shiro的简单使用
生活随笔
收集整理的這篇文章主要介紹了
shiro的简单使用
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns="http://java.sun.com/xml/ns/javaee"xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"id="WebApp_ID" version="3.0"><!-- Spring --><!-- 配置Spring配置文件路徑 --><context-param><param-name>contextConfigLocation</param-name><param-value>classpath*:applicationContext.xmlclasspath*:applicationContext-shiro.xml<!-- classpath*:spring-jms.xml --></param-value></context-param><!-- 配置Spring上下文監聽器 --><listener><listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener>
<!-- <listener> -->
<!-- <listener-class>org.activemq.web.SpringBrokerContextListener</listener-class> -->
<!-- </listener> --><!-- Spring --><!-- 配置Spring字符編碼過濾器 --><filter><filter-name>encodingFilter</filter-name><filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class><init-param><param-name>encoding</param-name><param-value>UTF-8</param-value></init-param><init-param><param-name>forceEncoding</param-name><param-value>true</param-value></init-param></filter><filter-mapping><filter-name>encodingFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!-- shiro 安全過濾器 --><filter><filter-name>shiroFilter</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class><async-supported>true</async-supported><init-param><param-name>targetFilterLifecycle</param-name><param-value>true</param-value></init-param></filter><filter-mapping><filter-name>shiroFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!-- 配置log4j配置文件路徑 --><context-param><param-name>log4jConfigLocation</param-name><param-value>classpath:log4j.properties</param-value></context-param><!-- 60s 檢測日志配置 文件變化 --><context-param><param-name>log4jRefreshInterval</param-name><param-value>60000</param-value></context-param><!-- 配置Log4j監聽器 --><listener><listener-class>org.springframework.web.util.Log4jConfigListener</listener-class></listener><!-- Spring MVC 核心控制器 DispatcherServlet 配置 --><servlet><servlet-name>dispatcher</servlet-name><servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class><init-param><param-name>contextConfigLocation</param-name><param-value>classpath*:spring-mvc.xml</param-value></init-param><load-on-startup>1</load-on-startup></servlet><servlet-mapping><servlet-name>dispatcher</servlet-name><!-- 攔截所有/rest/* 的請求,交給DispatcherServlet處理,性能最好 --><url-pattern>/rest/*</url-pattern></servlet-mapping><!-- 首頁 --><welcome-file-list><welcome-file>rest/index</welcome-file></welcome-file-list><!-- 錯誤頁 --><error-page><error-code>404</error-code><location>/rest/page/404</location></error-page><error-page><error-code>500</error-code><location>/rest/page/500</location></error-page><error-page><exception-type>org.apache.shiro.authz.AuthorizationException</exception-type><location>/rest/page/401</location></error-page></web-app>
web.xml? 用到了shiro的過濾器和配置文件
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:util="http://www.springframework.org/schema/util"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsdhttp://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"><description>apache shiro配置</description><bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"><property name="securityManager" ref="securityManager"/><property name="loginUrl" value="/rest/page/index"/><property name="successUrl" value="/rest/index"/><property name="unauthorizedUrl" value="/rest/page/401"/><property name="filterChainDefinitions"><value><!-- 靜態資源允許訪問 -->/app/** = anon<!-- 登錄頁(靜態)允許訪問 -->/rest/users/index = anon<!-- 登錄頁(動態)允許訪問 -->/rest/users/login = anon<!-- app登錄頁面 -->/rest/users/apploginindex = anon<!-- app登錄頁面 -->rest/users/login2 = anon<!-- 其他資源需要認證 -->/** = authc</value></property></bean><!-- 緩存管理器 使用Ehcache實現 --><bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"><property name="cacheManagerConfigFile" value="classpath:ehcache-shiro.xml"/></bean><!-- 會話DAO --><bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.MemorySessionDAO"/><!-- 會話管理器 --><bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"><property name="sessionDAO" ref="sessionDAO"/></bean><!-- 安全管理器 --><bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"><property name="realms"><list><ref bean="securityRealm"/> ------------------這里的驗證來自于下面</list></property> <!-- cacheManager,集合spring緩存工廠 --> <!-- <property name="cacheManager" ref="shiroEhcacheManager" /> --> <!-- <property name="sessionManager" ref="sessionManager" /> --></bean><!-- Shiro生命周期處理器 --><bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/></beans>applicationContext-shiro.xml 配置了shiro的靜態登錄頁面,允許登錄頁面(這里有兩個登錄,一個是app登錄,一個是pc登錄),允許運行的路徑等。
package com.timestech.wsgk.web.security;import java.util.List;import javax.annotation.Resource;import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.springframework.stereotype.Component;import com.timestech.wsgk.web.model.SysRole; import com.timestech.wsgk.web.model.SysUser; import com.timestech.wsgk.web.service.SysRoleService; import com.timestech.wsgk.web.service.SysUserService; @Component(value = "securityRealm") public class SecurityRealm extends AuthorizingRealm {@Resourceprivate SysUserService sysUserService;@Resourceprivate SysRoleService sysRoleService;/*** 登錄驗證*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {String account = String.valueOf(token.getPrincipal());String password = new String((char[]) token.getCredentials());// 通過數據庫進行驗證 final SysUser authentication = sysUserService.authentication(account,password);if (authentication == null) {throw new AuthenticationException("用戶名或密碼錯誤.");}final List<SysRole> sysRoles = sysRoleService.selectRoleByUserId(authentication.getId()); --------service從數據庫中查詢驗證if(sysRoles.size() == 0)throw new AuthenticationException("權限信息不完整,請聯系管理員!");SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(account, password, getName());return authenticationInfo;}@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {return null;}}?
總結
以上是生活随笔為你收集整理的shiro的简单使用的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 在leangoo里怎么复制删除列表?
- 下一篇: WPF路径动画(动态逆向动画)