12.9、Shiro整合MyBatis
-
导入mybatis依赖
<dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <!-- mybatis--> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.2.0</version> </dependency>
-
配置application.yaml文件
spring: datasource: username: root password: 123456 url: jdbc:mysql://localhost:3306/mybatis?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai driver-class-name: com.mysql.cj.jdbc.Driver thymeleaf: cache: false mybatis: type-aliases-package: com.gjy.pojo mapper-locations: classpath:com/gjy/mapper/*.xml configuration: map-underscore-to-camel-case: true
-
新建一个实体类
package com.gjy.pojo; public class User { private int id; private String name; private String pwd; public User(int id, String name, String pwd) { this.id = id; this.name = name; this.pwd = pwd; } public int getId() { return id; } public void setId(int id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getPwd() { return pwd; } public void setPwd(String pwd) { this.pwd = pwd; } }
-
新建一个mapper.xml文件
<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.gjy.mapper.UserMapper"> <select id="queryUserByName" parameterType="String" resultType="User"> select * from mybatis.user where name=#{name}; </select> </mapper>
-
新建一个mapper接口
package com.gjy.mapper; import com.gjy.pojo.User; import org.apache.ibatis.annotations.Mapper; import org.springframework.stereotype.Repository; @Repository @Mapper public interface UserMapper { public User queryUserByName(String name); }
-
新建一个service接口
package com.gjy.service; import com.gjy.pojo.User; public interface UserService { public User queryUserByName(String name); }
-
新建一个实现类
package com.gjy.service.impl; import com.gjy.mapper.UserMapper; import com.gjy.pojo.User; import com.gjy.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @Service public class UserServiceImpl implements UserService { @Autowired UserMapper userMapper; @Override public User queryUserByName(String name) { return userMapper.queryUserByName(name); } }
-
编写controller接口
@RequestMapping("/login") public String login(String username,String password,Model model){ //获取当前用户 Subject subject = SecurityUtils.getSubject(); //封装用户的登录数据 UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { subject.login(token);//执行登录 如果没有异常就好了 return "index"; } catch (UnknownAccountException e) { model.addAttribute("msg","用户名错误"); return "login"; }catch (IncorrectCredentialsException e){ model.addAttribute("msg","密码错误"); return "login"; }catch (LockedAccountException e){ model.addAttribute("msg","账户已锁定,请联系管理员"); return "login"; } }
-
编写Realm类
package com.gjy.config; import com.gjy.pojo.User; import com.gjy.service.UserService; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.springframework.beans.factory.annotation.Autowired; //自定义的realm extends AuthorizingRealm public class UserRealm extends AuthorizingRealm { @Autowired UserService userService; //授权 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println("执行了=》授权doGetAuthorizationInfo"); return null; } //认证 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { System.out.println("执行了=》认证doGetAuthorizationInfo"); UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; //连接真实的数据库 User user = userService.queryUserByName(usernamePasswordToken.getUsername()); if(user==null){ return null;//UnknownAccountException } //密码认证,shiro来做 return new SimpleAuthenticationInfo("",user.getPwd(), ""); } }
-
编写shiro配置类(同上)
package com.gjy.config; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.LinkedHashMap; import java.util.Map; @Configuration public class ShiroConfig { //ShiroFilterFactoryBean 3 @Bean public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean(); //设置安全管理器 bean.setSecurityManager(securityManager); //添加shiro的内置过滤器 /* anon:无需认证就可以访问 authc:必须认证才能访问 user:必须拥有记住我功能才能用 perms:拥有对某个资源的权限才能访问 role:拥有对某个角色的权限才能访问 */ Map<String, String> filterMap = new LinkedHashMap<>(); filterMap.put("/user/add", "authc"); filterMap.put("/user/update", "authc"); bean.setFilterChainDefinitionMap(filterMap); bean.setLoginUrl("/toLogin");//设置登录请求 return bean; } //DefaultWebSecurityManager 2 @Bean(name = "securityManager") public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //关联userRealm securityManager.setRealm(userRealm); return securityManager; } //创建realm对象 1 @Bean(name = "userRealm") public UserRealm userRealm() { return new UserRealm(); } }
-
测试结果:登录时从数据库中进行用户和密码的验证,若用户名和密码正确则登录成功