引入依赖:
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<!--thymeleaf扩展包shiro-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<!--thymeleaf-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
配置properties文件:
spring:
datasource:
url: jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
username: root
password: ldhlyf
driver-class-name: com.mysql.jdbc.Driver
type: com.alibaba.druid.pool.DruidDataSource
thymeleaf:
prefix: classpath:/templates/
suffix: .html
encoding: UTF-8
content-type: text/html
cache: false
mode: HTML
mybatis:
type-aliases-package: com.lyf.shiro.entity
mapper-locations: classpath:mapper/*.xml
编写realm类:
public class PersonRealm extends AuthorizingRealm {
@Autowired
private PersonService personServiceImpl;
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执行授权");
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Subject subject = SecurityUtils.getSubject();
Person person = (Person)subject.getPrincipal();
person = personServiceImpl.getPerson(person.getName());
//添加授权字符串
info.addStringPermission(person.getPerms());
return info;
}
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
System.out.println("执行认证");
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String username = token.getUsername();
Person person = personServiceImpl.getPerson(username);
if(null==person){
return null;
}
//principle,密码,realm名称
return new SimpleAuthenticationInfo(person,person.getPassword(),"");
}
}
编码shiroconfiger:
@Configuration
public class ShiroConfiguration {
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultSecurityManager securityManager ){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//设置安全管理器
shiroFilterFactoryBean.setSecurityManager(securityManager);
//shiro内置过滤器
/**
* anon 无需认证
* authc 必须认证
* user 如果使用remerberme可以直接访问
* perms必须得到该资源的权限
* role必须得到角色的权限
*/
Map<String,String> filterChain = new LinkedHashMap<>();
filterChain.put("/shiro/thymeleaf","anon");
filterChain.put("/shiro/login","anon");
//授权拦截
filterChain.put("/shiro/add","perms[user:add]");
filterChain.put("/shiro/update","authc");
// filterChain.put("/**","authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChain);
//登录页面
shiroFilterFactoryBean.setLoginUrl("/shiro/tologin");
//未授权提示
shiroFilterFactoryBean.setUnauthorizedUrl("/shiro/unrole");
return shiroFilterFactoryBean;
}
//安全管理器
@Bean("securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("personRealm") PersonRealm realm){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(realm);
return securityManager;
}
//realm类
@Bean("personRealm")
public PersonRealm getRealm(){
return new PersonRealm();
}
//配置shirodialect 用于thymeleaf和shiro配合使用
@Bean("shiroDialect")
public ShiroDialect getShiroDialect(){
return new ShiroDialect();
}
}
controller控制层:
RequestMapping("/shiro")
@Controller
public class PersonController {
@Autowired
private PersonService personServiceImpl;
@RequestMapping("thymeleaf")
public String thymeleaf(Model model){
model.addAttribute("title","test");
model.addAttribute("body","hello world");
return "index";
}
@RequestMapping("/update")
public String update(Model model){
return "person/update";
}
@RequestMapping("/add")
public String add(Model model){
return "person/add";
}
@RequestMapping("/tologin")
public String tologin(Model model){
return "login";
}
@RequestMapping("/login")
public String login(String name,String password,Model model){
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken();
token.setUsername(name);
token.setPassword(password.toCharArray());
try {
subject.login(token);
return "test";
}catch (UnknownAccountException e){
e.printStackTrace();
model.addAttribute("msg","用户不存在");
}catch (IncorrectCredentialsException e){
e.printStackTrace();
model.addAttribute("msg","密码错误");
}
System.out.println(name);
return "login";
}
@RequestMapping("/unrole")
public String unrole(Model model){
model.addAttribute("msg","没有权限");
return "unrole";
}
}
登录页面:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>
<h3 style="color: red" th:text="${msg}"></h3>
<form action="/shiro/login" method="post">
<input type="text" name="name" value=""><br/>
<input type="password" name="password" value=""><br/>
<input type="submit" name="登录">
</form>
</body>
</html>
shiro和thymeleaf页面权限控制:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title ></title>
</head>
<body>
<h3 th:text="${body}"></h3>
<div shiro:hasPermission="user:add">
添加: <a href="/shiro/add">添加</a><br>
</div>
<div shiro:hasPermission="user:update">
修改: <a href="/shiro/update">修改</a><br>
</div>
</body>
</html>