SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)

上傳人：1*** IP屬地：山東上傳時(shí)間：2023-07-30 格式：DOCX 頁數(shù)：68 大?。?34.94KB 積分：30 舉報(bào) 版權(quán)申訴

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)_第2頁

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)_第3頁

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)_第4頁

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)_第5頁

已閱讀5頁，還剩63頁未讀，繼續(xù)免費(fèi)閱讀

版權(quán)說明：本文檔由用戶提供并上傳，收益歸屬內(nèi)容提供方，若內(nèi)容存在侵權(quán)，請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

.SpringBoot整合Shiro搭建權(quán)限管理系統(tǒng)一、SpringBoot入門新建一個(gè)maven工程.2.修改pom.xml文件,添加springboot父工程精品文檔放心下載精品文檔放心下載<parent><groupId>org.springframework.boot</groupId>謝謝閱讀<artifactId>spring-boot-starter-parent</artifactId>謝謝閱讀.<version>1.5.4.RELEASE</version>感謝閱讀</parent>修改默認(rèn)編譯的jdk版本<java.version>1.8</java.version>謝謝閱讀4.添加springboot啟動(dòng)器(web支持)謝謝閱讀<dependency><groupId>org.springframework.boot</groupId>感謝閱讀<artifactId>spring-boot-starter-web</artifactId>謝謝閱讀</dependency>完整的pom.xml文件如下:<projectxmlns="/POM/4.0.0"感謝閱讀xmlns:xsi="/2001/XMLSchema-instance"謝謝閱讀.xsi:schemaLocation="/POM/4.0.0感謝閱讀/xsd/maven-4.0.0.xsd">精品文檔放心下載<modelVersion>4.0.0</modelVersion>精品文檔放心下載<groupId>com.hellotomcat</groupId>精品文檔放心下載<artifactId>springboot-shiro</artifactId>精品文檔放心下載<version>0.0.1-SNAPSHOT</version>謝謝閱讀精品文檔放心下載<parent><groupId>org.springframework.boot</groupId>謝謝閱讀<artifactId>spring-boot-starter-parent</artifactId>感謝閱讀<version>1.5.4.RELEASE</version>精品文檔放心下載</parent><dependencies><dependency><groupId>org.springframework.boot</groupId>精品文檔放心下載<artifactId>spring-boot-starter-web</artifactId>感謝閱讀</dependency>.<dependency><groupId>org.springframework.boot</groupId>謝謝閱讀<artifactId>spring-boot-starter-thymeleaf</artifactId>感謝閱讀</dependency></dependencies><properties><java.version>1.8</java.version>感謝閱讀<thymeleaf.version>3.0.2.RELEASE</thymeleaf.version>精品文檔放心下載<thymeleaf-layout-dialect.version>2.0.4</thymeleaf-layout-謝謝閱讀dialect.version></properties></project>.5.編寫controller（UserController）感謝閱讀packagecom.hellotomcat.controller;精品文檔放心下載importorg.springframework.stereotype.Controller;感謝閱讀importorg.springframework.ui.Model;謝謝閱讀importorg.springframework.web.bind.annotation.RequestMapping;感謝閱讀importorg.springframework.web.bind.annotation.ResponseBody;感謝閱讀@ControllerpublicclassUserController{謝謝閱讀/***測試方法@return*/@RequestMapping("/hello")@ResponseBody //返回json數(shù)據(jù)publicStringhello(){System.out.println("hellospringboot");謝謝閱讀return"ok";}./***測試thymeleaf@parammodel@return*/@RequestMapping("/testThymeleaf")謝謝閱讀publicStringtestThymeleaf(Modelmodel){精品文檔放心下載//把數(shù)據(jù)放入modelmodel.addAttribute("name","admin");謝謝閱讀//返回test.htmlreturn"test";}}6.編寫啟動(dòng)類Applicationpackagecom.hellotomcat;.importorg.springframework.boot.SpringApplication;精品文檔放心下載importorg.springframework.boot.autoconfigure.SpringBootApplication;精品文檔放心下載/***SpringBoot啟動(dòng)類@authorLenovo*/@SpringBootApplicationpublicclassApplication{謝謝閱讀publicstaticvoidmain(String[]args){精品文檔放心下載SpringApplication.run(Application.class,args);感謝閱讀}}.7.運(yùn)行啟動(dòng)類Application(和運(yùn)行普通的Java程序一樣)感謝閱讀然后在瀏覽器輸入:http://localhost:8080/hello,就可以正常訪問了,出現(xiàn)如下畫面說明啟動(dòng)成功謝謝閱讀.二、導(dǎo)入thymeleaf頁面模塊1.引入thymeleaf依賴<dependency><groupId>org.springframework.boot</groupId>感謝閱讀<artifactId>spring-boot-starter-thymeleaf</artifactId>謝謝閱讀</dependency>2.在controller當(dāng)中添加如下方法:/***測試thymeleaf@parammodel@return*/.@RequestMapping("/testThymeleaf")精品文檔放心下載publicStringtestThymeleaf(Modelmodel){感謝閱讀//把數(shù)據(jù)放入modelmodel.addAttribute("name","admin");精品文檔放心下載//返回test.htmlreturn"test";}.在src/main/resources目錄下面建立templates目錄用來存放頁面(Spting-Boot默認(rèn)頁面存放路徑,名字不可更改)感謝閱讀4.在templates目錄下新建test.html精品文檔放心下載<!DOCTYPEhtml><html>.<head><title>測試thymeleaf的使用</title>感謝閱讀<metaname="keywords"content="keyword1,keyword2,keyword3"/>感謝閱讀<metaname="description"content="thisismypage"/>精品文檔放心下載<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀感謝閱讀</head><body><h3th:text="${name}"></h3>精品文檔放心下載</body></html>th:text="${name}"為thymeleaf語法,獲取model中傳過來的值感謝閱讀..在瀏覽器訪問http://localhost:8080/testThymeleaf精品文檔放心下載進(jìn)行測試.如果能夠在頁面上獲取到值就說明成功了.此處需要注意在thymeleaf3.0以前對頁面標(biāo)簽語法要求比較嚴(yán)格,開始標(biāo)簽必須有對應(yīng)的精品文檔放心下載結(jié)束標(biāo)簽,如果沒有就出現(xiàn)如下錯(cuò)誤..如果頁面標(biāo)簽不嚴(yán)謹(jǐn)還希望使用thymeleaf的話,那就需要升級thymeleaf到3.0以上的版感謝閱讀本,此處升級為3.0.2升級thymeleaf版本(修復(fù)上面的錯(cuò)誤),在properties節(jié)點(diǎn)下面添加感謝閱讀<thymeleaf.version>3.0.2.RELEASE</thymeleaf.version>謝謝閱讀<thymeleaf-layout-dialect.version>2.0.4</thymeleaf-layout-精品文檔放心下載dialect.version>.三、SpringBoot與Shiro整合實(shí)現(xiàn)用戶認(rèn)證感謝閱讀1.Shiro核心API類Subject: 用戶主體(把操作交給SecurityManager)謝謝閱讀SecurityManager: 安全管理器(關(guān)聯(lián)Realm)精品文檔放心下載Realm: shiro連接數(shù)據(jù)庫的橋梁2.導(dǎo)入shiro與spring整合依賴<dependency><groupId>org.apache.shiro</groupId>感謝閱讀<artifactId>shiro-spring</artifactId>謝謝閱讀<version>1.4.0</version></dependency>創(chuàng)建自定義Realmpackagecom.hellotomcat.shiro;謝謝閱讀importorg.apache.shiro.authc.AuthenticationException;謝謝閱讀importorg.apache.shiro.authc.AuthenticationInfo;感謝閱讀.importorg.apache.shiro.authc.AuthenticationToken;謝謝閱讀importorg.apache.shiro.authz.AuthorizationInfo;謝謝閱讀importorg.apache.shiro.realm.AuthorizingRealm;感謝閱讀importorg.apache.shiro.subject.PrincipalCollection;謝謝閱讀/***自定義Realm@authorLenovo*/publicclassUserRealmextendsAuthorizingRealm{感謝閱讀/***執(zhí)行授權(quán)邏輯*/@OverrideprotectedAuthorizationInfodoGetAuthorizationInfo(PrincipalCollectionarg0){謝謝閱讀System.out.println("執(zhí)行授權(quán)邏輯");精品文檔放心下載returnnull;}/***.執(zhí)行認(rèn)證邏輯*/@OverrideprotectedAuthenticationInfodoGetAuthenticationInfo(AuthenticationToken精品文檔放心下載arg0)throwsAuthenticationException{謝謝閱讀System.out.println("執(zhí)行認(rèn)證邏輯");謝謝閱讀returnnull;}}編寫shiro的配置類(重點(diǎn))(最基礎(chǔ)的配置類如下)精品文檔放心下載packagecom.hellotomcat.shiro;精品文檔放心下載importorg.apache.shiro.spring.web.ShiroFilterFactoryBean;謝謝閱讀importorg.apache.shiro.web.mgt.DefaultWebSecurityManager;謝謝閱讀importorg.springframework.beans.factory.annotation.Qualifier;謝謝閱讀importorg.springframework.context.annotation.Bean;謝謝閱讀importorg.springframework.context.annotation.Configuration;謝謝閱讀./***Shiro的配置類@authorLenovo*/@ConfigurationpublicclassShiroConfig{精品文檔放心下載/***創(chuàng)建ShiroFilterFactoryBean*/publicShiroFilterFactoryBean精品文檔放心下載getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManag謝謝閱讀ersecurityManager){ShiroFilterFactoryBeanshiroFilterFactoryBean=new感謝閱讀ShiroFilterFactoryBean();//設(shè)置安全管理器shiroFilterFactoryBean.setSecurityManager(securityManager);精品文檔放心下載returnshiroFilterFactoryBean;感謝閱讀}./***創(chuàng)建DefaultWebSecurityManager感謝閱讀*/@Bean(name="securityManager")精品文檔放心下載publicDefaultWebSecurityManager謝謝閱讀getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealmuserRealm){謝謝閱讀DefaultWebSecurityManagersecurityManager=new謝謝閱讀DefaultWebSecurityManager();謝謝閱讀//關(guān)聯(lián)realmsecurityManager.setRealm(userRealm);精品文檔放心下載returnsecurityManager;}/***創(chuàng)建Realm*/@BeanpublicUserRealmgetRealm(){精品文檔放心下載returnnewUserRealm();}}..使用shiro內(nèi)置過濾器實(shí)現(xiàn)攔截功能5.1.新建兩個(gè)頁面add.html和update.html感謝閱讀.add.html頁面代碼:.<!DOCTYPEhtml><html><head><title>用戶新增頁面</title><metaname="keywords"content="keyword1,keyword2,keyword3">謝謝閱讀<metaname="description"content="thisismypage">精品文檔放心下載<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀感謝閱讀</head><body>用戶新增</body></html>update.html頁面代碼:<!DOCTYPEhtml><html>.<head><title>用戶更新頁面</title><metaname="keywords"content="keyword1,keyword2,keyword3">精品文檔放心下載<metaname="description"content="thisismypage">感謝閱讀<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀感謝閱讀</head><body>用戶更新</body></html>5.2.修改test.html頁面<!DOCTYPEhtml><html><head>.<title>測試thymeleaf的使用</title>謝謝閱讀<metaname="keywords"content="keyword1,keyword2,keyword3"/>精品文檔放心下載<metaname="description"content="thisismypage"/>感謝閱讀<metaname="content-type"content="text/html;charset=UTF-8">謝謝閱讀感謝閱讀</head><body><h3th:text="${name}"></h3><br>謝謝閱讀進(jìn)入用戶添加功能:<ahref="add">用戶添加</a><br>精品文檔放心下載進(jìn)入用戶更新功能:<ahref="update">用戶更新</a><br>謝謝閱讀</body></html>5.3.在UserController當(dāng)中添加下面的方法感謝閱讀@RequestMapping("/add")//沒有@ResponseBody這個(gè)注釋則返回頁面,有就返回json數(shù)據(jù)感謝閱讀.publicStringadd(){return"/user/add";}@RequestMapping("/update")謝謝閱讀publicStringupdate(){return"/user/update";}5.4.修改ShiroConfig類packagecom.hellotomcat.shiro;精品文檔放心下載importjava.util.LinkedHashMap;精品文檔放心下載importjava.util.Map;importorg.apache.shiro.spring.web.ShiroFilterFactoryBean;感謝閱讀importorg.apache.shiro.web.mgt.DefaultWebSecurityManager;謝謝閱讀importorg.springframework.beans.factory.annotation.Qualifier;感謝閱讀importorg.springframework.context.annotation.Bean;感謝閱讀importorg.springframework.context.annotation.Configuration;精品文檔放心下載./***Shiro的配置類@authorLenovo*/@ConfigurationpublicclassShiroConfig{精品文檔放心下載/***創(chuàng)建ShiroFilterFactoryBean*/@BeanpublicShiroFilterFactoryBean謝謝閱讀getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManag感謝閱讀ersecurityManager){ShiroFilterFactoryBeanshiroFilterFactoryBean=new謝謝閱讀ShiroFilterFactoryBean();//設(shè)置安全管理器shiroFilterFactoryBean.setSecurityManager(securityManager);精品文檔放心下載//添加Shiro內(nèi)置過濾器/***.Shiro內(nèi)置過濾器,可以實(shí)現(xiàn)權(quán)限相關(guān)的攔截常用的過濾器:anon:無需認(rèn)證(登錄)可以訪問authc:必須認(rèn)證才可以訪問user:如果使用rememberMe的功能可以直接訪問謝謝閱讀perms:該資源必須得到資源權(quán)限才可以訪問role:該資源必須得到角色權(quán)限才可以訪問*/Map<String,String>filterMap=newLinkedHashMap<String,String>();謝謝閱讀filterMap.put("/add","authc");感謝閱讀filterMap.put("/update","authc");謝謝閱讀shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);精品文檔放心下載returnshiroFilterFactoryBean;感謝閱讀}/***創(chuàng)建DefaultWebSecurityManager精品文檔放心下載*/@Bean(name="securityManager")感謝閱讀.publicDefaultWebSecurityManager精品文檔放心下載getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealmuserRealm){謝謝閱讀DefaultWebSecurityManagersecurityManager=new感謝閱讀DefaultWebSecurityManager();謝謝閱讀//關(guān)聯(lián)realmsecurityManager.setRealm(userRealm);感謝閱讀returnsecurityManager;}/***創(chuàng)建Realm*/@Bean(name="userRealm")publicUserRealmgetRealm(){精品文檔放心下載returnnewUserRealm();}}.5.5.驗(yàn)證攔截功能,在test頁面點(diǎn)擊超鏈接,如果出現(xiàn)以下情況,說明感謝閱讀攔截成功.5.6.設(shè)置跳轉(zhuǎn)到自定義登錄頁面5.6.1.新建一個(gè)登錄頁面login.html感謝閱讀login.html代碼如下:<!DOCTYPEhtml><html><head><title>登錄頁面</title>.<metaname="keywords"content="keyword1,keyword2,keyword3">精品文檔放心下載<metaname="description"content="thisismypage">謝謝閱讀<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀謝謝閱讀</head><body>登錄頁面<br></body></html>5.6.2.在UserController當(dāng)中添加如下方法:精品文檔放心下載@RequestMapping("/toLogin")謝謝閱讀publicStringtoLogin(){return"/login";}.5.6.3.修改ShiroConfig類packagecom.hellotomcat.shiro;謝謝閱讀importjava.util.LinkedHashMap;謝謝閱讀importjava.util.Map;importorg.apache.shiro.spring.web.ShiroFilterFactoryBean;精品文檔放心下載importorg.apache.shiro.web.mgt.DefaultWebSecurityManager;謝謝閱讀importorg.springframework.beans.factory.annotation.Qualifier;謝謝閱讀importorg.springframework.context.annotation.Bean;謝謝閱讀importorg.springframework.context.annotation.Configuration;謝謝閱讀/***Shiro的配置類@authorLenovo*/@ConfigurationpublicclassShiroConfig{精品文檔放心下載/***.創(chuàng)建ShiroFilterFactoryBean*/@BeanpublicShiroFilterFactoryBean精品文檔放心下載getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManag精品文檔放心下載ersecurityManager){ShiroFilterFactoryBeanshiroFilterFactoryBean=new精品文檔放心下載ShiroFilterFactoryBean();//設(shè)置安全管理器shiroFilterFactoryBean.setSecurityManager(securityManager);精品文檔放心下載//添加Shiro內(nèi)置過濾器/***Shiro內(nèi)置過濾器,可以實(shí)現(xiàn)權(quán)限相關(guān)的攔截常用的過濾器:anon:無需認(rèn)證(登錄)可以訪問authc:必須認(rèn)證才可以訪問user:如果使用rememberMe的功能可以直接訪問謝謝閱讀perms:該資源必須得到資源權(quán)限才可以訪問role:該資源必須得到角色權(quán)限才可以訪問*/Map<String,String>filterMap=newLinkedHashMap<String,String>();謝謝閱讀.filterMap.put("/add","authc");感謝閱讀filterMap.put("/update","authc");感謝閱讀//修改默認(rèn)的登錄頁面shiroFilterFactoryBean.setLoginUrl("/toLogin");謝謝閱讀shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);感謝閱讀returnshiroFilterFactoryBean;精品文檔放心下載}/***創(chuàng)建DefaultWebSecurityManager感謝閱讀*/@Bean(name="securityManager")精品文檔放心下載publicDefaultWebSecurityManager精品文檔放心下載getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealmuserRealm){謝謝閱讀DefaultWebSecurityManagersecurityManager=new謝謝閱讀DefaultWebSecurityManager();謝謝閱讀//關(guān)聯(lián)realmsecurityManager.setRealm(userRealm);精品文檔放心下載.returnsecurityManager;}/***創(chuàng)建Realm*/@Bean(name="userRealm")publicUserRealmgetRealm(){精品文檔放心下載returnnewUserRealm();}}.5.6.4.驗(yàn)證,如果頁面調(diào)整到自定義登錄頁面則成功精品文檔放心下載5.7.使用通配符簡化配置,修改ShiroConfig類精品文檔放心下載將filterMap.put("/add","authc");感謝閱讀filterMap.put("/update","authc");謝謝閱讀修改為:filterMap.put("/testThymeleaf","anon");謝謝閱讀filterMap.put("/*","authc");//此句必須放在最下面,否則將會(huì)對所有的請求進(jìn)行攔截,導(dǎo)致精品文檔放心下載不需登錄也可以訪問的配置均無效.實(shí)現(xiàn)用戶驗(yàn)證（登錄）操作6.1.修改登錄頁面login.html<!DOCTYPEhtml><html><head><title>登錄頁面</title><metaname="keywords"content="keyword1,keyword2,keyword3">謝謝閱讀<metaname="description"content="thisismypage">精品文檔放心下載<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀感謝閱讀</head><body><h3>登錄</h3><h5th:text="${msg}"style="color:red"></h5>精品文檔放心下載<formaction="login"method="post">感謝閱讀用戶名：<inputtype="text"name="name"/><br>感謝閱讀密碼：<inputtype="password"name="password"/><br>感謝閱讀.<inputtype="submit"value="登錄"/>感謝閱讀</form></body></html>6.2.在controller當(dāng)中添加方法/***登錄邏輯處理*/@RequestMapping("/login")publicStringlogin(Stringname,Stringpassword,Modelmodel){謝謝閱讀/***使用Shiro編寫認(rèn)證操作*/1.獲取SubjectSubjectsubject=SecurityUtils.getSubject();感謝閱讀//2.封裝用戶數(shù)據(jù)UsernamePasswordTokentoken=newUsernamePasswordToken(name,感謝閱讀password);.//3.執(zhí)行登錄方法try{subject.login(token);//沒有異常則說明登錄成功感謝閱讀return"redirect:/testThymeleaf";精品文檔放心下載}catch(UnknownAccountExceptione){感謝閱讀//e.printStackTrace();//登錄失敗：用戶名不存在model.addAttribute("msg","用戶名不存在");感謝閱讀return"login";}catch(IncorrectCredentialsExceptione){//e.printStackTrace();精品文檔放心下載//登錄失?。好艽a錯(cuò)誤model.addAttribute("msg","密碼錯(cuò)誤");感謝閱讀return"login";}}6.3.在ShiroConfig當(dāng)中添加如下代碼，放行登錄操作感謝閱讀filterMap.put("/login","anon");//放行登錄操作感謝閱讀.6.4.編寫UserRealm的認(rèn)證（判斷）邏輯感謝閱讀/***執(zhí)行認(rèn)證邏輯*/@OverrideprotectedAuthenticationInfodoGetAuthenticationInfo(AuthenticationToken謝謝閱讀authenticationToken)throwsAuthenticationException{感謝閱讀System.out.println("執(zhí)行認(rèn)證邏輯");精品文檔放心下載//假設(shè)數(shù)據(jù)庫的用戶名和密碼Stringname="admin";Stringpassword="root";//編寫shiro判斷邏輯，判斷用戶名和密碼是否正確謝謝閱讀//1.判斷用戶名UsernamePasswordTokentoken=精品文檔放心下載(UsernamePasswordToken)authenticationToken;感謝閱讀if(!token.getUsername().equals(name)){精品文檔放心下載//用戶名不存在returnnull;//返回null時(shí)，shiro底層會(huì)拋出UnknowAccountException感謝閱讀}.//2.判斷密碼returnnewSimpleAuthenticationInfo("",password,"");精品文檔放心下載}四、整合Mybatis實(shí)現(xiàn)登錄功能1.導(dǎo)入Mybatis相關(guān)依賴，修改pom.xml文件感謝閱讀<dependency><groupId>com.alibaba</groupId>感謝閱讀<artifactId>druid</artifactId>謝謝閱讀<version>1.0.9</version></dependency><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId>精品文檔放心下載</dependency>謝謝閱讀.<dependency><groupId>org.mybatis.spring.boot</groupId>精品文檔放心下載<artifactId>mybatis-spring-boot-starter</artifactId>精品文檔放心下載<version>1.1.1</version></dependency>新建一個(gè)數(shù)據(jù)庫，然后再新建一張數(shù)據(jù)庫表，建表語句如下（數(shù)據(jù)庫需要手動(dòng)創(chuàng)建）：謝謝閱讀CREATETABLE`user`(`id`int(11)NOTNULLAUTO_INCREMENT,精品文檔放心下載`name`varchar(20)DEFAULTNULL,感謝閱讀`password`varchar(50)DEFAULTNULL,精品文檔放心下載PRIMARYKEY(`id`))ENGINE=InnoDBDEFAULTCHARSET=utf8;感謝閱讀在src/main/resources目錄下面新建perties。(位置和文件名固定)感謝閱讀spring.datasource.driverClassName=com.mysql.jdbc.Driver感謝閱讀.spring.datasource.url=jdbc:mysql://localhost:3306/db_springboot感謝閱讀spring.datasource.username=root精品文檔放心下載spring.datasource.password=root精品文檔放心下載spring.datasource.type=com.alibaba.druid.pool.DruidDataSource感謝閱讀mybatis.type-aliases-package=com.hellotomcat.domain感謝閱讀編寫實(shí)體類Userpackagecom.hellotomcat.domain;精品文檔放心下載publicclassUser{privateIntegerid;privateStringname;privateStringpassword;publicIntegergetId(){returnid;}publicvoidsetId(Integerid){精品文檔放心下載this.id=id;.}publicStringgetName(){returnname;}publicvoidsetName(Stringname){謝謝閱讀=name;}publicStringgetPassword(){謝謝閱讀returnpassword;}publicvoidsetPassword(Stringpassword){感謝閱讀this.password=password;}@OverridepublicStringtoString(){精品文檔放心下載return"User[id="+id+",name="+name+",password="+password+謝謝閱讀"]";}}.編寫查詢接口packagecom.hellotomcat.mapper;感謝閱讀importcom.hellotomcat.domain.User;感謝閱讀publicinterfaceUserMapper{精品文檔放心下載publicUserfindByName(Stringname);感謝閱讀}6.編寫UserMapper.xml映射文件<?xmlversion="1.0"encoding="UTF-8"?>謝謝閱讀<!DOCTYPEmapperPUBLIC"-////DTDMapper3.0//EN"謝謝閱讀"/dtd/mybatis-3-mapper.dtd">感謝閱讀<mappernamespace="com.hellotomcat.mapper.UserMapper">感謝閱讀<selectid="findByName"parameterType="string"resultType="user">精品文檔放心下載SELECT.id,NAME,PASSWORDFROM`user`wherename=#{value}精品文檔放心下載</select></mapper>編寫業(yè)務(wù)接口和實(shí)現(xiàn)接口：packagecom.hellotomcat.service;精品文檔放心下載importcom.hellotomcat.domain.User;精品文檔放心下載publicinterfaceUserService{謝謝閱讀publicUserfindByName(Stringname);謝謝閱讀.}實(shí)現(xiàn)：packagecom.hellotomcat.service.impl;謝謝閱讀importorg.springframework.beans.factory.annotation.Autowired;精品文檔放心下載importorg.springframework.stereotype.Service;謝謝閱讀importcom.hellotomcat.domain.User;謝謝閱讀importcom.hellotomcat.mapper.UserMapper;感謝閱讀importcom.hellotomcat.service.UserService;感謝閱讀@ServicepublicclassUserServiceImplimplementsUserService{感謝閱讀//注入mapper接口@AutowiredprivateUserMapperuserMapper;謝謝閱讀@OverridepublicUserfindByName(Stringname){精品文檔放心下載.returnuserMapper.findByName(name);謝謝閱讀}}8.在啟動(dòng)類Application當(dāng)中添加mapper包掃描的注釋謝謝閱讀packagecom.hellotomcat;importorg.springframework.boot.SpringApplication;感謝閱讀importorg.springframework.boot.autoconfigure.SpringBootApplication;謝謝閱讀/***SpringBoot啟動(dòng)類@authorLenovo*/@SpringBootApplication@MapperScan("com.hellotomcat.mapper")感謝閱讀publicclassApplication{感謝閱讀.publicstaticvoidmain(String[]args){感謝閱讀SpringApplication.run(Application.class,args);謝謝閱讀}}9.修改UserRealm的認(rèn)證邏輯//注入用戶操作接口@AutowiredprivateUserServiceuserService;謝謝閱讀/***執(zhí)行認(rèn)證邏輯*/@OverrideprotectedAuthenticationInfodoGetAuthenticationInfo(AuthenticationToken謝謝閱讀authenticationToken)throwsAuthenticationException{感謝閱讀System.out.println("執(zhí)行認(rèn)證邏輯");感謝閱讀//編寫shiro判斷邏輯，判斷用戶名和密碼是否正確精品文檔放心下載//1.判斷用戶名.UsernamePasswordTokentoken=謝謝閱讀(UsernamePasswordToken)authenticationToken;感謝閱讀Useruser=userService.findByName(token.getUsername());謝謝閱讀if(user==null){//用戶名不存在returnnull;//返回null時(shí)，shiro底層會(huì)拋出UnknowAccountException謝謝閱讀}//2.判斷密碼returnnewSimpleAuthenticationInfo("",user.getPassword(),"");精品文檔放心下載}五、SpringBoot與Shiro整合實(shí)現(xiàn)用戶授權(quán)精品文檔放心下載使用shiro內(nèi)置過濾器實(shí)現(xiàn)資源攔截1.1.修改ShiroConfig，在過濾器當(dāng)中添加資源過濾器謝謝閱讀//授權(quán)過濾器perms[user:add]方括號中的可以自定義。注意：當(dāng)前授權(quán)攔截后，shiro會(huì)精品文檔放心下載自動(dòng)跳轉(zhuǎn)到未授權(quán)頁面.filterMap.put("/add","perms[user:add]");謝謝閱讀1.2.在瀏覽器訪問用戶添加功能，如果出現(xiàn)如下頁面，則表示攔截成功（此為shiro自動(dòng)跳轉(zhuǎn)到的頁面，因?yàn)闆]有對應(yīng)的頁面顯示，所以就顯示錯(cuò)誤頁面）精品文檔放心下載1.3.自定義未授權(quán)提示頁面1.3.1.新建未授權(quán)提示noAuth.html頁面謝謝閱讀<!DOCTYPEhtml><html><head><title>未授權(quán)提示頁面</title>.<metaname="keywords"content="keyword1,keyword2,keyword3">感謝閱讀<metaname="description"content="thisismypage">謝謝閱讀<metaname="content-type"content="text/html;charset=UTF-8">感謝閱讀謝謝閱讀</head><body>親，您未經(jīng)授權(quán)訪問該頁面</body></html>1.3.2.修改ShiroConfig類//設(shè)置未授權(quán)提示頁面shiroFilterFactoryBean.setUnauthorizedUrl("/noAuth");感謝閱讀1.3.3.在UserController當(dāng)中添加如下方法：感謝閱讀/***.跳轉(zhuǎn)到未授權(quán)提示頁面*/@RequestMapping("/noAuth")謝謝閱讀publicStringnoAuth(){return"/noAuth";}1.4.如果瀏覽器在未授權(quán)的情況下跳轉(zhuǎn)到自定義頁面說明修改成功謝謝閱讀2.修改UserRealm完成Shiro的資源授權(quán)精品文檔放心下載/***.執(zhí)行授權(quán)邏輯*/@OverrideprotectedAuthorizationInfodoGetAuthorizationInfo(PrincipalCollectionarg0){精品文檔放心下載System.out.println("執(zhí)行授權(quán)邏輯");謝謝閱讀//給資源進(jìn)行授權(quán)SimpleAuthorizationInfoinfo=newSimpleAuthorizationInfo();精品文檔放心下載//添加資源的授權(quán)字符串(必須和下面的資源攔截器當(dāng)中的自定義字符串一致)感謝閱讀info.addStringPermission("user:add");謝謝閱讀returninfo;}連接數(shù)據(jù)庫實(shí)現(xiàn)資源動(dòng)態(tài)授權(quán)3.1.修改數(shù)據(jù)庫表ALTERTABLE`db_springboot`.`user`謝謝閱讀ADDCOLUMN`perms`varchar(50)NULLAFTER`password`;感謝閱讀.3.2.修改實(shí)體類Userpackagecom.hellotomcat.domain;精品文檔放心下載publicclassUser{privateIntegerid;privateStringname;privateStringpassword;privateStringperms;publicStringgetPerms(){感謝閱讀returnperms;}publicvoidsetPerms(Stringperms){精品文檔放心下載this.perms=perms;}publicIntegergetId(){returnid;}publicvoidsetId(Integerid){謝謝閱讀this.id=id;.}publicStringgetName(){returnname;}publicvoidsetName(Stringname){謝謝閱讀=name;}publicStringgetPassword(){謝謝閱讀returnpassword;}publicvoidsetPassword(Stringpassword){感謝閱讀this.password=password;}@OverridepublicStringtoString(){精品文檔放心下載return"User[id="+id+",name="+name+",password="+password+精品文檔放心下載"]";}}.3.3.修改UserMapper接口，添加方法感謝閱讀publicUserfindById(Integerid);感謝閱讀3.4.在業(yè)務(wù)接口和實(shí)現(xiàn)類中添加方法接口：publicUserfindById(Integerid);感謝閱讀實(shí)現(xiàn)類：@OverridepublicUserfindById(Integerid){感謝閱讀returnuserMapper.findById(id);感謝閱讀}3.5.修改UserRealm中的方法packagecom.hellotomcat.shiro;精品文檔放心下載.importorg.apache.shiro.SecurityUtils;精品文檔放心下載importorg.apache.shiro.authc.AuthenticationException;謝謝閱讀importorg.apache.shiro.authc.AuthenticationInfo;精品文檔放心下載importorg.apache.shiro.authc.AuthenticationToken;感謝閱讀importorg.apache.shiro.authc.SimpleAuthenticationInfo;精品文檔放心下載importorg.apache.shiro.authc.UsernamePasswordToken;謝謝閱讀importorg.apache.shiro.authz.AuthorizationInfo;謝謝閱讀importorg.apache.shiro.authz.SimpleAuthorizationInfo;感謝閱讀importorg.apache.shiro.realm.AuthorizingRealm;精品文檔放心下載importorg.apache.shiro.subject.PrincipalCollection;謝謝閱讀importorg.apache.shiro.subject.Subject;感謝閱讀importorg.springframework.beans.factory.annotation.Autowired;謝謝閱讀importcom.hellotomcat.domain.User;謝謝閱讀importcom.hellotomcat.s

人人文庫> 全部分類> 行業(yè)資料 > 信息產(chǎn)業(yè)

溫馨提示

1. 本站所有資源如無特殊說明，都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
2. 本站的文檔不包含任何第三方提供的附件圖紙等，如果需要附件，請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
3. 本站RAR壓縮包中若帶圖紙，網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽，若沒有圖紙預(yù)覽就沒有圖紙。
4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
5. 人人文庫網(wǎng)僅提供信息存儲空間，僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理，對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯，并不能對任何下載內(nèi)容負(fù)責(zé)。
6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容，請與我們聯(lián)系，我們立即糾正。
7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)

文檔簡介

溫馨提示

最新文檔

評論

SpringBoot整合Shiro搭建權(quán)限管理組織系統(tǒng)

文檔簡介

溫馨提示

最新文檔

評論

相關(guān)文檔