ER图
MySQL数据库脚本
-- --------------------------------------------------------
-- 主机: 127.0.0.1
-- 服务器版本: 8.0.22 - MySQL Community Server - GPL
-- 服务器操作系统: Win64
-- HeidiSQL 版本: 11.3.0.6295
-- --------------------------------------------------------
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET NAMES utf8 */;
/*!50503 SET NAMES utf8mb4 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-- 导出 shiro4 的数据库结构
CREATE DATABASE IF NOT EXISTS `shiro4` /*!40100 DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci */ /*!80016 DEFAULT ENCRYPTION='N' */;
USE `shiro4`;
-- 导出 表 shiro4.permissions 结构
CREATE TABLE IF NOT EXISTS `permissions` (
`name` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`description` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT NULL,
PRIMARY KEY (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 正在导出表 shiro4.permissions 的数据:~3 rows (大约)
/*!40000 ALTER TABLE `permissions` DISABLE KEYS */;
INSERT IGNORE INTO `permissions` (`name`, `description`) VALUES
('DELETE', 'delete'),
('READ', 'read'),
('WRITE', 'write');
/*!40000 ALTER TABLE `permissions` ENABLE KEYS */;
-- 导出 表 shiro4.roles 结构
CREATE TABLE IF NOT EXISTS `roles` (
`name` varchar(20) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`description` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT NULL,
PRIMARY KEY (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 正在导出表 shiro4.roles 的数据:~3 rows (大约)
/*!40000 ALTER TABLE `roles` DISABLE KEYS */;
INSERT IGNORE INTO `roles` (`name`, `description`) VALUES
('ADMIN', 'Administrator role'),
('USER_P1', 'Perfil 1'),
('USER_P2', 'Perfil 2');
/*!40000 ALTER TABLE `roles` ENABLE KEYS */;
-- 导出 表 shiro4.roles_permissions 结构
CREATE TABLE IF NOT EXISTS `roles_permissions` (
`role_name` varchar(20) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`permission` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`role_name`,`permission`),
KEY `RP_1` (`role_name`),
KEY `RP_2` (`permission`),
CONSTRAINT `RP_1` FOREIGN KEY (`role_name`) REFERENCES `roles` (`name`),
CONSTRAINT `RP_2` FOREIGN KEY (`permission`) REFERENCES `permissions` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 正在导出表 shiro4.roles_permissions 的数据:~3 rows (大约)
/*!40000 ALTER TABLE `roles_permissions` DISABLE KEYS */;
INSERT IGNORE INTO `roles_permissions` (`role_name`, `permission`) VALUES
('ADMIN', 'DELETE'),
('ADMIN', 'READ'),
('ADMIN', 'WRITE'),
('USER_P1', 'READ'),
('USER_P2', 'DELETE'),
('USER_P2', 'WRITE');
/*!40000 ALTER TABLE `roles_permissions` ENABLE KEYS */;
-- 导出 表 shiro4.users 结构
CREATE TABLE IF NOT EXISTS `users` (
`username` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`email` varchar(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT NULL,
`name` varchar(65) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT NULL,
`password` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 正在导出表 shiro4.users 的数据:~3 rows (大约)
/*!40000 ALTER TABLE `users` DISABLE KEYS */;
INSERT IGNORE INTO `users` (`username`, `email`, `name`, `password`) VALUES
('admin', 'admin@example.com', 'Administrator', '$shiro1$SHA-256$500000$QmLtx8PaCMe72i+yVuqH+A==$P5ohK5uWi30u38ujuTnmmeUK2gPwqhxTnke2wd9fZXw='),
('u1', 'u1@example.com', 'User P1', '$shiro1$SHA-256$500000$QmLtx8PaCMe72i+yVuqH+A==$P5ohK5uWi30u38ujuTnmmeUK2gPwqhxTnke2wd9fZXw='),
('u2', 'u2@example.com', 'User P2', '$shiro1$SHA-256$500000$QmLtx8PaCMe72i+yVuqH+A==$P5ohK5uWi30u38ujuTnmmeUK2gPwqhxTnke2wd9fZXw=');
/*!40000 ALTER TABLE `users` ENABLE KEYS */;
-- 导出 表 shiro4.users_roles 结构
CREATE TABLE IF NOT EXISTS `users_roles` (
`username` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`role_name` varchar(20) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`username`,`role_name`),
KEY `UR_1` (`username`),
KEY `UR_2` (`role_name`),
CONSTRAINT `UR_1` FOREIGN KEY (`username`) REFERENCES `users` (`username`),
CONSTRAINT `UR_2` FOREIGN KEY (`role_name`) REFERENCES `roles` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 正在导出表 shiro4.users_roles 的数据:~0 rows (大约)
/*!40000 ALTER TABLE `users_roles` DISABLE KEYS */;
INSERT IGNORE INTO `users_roles` (`username`, `role_name`) VALUES
('admin', 'ADMIN'),
('u1', 'USER_P1'),
('u2', 'ADMIN'),
('u2', 'USER_P2');
/*!40000 ALTER TABLE `users_roles` ENABLE KEYS */;
/*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, '') */;
/*!40014 SET FOREIGN_KEY_CHECKS=IFNULL(@OLD_FOREIGN_KEY_CHECKS, 1) */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40111 SET SQL_NOTES=IFNULL(@OLD_SQL_NOTES, 1) */;
shiro.ini
[main]
authc.loginUrl = /login.jsp
authc.successUrl = /home.jsp
# password matcher
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordMatcher.passwordService = $passwordService
ds = com.mysql.cj.jdbc.MysqlDataSource
ds.url=jdbc:mysql://localhost:3306/shiro?autoReconnect=true&useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
ds.user = root
ds.password = root
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
# If not filled, subclasses of JdbcRealm assume "select password from users where username = ?"
# first result column is password, second result column is salt
jdbcRealm.authenticationQuery = select password from users where username = ?
# If not filled, subclasses of JdbcRealm assume "select role_name from users_roles where username = ?"
jdbcRealm.userRolesQuery = select role_name from users_roles where username = ?
# If not filled, subclasses of JdbcRealm assume "select permission from roles_permissions where role_name = ?"
jdbcRealm.permissionsQuery = select permission from roles_permissions where role_name = ?
jdbcRealm.credentialsMatcher = $passwordMatcher
jdbcRealm.dataSource=$ds
securityManager.realms = $jdbcRealm
#cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
#securityManager.cacheManager = $cacheManager
#jdbcRealm.authenticationCachingEnabled = true
[urls]
# The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
# the 'authc' filter must still be specified for it so it can process that url's
# login submissions. It is 'smart' enough to allow those requests through as specified by the
# shiro.loginUrl above.
/login.jsp = authc
/home.jsp = anon, authc
/logout = logout
/account/** = authc
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
</web-app>
home.jsp
<%@ include file="include.jsp"%>
<html>
<head>
<link type="text/css" rel="stylesheet"
href="<c:url value="/style.css"/>" />
<title>Auth</title>
</head>
<body>
<h1>Simple Shiro Web App</h1>
<p>
Hi
<shiro:guest>Guest</shiro:guest>
<shiro:user>
<shiro:principal />
</shiro:user>
! (
<shiro:user>
<a href="<c:url value="/logout"/>">Log out</a>
</shiro:user>
<shiro:guest>
<a href="<c:url value="/login.jsp"/>">Log in</a></shiro:guest>
)
</p>
<shiro:user>
<p>
Visit your <a href="<c:url value="/account"/>">account page</a>.
</p>
</shiro:user>
<shiro:guest>
<p>
If you want to access the user-only <a
href="<c:url value="/account"/>">account page</a>, you will need to
log-in first.
</p>
</shiro:guest>
<h2>Roles</h2>
<p>To show some taglibs, here are the roles you have and don't
have. Log out and log back in under different user accounts to see
different roles.</p>
<h3>Roles you have</h3>
<p>
<shiro:hasRole name="ADMIN">Administrator<br />
</shiro:hasRole>
<shiro:hasRole name="USER_P1">Perfil 1<br />
</shiro:hasRole>
<shiro:hasRole name="USER_P2">Perfil 2<br />
</shiro:hasRole>
</p>
<h3>Roles you DON'T have</h3>
<p>
<shiro:lacksRole name="ADMIN">Administrator<br />
</shiro:lacksRole>
<shiro:lacksRole name="USER_P1">Perfil 1<br />
</shiro:lacksRole>
<shiro:lacksRole name="USER_P2">Perfil 2<br />
</shiro:lacksRole>
</p>
<h3>Permissions you have</h3>
<p>
<shiro:hasPermission name="READ">read<br />
</shiro:hasPermission >
<shiro:hasPermission name="WRITE">write<br />
</shiro:hasPermission >
<shiro:hasPermission name="DELETE">delete<br />
</shiro:hasPermission >
</p>
</body>
</html>
login.jsp
<%@ include file="include.jsp"%>
<html>
<head>
<link type="text/css" rel="stylesheet"
href="<c:url value="/style.css"/>" />
</head>
<body>
<h2>Please Log in</h2>
<shiro:guest>
<p>Here are a few sample accounts to play with in the default
text-based Realm (used for this demo and test installs only). Do you
remember the movie these names came from? ;)</p>
<style type="text/css">
table.sample {
border-width: 1px;
border-style: outset;
border-color: blue;
border-collapse: separate;
background-color: rgb(255, 255, 240);
}
table.sample th {
border-width: 1px;
padding: 1px;
border-style: none;
border-color: blue;
background-color: rgb(255, 255, 240);
}
table.sample td {
border-width: 1px;
padding: 1px;
border-style: none;
border-color: blue;
background-color: rgb(255, 255, 240);
}
</style>
<table class="sample">
<thead>
<tr>
<th>Username</th>
<th>Password</th>
</tr>
</thead>
<tbody>
<tr>
<td>admin</td>
<td>123qwe</td>
</tr>
<tr>
<td>u1</td>
<td>123qwe</td>
</tr>
<tr>
<td>u2</td>
<td>123qwe</td>
</tr>
</tbody>
</table>
<br />
<br />
</shiro:guest>
<form name="loginform" action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr>
<td>Username:</td>
<td><input type="text" name="username" maxlength="30"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" maxlength="30"></td>
</tr>
<tr>
<td colspan="2" align="left"><input type="checkbox"
name="rememberMe"><font size="2">Remember Me</font></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit"
name="submit" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>
include.jsp
<%--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
--%>
<%@ page import="org.apache.shiro.SecurityUtils" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
完整源码:https://github.com/allwaysoft/Apache-shiro-rbac-JdbcRealm-MySQL