
creator.setProxyTargetClass(true);
return creator;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
return authorizationAttributeSourceAdvisor;
}
OK,接口準備完畢了赌莺,接下來寫幾個簡單的頁面測試一下:
index.html
<form method="post" action="/login">
<div>
賬號: <input type="text" value="test" name="username" id="username" placeholder="賬號">
</div>
<div>
密碼: <input type="password" value="123456" class="form-control" name="password" id="password" placeholder="密碼">
</div>
<button type="submit">提交</button>
</form>
hello.html
<form action="/logout" method="post">
<button type="submit">退出</button>
</form>
<form method="post" action="/hello1">
<button type="submit">hello2</button>
</form>
hello2.html跟error.html隨便寫點東西
OK冰抢,到這里代碼及寫完了