pom引入jar包
<properties>
<shiro.version>1.2.2</shiro.version>
</properties>
<!-- shiro核心 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
web.xml
<context-param>
<description></description>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:config/applicationContext.xml,
classpath:config/spring-shiro.xml,
</param-value>
</context-param>
<!-- shiro过滤器, DelegatingFilterProxy代理会自动的到IOC容器找名字为shiroFilter的bean; 如果要修改bean的名字,可以设置targetBeanName的值,要注意的是必须与ShiroFilterFactoryBean的id值保持一致 -->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
spring-shiro.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd"
default-lazy-init="true">
<!-- 配置安全管理器securityManager, 缓存技术: 缓存管理 realm:负责获取处理数据 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="myShiroRealm" />
</bean>
<!-- 項目自定义的Realm,从数据库中获取用户的安全数据 -->
<bean id="myShiroRealm" class="testSSM.platform.shiro.config.UserRealm">
</bean>
<!-- 必须配置lifecycleBeanPostProcessor:管理shiro中常见的对象 -->
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
<!-- <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> -->
<!-- shiro的核心配置: 配置shiroFileter id名必须与web.xml中的filtername保持一致 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<!-- 没有登录的话,默认调转这个页面 -->
<property name="loginUrl" value="/login.jsp" />
<!-- shiro过滤器的具体配置 -->
<!-- anon-匿名访问,authc-需要认证 -->
<property name="filterChainDefinitions">
<value>
/login.html = anon <!-- 登录请求地址 -->
/logout=logout <!-- 注销地址 -->
/** = authc
</value>
</property>
</bean>
</beans>
新建页面
login.jsp
<html>
<head>
<%@ page contentType="text/html; charset=utf-8"%>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>login</title>
</head>
<body>
<form action="login.html" method="post">
用户名:<input type="text" name="username" /> <br />
密码:<input type="password"
name="password" /><br />
<button type="submit">登录</button>
</form>
</body>
</html>
创建数据库
SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for sys_user
-- ----------------------------
CREATE TABLE sys_user (
username varchar(255) NOT NULL,
password varchar(255) DEFAULT NULL,
PRIMARY KEY (username)
);
-- ----------------------------
-- Records of sys_user
-- ----------------------------
INSERT INTO sys_user VALUES ('zhangsan', '123');
mybatis逆向生成bean和dao。generatorConfig.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE generatorConfiguration PUBLIC "-//mybatis.org//DTD MyBatis Generator Configuration 1.0//EN" "http://mybatis.org/dtd/mybatis-generator-config_1_0.dtd" >
<generatorConfiguration>
<!-- 数据库驱动包位置 -->
<classPathEntry location="D:\maven_repository\mysql\mysql-connector-java\5.1.6\mysql-connector-java-5.1.6.jar" />
<context id="DB2Tables" targetRuntime="MyBatis3">
<property name="javaFileEncoding" value="UTF-8"/>
<commentGenerator>
<property name="suppressAllComments" value="true" />
</commentGenerator>
<!-- 数据库链接URL、用户名、密码 -->
<jdbcConnection driverClass="com.mysql.jdbc.Driver" connectionURL="jdbc:mysql://localhost:3306/test" userId="root" password="root">
</jdbcConnection>
<javaTypeResolver>
<property name="forceBigDecimals" value="false" />
</javaTypeResolver>
<!-- 生成模型的包名和位置 -->
<javaModelGenerator targetPackage="testSSM.project.login.beans" targetProject="SSM01">
<property name="enableSubPackages" value="true" />
<property name="trimStrings" value="true" />
</javaModelGenerator>
<!-- 生成的映射文件包名和位置 -->
<sqlMapGenerator targetPackage="testSSM.project.login.dao" targetProject="SSM01">
<property name="enableSubPackages" value="true" />
</sqlMapGenerator>
<!-- 生成DAO的包名和位置 -->
<javaClientGenerator type="XMLMAPPER" targetPackage="testSSM.project.login.dao" targetProject="SSM01">
<property name="enableSubPackages" value="true" />
</javaClientGenerator>
<!-- 要生成那些表(更改tableName和domainObjectName就可以) -->
<table tableName="sys_user" domainObjectName="SysUser" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="false" selectByExampleQueryId="false" />
</context>
</generatorConfiguration>
SysUser.java
package testSSM.project.login.beans;
public class SysUser {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username == null ? null : username.trim();
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password == null ? null : password.trim();
}
}
SysUserMapper.java
package testSSM.project.login.dao;
import testSSM.project.login.beans.SysUser;
public interface SysUserMapper {
int deleteByPrimaryKey(String username);
int insert(SysUser record);
int insertSelective(SysUser record);
SysUser selectByPrimaryKey(String username);
int updateByPrimaryKeySelective(SysUser record);
int updateByPrimaryKey(SysUser record);
}
SysUerMapper.dao
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="testSSM.project.login.dao.SysUserMapper" >
<resultMap id="BaseResultMap" type="testSSM.project.login.beans.SysUser" >
<id column="username" property="username" jdbcType="VARCHAR" />
<result column="password" property="password" jdbcType="VARCHAR" />
</resultMap>
<sql id="Base_Column_List" >
username, password
</sql>
<select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.String" >
select
<include refid="Base_Column_List" />
from sys_user
where username = #{username,jdbcType=VARCHAR}
</select>
<delete id="deleteByPrimaryKey" parameterType="java.lang.String" >
delete from sys_user
where username = #{username,jdbcType=VARCHAR}
</delete>
<insert id="insert" parameterType="testSSM.project.login.beans.SysUser" >
insert into sys_user (username, password)
values (#{username,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR})
</insert>
<insert id="insertSelective" parameterType="testSSM.project.login.beans.SysUser" >
insert into sys_user
<trim prefix="(" suffix=")" suffixOverrides="," >
<if test="username != null" >
username,
</if>
<if test="password != null" >
password,
</if>
</trim>
<trim prefix="values (" suffix=")" suffixOverrides="," >
<if test="username != null" >
#{username,jdbcType=VARCHAR},
</if>
<if test="password != null" >
#{password,jdbcType=VARCHAR},
</if>
</trim>
</insert>
<update id="updateByPrimaryKeySelective" parameterType="testSSM.project.login.beans.SysUser" >
update sys_user
<set >
<if test="password != null" >
password = #{password,jdbcType=VARCHAR},
</if>
</set>
where username = #{username,jdbcType=VARCHAR}
</update>
<update id="updateByPrimaryKey" parameterType="testSSM.project.login.beans.SysUser" >
update sys_user
set password = #{password,jdbcType=VARCHAR}
where username = #{username,jdbcType=VARCHAR}
</update>
</mapper>
UserRealm.java
package testSSM.platform.shiro.config;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.springframework.beans.factory.annotation.Autowired;
import testSSM.project.login.beans.SysUser;
import testSSM.project.login.dao.SysUserMapper;
public class UserRealm extends AuthenticatingRealm{
@Autowired
private SysUserMapper sysUserMapper;
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String)token.getPrincipal();
SysUser user = sysUserMapper.selectByPrimaryKey(username);
if(null == user ){
throw new UnknownAccountException();
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(),getName());
return info;
}
}
LoginService .java
package testSSM.project.login.domain;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Service;
import testSSM.project.login.beans.SysUser;
@Service
public class LoginService {
public String login(SysUser user){
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPassword());
try {
subject.login(token);
} catch (AuthenticationException e) {
e.printStackTrace();
return "失败";
}
if(subject.isAuthenticated()){
return "成功";
}
return "失败";
}
}
LoginController.java
package testSSM.project.login.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import testSSM.project.login.beans.SysUser;
import testSSM.project.login.domain.LoginService;
@Controller
@ResponseBody
public class LoginController {
@Autowired
private LoginService loginService;
@RequestMapping(value = "/login" ,produces = "text/html;charset=utf-8" )
public String login(SysUser user){
return loginService.login(user);
}
}
我这里做了很简单的整合例子,没有页面跳转,需要的话,可以使用重定向等等手段实现