emmm,权限控制中不仅需要不同对管理员身份的控制,还需要使用一套后台代码实现对不同身份(用户/管理员)的分流
部分代码如下:
package com.swf.attence.controller;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import java.util.Set;
/**
* @author : white.hou 18758861624@163.com
* @description : 登录的controller
* @date: 2018/12/30_20:32
*/
@Controller
public class LoginController {
private static final Logger logger = LoggerFactory.getLogger(LoginController.class);
@PostMapping("/login")
public String login(@RequestParam("adminid") String adminid, @RequestParam("password") String password, Model model){
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(adminid, password);
try {
subject.login(usernamePasswordToken);
Session session = subject.getSession();
session.setAttribute("adminIdSession",adminid);
logger.info("用户"+adminid+"登录");
Set<String> realmNames = subject.getPrincipals().getRealmNames();
if (realmNames.contains("com.swf.attence.shiro.AdminRealm_0")){
return "index/index_admin";
}else {
return "index/index_user";
}
}catch (UnknownAccountException e) {
/**
* 登录失败:用户名不存在
*/
model.addAttribute("msg", "用户名不存在,请校验后登录");
return "login";
} catch (IncorrectCredentialsException e) {
/**
* 登录失败:密码错误
*/
model.addAttribute("msg", "密码错误,请重新输入");
return "login";
}
}
}
package com.swf.attence.shiro;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.Map;
/**
* @author : white.hou
* @description : shiro配置类
* @date: 2018/12/30_20:25
*/
@Configuration
public class ShiroConfig {
/**
* 创建ShiroFilterFactoryBean
*/
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
/**
* 关联securityManager
*/
shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
/**
* 添加Shiro内置过滤器
* 常用:
* anon:无需认证(登录)就能访问
* authc:必须认证才能访问
* user:使用rememberMe功能可以直接访问
* perms:该资源必须得到资源权限才能访问
* role:该资源必须得到角色权限才能访问
*/
Map<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/","authc");
filterMap.put("/login","anon");
filterMap.put("/camera/*","perms[super_admin]");
filterMap.put("/stateControl/*","perms[super_admin]");
filterMap.put("/timeControl/*","perms[super_admin]");
filterMap.put("/userMsgControl/*","perms[super_admin]");
shiroFilterFactoryBean.setLoginUrl("/tologin");
shiroFilterFactoryBean.setUnauthorizedUrl("/noAuth");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactoryBean;
}
/**
* 创建DefaultWebSecurityManager
* @return
*/
@Bean(name = "securityManager")
public DefaultWebSecurityManager securityManager(){
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator());
ArrayList<Realm> realms = new ArrayList<>();
realms.add(getAdminRealm());
realms.add(getUserRealm());
defaultWebSecurityManager.setRealms(realms);
return defaultWebSecurityManager;
}
@Bean(name = "modularRealmAuthenticator")
public ModularRealmAuthenticator modularRealmAuthenticator(){
ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
modularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());
return modularRealmAuthenticator;
}
/**
* 装在AdminRealm
* @return
*/
@Bean(name = "adminRealm")
public AdminRealm getAdminRealm(){
AdminRealm adminRealm = new AdminRealm();
adminRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return adminRealm;
}
/**
* 创建RootRealm
* @return
*/
@Bean(name = "userRealm")
public UserRealm getUserRealm() {
UserRealm userRealm = new UserRealm();
userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return userRealm;
}
/**
* 密码加密
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");
hashedCredentialsMatcher.setHashIterations(1024);
return hashedCredentialsMatcher;
}
public static void main(String[] args) {
String an="md5";
Object aa="123456";
SimpleHash simpleHash = new SimpleHash(an, aa,null, 1024);
System.out.println(simpleHash);
}
}
如有需要,请联系18758861624@163.com
Over