整合springboot+shiro
1,配置文件
1.1 pom.xml配置
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.4.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.lc</groupId>
<artifactId>demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>demo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-java8time</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.6.0</version>
</dependency>
<!--shiro整合thymeleaf-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
1.2 配置properties文件
#用来映射数据库,当数据库命名和实体类不一样的时候
mybatis.configuration.mapUnderscoreToCamelCase=true
# mysql
spring.datasource.driverClassName = com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/shiro?useUnicode=true&characterEncoding=utf-8&serverTimezone=GMT%2B8
spring.datasource.username = root
spring.datasource.password =123456
# thymeleaf
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.check-template-location=true
spring.thymeleaf.suffix=.html
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.content-type=text/html
spring.thymeleaf.mode=HTML5
spring.thymeleaf.cache=false
server.port=8088
#热部署生效
spring.devtools.restart.enabled: true
#设置重启的目录
spring.devtools.restart.additional-paths: src/main/java
#classpath目录下的WEB-INF文件夹内容修改不重启
spring.devtools.restart.exclude: WEB-INF/**
2, 结构目录
pojo包下的User.class
@Data
public class User implements Serializable {
//private static final long serialVersionUID=
private String username;
private String password;
private String remark;
private String perms;
public String getPerms() {
return perms;
}
public void setPerms(String perms) {
this.perms = perms;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
", remark='" + remark + '\'' +
",perms='"+perms+'\''+
'}';
}
}
UserDao
@Mapper
@Repository
public interface UserDao {
@Select("select username,password,remark,perms from shirotest where username=#{name}")
User queryByName(String name);
@Select("select username,password,remark,perms from shirotest where password=#{password}")
User queryByPassword(String password);
}
UserService
public interface UserService {
User queryByName(String name);
User queryByPassword(String password);
}
UserServiceImpl
@Service
public class UserServiceImpl implements UserService {
@Autowired(required = true)
private UserDao userDao;
@Override
public User queryByName(String name) {
return userDao.queryByName(name);
}
@Override
public User queryByPassword(String password) {
return userDao.queryByPassword(password);
}
}
myController
@Controller
public class myController {
@Autowired
UserService userService;
@RequestMapping("/log")
public String loginIn(){
return "login";
}
@RequestMapping("/query")
@ResponseBody
public void query(){
User jack = userService.queryByName("jack");
System.out.println(jack);
}
@RequestMapping("/pwd")
@ResponseBody
public void queryPwd(){
User user= userService.queryByPassword("12");
System.out.println(user);
}
@RequestMapping("/login")
public String login(String username,String password){
try{
Subject subject= SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(username,password);
subject.login(token);
return "index";
}catch (UnknownAccountException e){
e.printStackTrace();
System.out.println("用户不存在!");
}catch (IncorrectCredentialsException e){
e.printStackTrace();
System.out.println("密码错误");
}
return "login";
}
@RequestMapping("/add")
public String adduser(){
return "add";
}
@RequestMapping("/delete")
public String deleteuser(){
return "delete";
}
}
配置shiroConfig
@Configuration
public class shiroConfig {
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("getDefaultWebSecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);//设置安全管理器
shiroFilterFactoryBean.setLoginUrl("/log");没有认证后跳到的页面
/**
* shiro的内置过滤器
* anon:无需认证就可以访问 默认
* authc:必须认证了才能访问
* user:必须拥有记住我功能才能访问
* perms:必须拥有对某个的权限才能访问
* role:拥有某个角色权限才能访问
*/
//添加内置过滤器
Map<String,String> filterChinaDefinitionMap=new LinkedHashMap<>();//拦截
filterChinaDefinitionMap.put("/add","authc");//add请求必须认证才能访问
filterChinaDefinitionMap.put("/del","authc");
filterChinaDefinitionMap.put("/add","perms[user:id]");//授权,没有授权会被拦截
filterChinaDefinitionMap.put("/del","perms[user:delete]");
//未授权的跳转url
shiroFilterFactoryBean.setUnauthorizedUrl("/Unauthorized");
//把设置好的过滤设置到ShiroFilterFactoryBean
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChinaDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealm userRealm){
DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
securityManager.setRealm((Realm) userRealm);
return securityManager;
}
//创建realm对象
@Bean
public UserRealm userRealm(){
return new UserRealm();
}
//整合shiroDialect:用来整合thymeleaf
@Bean
public ShiroDialect getShiroDialect(){
return new ShiroDialect();
}
}
Userrealm 授权+认证
public class UserRealm extends AuthorizingRealm {
@Autowired
UserService userService;
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("执行了授权 doGetAuthorizationInfo");
SimpleAuthorizationInfo simpleInfo=new SimpleAuthorizationInfo();
Subject subject= SecurityUtils.getSubject(); //获取当前用户的对象
User user= (User) subject.getPrincipal();//获取用户先息
simpleInfo.addStringPermission(user.getPerms());//获取权限
return simpleInfo;
}
//认证
@Override
protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("执行了认证 doGetAuthorizationInfo");
Subject subject= SecurityUtils.getSubject();
UsernamePasswordToken userToken= (UsernamePasswordToken) token;//获取登录信息
System.out.println(userToken.getUsername());
User query= userService.queryByName(userToken.getUsername());//获取用户姓名,密码,权限
System.out.println(query);
if (query==null){
return null;//没有这个用户
}
Session session= subject.getSession();
session.setAttribute("/userlogin ",query);
if (!userToken.getUsername().equals(query.getUsername())){//判断登录的用户名密码 匹配数据库是否正确
return null;//抛出异常
}
//密码认证
return new SimpleAuthenticationInfo(query,query.getPassword(),"");
}
}
sql需要自己在Navicat上创建 看着User文件创建即可
浏览器输入http://localhost:8088/login
也可直接去github获取https://github.com/wen521/springboot-shiro-lc