导入依赖
<!-- https://mvnrepository.com/artifact/com.alibaba/druid -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.22</version>
</dependency>
<!-- https://mvnrepository.com/artifact/log4j/log4j -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<!--实体类 需要 -->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.16.10</version>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
-
application.properties
//指定实体类路径 mybatis.type-aliases-package=com.xsw.pojo //mapper.xml mybatis.mapper-locations=classpath:mapper/*.xml -
application.yml
spring: datasource: username: root password: 979416 #?serverTimezone=UTC解决时区的报错 url: jdbc:mysql://localhost:3306/onlinedb?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8 driver-class-name: com.mysql.cj.jdbc.Driver type: com.alibaba.druid.pool.DruidDataSource #Spring Boot 默认是不注入这些属性值的,需要自己绑定 #druid 数据源专有配置 initialSize: 5 minIdle: 5 maxActive: 20 maxWait: 60000 timeBetweenEvictionRunsMillis: 60000 minEvictableIdleTimeMillis: 300000 validationQuery: SELECT 1 FROM DUAL testWhileIdle: true testOnBorrow: false testOnReturn: false poolPreparedStatements: true #配置监控统计拦截的filters,stat:监控统计、log4j:日志记录、wall:防御sql注入 #如果允许时报错 java.lang.ClassNotFoundException: org.apache.log4j.Priority #则导入 log4j 依赖即可,Maven 地址:https://mvnrepository.com/artifact/log4j/log4j filters: stat,wall,log4j maxPoolPreparedStatementPerConnectionSize: 20 useGlobalDataSourceStat: true connectionProperties: druid.stat.mergeSql=true;druid.stat.slowSqlMillis=500 -
编写实体类
package com.xsw.pojo; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; @Data @AllArgsConstructor @NoArgsConstructor public class User { String ano; String apwd; String aname; String uninfo; } -
mapper
package com.xsw.mapper; import com.xsw.pojo.User; import org.apache.ibatis.annotations.Mapper; import org.springframework.stereotype.Repository; @Repository @Mapper public interface UserMapper { public User queryUserByName(String name); } -
mapper.xml
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.xsw.mapper.UserMapper"> <select id="queryUserByName" parameterType="String" resultType="user"> select * from admin where aname = #{aname}; </select> </mapper> -
测试数据库是否连接成功
@Autowired UserService userService; @Test void contextLoads() { System.out.println(userService.queryUserByName("小辛")); } -
连接真实数据库 UserRealm
UsernamePasswordToken usertoken =(UsernamePasswordToken) token; //连接真实数据库 User user = userService.queryUserByName(usertoken.getUsername()); if (user==null) { return null; }
10.2.5 请求授权实现
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-YwqkgZpj-1619076376571)(C:\Users\41303\AppData\Roaming\Typora\typora-user-images\image-20200609012536487.png)]](https://i-blog.csdnimg.cn/blog_migrate/0642af7010c8fd4e6cc60f303e146ad3.png)
-
shiroConfig
//必须带有 user:add 才能访问 filterChainDefinitionMap.put("/user/add","perms[user:add]"); //必须带有 user:update 才能访问 filterChainDefinitionMap.put("/user/update","perms[user:update]"); //登陆验证 filterChainDefinitionMap.put("/user/*","authc"); bean.setFilterChainDefinitionMap(filterChainDefinitionMap); //设置登录的请求 bean.setLoginUrl("/toLogin"); //设置未授权的请求 bean.setUnauthorizedUrl("/uninfo"); return bean; -
controller
@RequestMapping("/uninfo") @ResponseBody public String uninfo(){ return "未经授权不能访问"; } -
UserRealm
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); //info.addStringPermission("user:add"); //拿到当前的对象 Subject subject = SecurityUtils.getSubject(); User principal = (User) subject.getPrincipal(); info.addStringPermission(principal.getUninfo()); return info; //密码认证 shiro 做~ user return new SimpleAuthenticationInfo(user,user.getApwd(),"");
116
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
