SpringBoot 整合 Shiro
整合 mybatis
可以看这篇文章
https://blog.csdn.net/qq_30815637/article/details/97759047
整合 shiro
数据库
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for role_permission
-- ----------------------------
DROP TABLE IF EXISTS `role_permission`;
CREATE TABLE `role_permission` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`rid` int(11) NOT NULL,
`pid` int(11) NOT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 9 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of role_permission
-- ----------------------------
INSERT INTO `role_permission` VALUES (1, 1, 1);
INSERT INTO `role_permission` VALUES (2, 1, 2);
INSERT INTO `role_permission` VALUES (3, 1, 3);
INSERT INTO `role_permission` VALUES (4, 1, 4);
INSERT INTO `role_permission` VALUES (5, 2, 1);
INSERT INTO `role_permission` VALUES (6, 2, 2);
INSERT INTO `role_permission` VALUES (7, 2, 3);
INSERT INTO `role_permission` VALUES (8, 3, 3);
-- ----------------------------
-- Table structure for syspermission
-- ----------------------------
DROP TABLE IF EXISTS `syspermission`;
CREATE TABLE `syspermission` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`modelname` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`permission` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 5 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of syspermission
-- ----------------------------
INSERT INTO `syspermission` VALUES (1, '商品添加', '/product/add');
INSERT INTO `syspermission` VALUES (2, '商品修改', '/product/update');
INSERT INTO `syspermission` VALUES (3, '商品查询', '/product/query');
INSERT INTO `syspermission` VALUES (4, '商品删除', '/product/delete');
-- ----------------------------
-- Table structure for sysrole
-- ----------------------------
DROP TABLE IF EXISTS `sysrole`;
CREATE TABLE `sysrole` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`rolename` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`roledesc` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of sysrole
-- ----------------------------
INSERT INTO `sysrole` VALUES (1, 'admin', 'admin');
INSERT INTO `sysrole` VALUES (2, 'user', 'user');
INSERT INTO `sysrole` VALUES (3, 'vip', 'vip');
-- ----------------------------
-- Table structure for sysuser
-- ----------------------------
DROP TABLE IF EXISTS `sysuser`;
CREATE TABLE `sysuser` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`password` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of sysuser
-- ----------------------------
INSERT INTO `sysuser` VALUES (1, 'lifanyu', '123456');
INSERT INTO `sysuser` VALUES (2, 'lVip', '123456');
INSERT INTO `sysuser` VALUES (3, 'LUser', '123456');
-- ----------------------------
-- Table structure for user_role
-- ----------------------------
DROP TABLE IF EXISTS `user_role`;
CREATE TABLE `user_role` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`uid` int(11) NOT NULL,
`rid` int(11) NOT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 7 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of user_role
-- ----------------------------
INSERT INTO `user_role` VALUES (1, 1, 1);
INSERT INTO `user_role` VALUES (2, 1, 2);
INSERT INTO `user_role` VALUES (3, 1, 3);
INSERT INTO `user_role` VALUES (4, 2, 2);
INSERT INTO `user_role` VALUES (5, 2, 3);
INSERT INTO `user_role` VALUES (6, 3, 3);
SET FOREIGN_KEY_CHECKS = 1;
工程目录
[外链图片转存失败(img-O7cCLVHU-1564495131523)(images/2019-07-30_215103.png)]
修改 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.6.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.lfy</groupId>
<artifactId>springboot-shiro</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springboot-shiro</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<thymeleaf.version>3.0.11.RELEASE</thymeleaf.version>
<!-- 布局功能支持程序, Thymeleaf3主程序 需要 layout2 以上版本 -->
<thymeleaf.layout-dialect.version>2.4.1</thymeleaf.layout-dialect.version>
</properties>
<dependencies>
<!-- web -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- mybatis -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.0</version>
</dependency>
<!-- 数据库驱动 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<!-- 测试 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<!-- shiro -->
<!-- shiro 模块 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<!-- Thymeleaf 模块 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!--添加热部署-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
<scope>true</scope>
</dependency>
<!-- shiro + ehcache -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.2.5</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<!--热部署配置-->
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<!--fork:如果没有该项配置,整个devtools不会起作用-->
<fork>true</fork>
</configuration>
</plugin>
</plugins>
</build>
</project>
配置 application.properties
server.port=8080
spring.datasource.username=root
spring.datasource.password=123456
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql:///shiro
mybatis.mapper-locations=classpath:mybatis/mapper/*.xml
mybatis.config-location=classpath:mybatis/mybatis-config.xml
spring.thymeleaf.cache=false
spring.thymeleaf.suffix=.html
spring.thymeleaf.prefix= classpath:/templates/
spring.thymeleaf.servlet.content-type=text/html
spring.thymeleaf.enabled=true
spring.thymeleaf.encoding=utf-8
spring.thymeleaf.mode=HTML
编写 Realm
MyRealm :
/**
* 自定义 Realm
*/
public class MyRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo
(AuthenticationToken authenticationToken) throws AuthenticationException {
//获取主体的身份
String username = (String) authenticationToken.getPrincipal();
System.out.println("---> Principal:"+username);
//根据用户名查询用户信息
SysUser existUser = userService.findUserByUserName(username);
if(existUser == null){
return null;
}
System.out.println("---> DataBase:"+existUser);
//如果不为空 则构建 SimpleAuthenticationInfo
//组装 authenticationInfo
//参数一 : 数据库中的用户 参数二 : 数据库中的密码 参数三 : realm 的 name
SimpleAuthenticationInfo authenticationInfo =
new SimpleAuthenticationInfo(existUser,existUser.getPassword(),this.getName());
//返回认证信息到 Controller
return authenticationInfo;
}
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo
(PrincipalCollection principalCollection) {
//访问 @RequirePermission 注解的 url 时触发
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//得到要授权的用户信息
SysUser user = (SysUser) principalCollection.getPrimaryPrincipal();
//用户角色权限进行绑定
for(SysRole role : user.getRoleList()) {
authorizationInfo.addRole(role.getRolename());
for(SysPermission permission : role.getPermissions()) {
authorizationInfo.addStringPermission(permission.getPermission());
}
}
return authorizationInfo;
}
}
配置 Shiro
@Configuration
public class ShiroConfig {
//配置加密方式
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher() {
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
matcher.setHashAlgorithmName("md5");
matcher.setHashIterations(2);
return matcher;
}
//配置自定义 Realm
@Bean
public MyRealm myRealm(){
return new MyRealm();
}
//配置安全管理器
@Bean
public SecurityManager securityManager(){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myRealm());
return securityManager;
}
//DefaultAdvisorAutoProxyCreator,Spring的一个bean,由Advisor决定对哪些类的方法进行AOP代理。
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAAP = new DefaultAdvisorAutoProxyCreator();
defaultAAP.setProxyTargetClass(true);
return defaultAAP;
}
//开启@RequirePermission注解的配置,要结合DefaultAdvisorAutoProxyCreator一起使用,或者导入aop的依赖
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
//定义Spring MVC的异常处理器
@Bean
public SimpleMappingExceptionResolver createSimpleMappingExceptionResolver() {
SimpleMappingExceptionResolver r = new SimpleMappingExceptionResolver();
Properties mappings = new Properties();
mappings.setProperty("DatabaseException", "databaseError");//数据库异常处理
mappings.setProperty("UnauthorizedException","403");//处理shiro的认证未通过异常
r.setExceptionMappings(mappings); // None by default
r.setDefaultErrorView("error"); // No default
r.setExceptionAttribute("ex"); // Default is "exception"
return r;
}
//配置 shiro 过滤器
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
System.out.println("shiroFilterFactoryBean...");
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//设置安全管理器
shiroFilterFactoryBean.setSecurityManager(securityManager);
//设置不拦截的路径
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
// 配置不会被拦截的链接 顺序判断 相关静态资源
filterChainDefinitionMap.put("/assets/**", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/font/**", "anon");
filterChainDefinitionMap.put("/images/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/products/**", "anon");
filterChainDefinitionMap.put("/Widget/**", "anon");
//配置退出 过滤器,其中的具体的退出代码Shiro已经替我们实现了
filterChainDefinitionMap.put("/logout", "logout");
//authc:所有url都必须认证通过才可以访问;
//anon:所有url都都可以匿名访问
filterChainDefinitionMap.put("/**", "authc");
// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
shiroFilterFactoryBean.setLoginUrl("/login");
// 登录成功后要跳转的链接
shiroFilterFactoryBean.setSuccessUrl("/index");
//未授权界面;
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
}
编写 bean,dao,service,controller
SysUser.java :
package com.lfy.springbootshiro.bean;
import java.util.List;
/**
* 用户类
* @author 15099
*
*/
public class SysUser {
private int id;
private String username;
private String password;
// 一个用户有多个角色
private List<SysRole> roleList;
// 省略 get set 方法
}
SysRole.java :
package com.lfy.springbootshiro.bean;
import java.util.List;
/**
* 角色类
*/
public class SysRole {
private int id;
private String rolename;//角色名称
private String roledesc;//角色描述
//一个角色对应多个权限
private List<SysPermission> permissions;
// 省略 get set 方法
}
SysPermission.java :
package com.lfy.springbootshiro.bean;
import java.util.List;
public class SysPermission {
private int id;
private String modelname;
private String permission;
//一个权限可以被多个角色拥有
//角色(*) -- 权限(*)
private List<SysRole> roles;
// 省略 get set 方法
}
UserMapper.java :
@Mapper
@Repository
public interface UserMapper {
//根据用户名查询用户信息
SysUser findByUserName(String username);
}
UserMapper.xml :
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DOD Config 3.0//EN"
"http://mybatis.org/schema/mybatis-3-mapper.dtd">
<mapper namespace="com.lfy.springbootshiro.dao.UserMapper">
<select id="findByUserName" parameterType="String" resultMap="user" >
select u.id u_id,username,password,r.id r_id ,rolename ,roledesc , p.id p_id ,modelname,permission from sysuser u
INNER JOIN user_role ur on u.id = ur.uid
INNER JOIN sysrole r ON ur.rid = r.id
INNER JOIN role_permission rp ON r.id = rp.rid
INNER JOIN syspermission p on rp.pid = p.id
where u.username = #{name}
</select>
<resultMap id="user" type="com.lfy.springbootshiro.bean.SysUser">
<id property="id" column="u_id"></id>
<result property="username" column="username"/>
<result property="password" column="password"/>
<collection property="roleList" javaType="java.util.List" ofType="com.lfy.springbootshiro.bean.SysRole">
<id property="id" column="r_id"/>
<result property="rolename" column="rolename"/>
<result property="roledesc" column="roledesc"/>
<collection property="permissions" javaType="java.util.List" ofType="com.lfy.springbootshiro.bean.SysPermission">
<id property="id" column="p_id"/>
<result property="modelname" column="modelname"/>
<result property="permission" column="permission"/>
</collection>
</collection>
</resultMap>
</mapper>
IUserService.java :
public interface IUserService {
SysUser findUserByUserName(String username);
}
UserServiceImpl.java :
@Service
public class UserService implements IUserService {
@Autowired
private UserMapper userMapper;
@Override
public SysUser findUserByUserName(String username) {
return userMapper.findByUserName(username);
}
}
UserController.java :
@Controller
public class UserController {
@Autowired
private UserService userService;
@RequestMapping({"/","/index"})
//@ResponseBody
public String root(){
return "index";
}
@RequestMapping("/login")
public String login(HttpServletRequest request, Map<String, String> map) {
System.out.println("login ... ");
String exception = (String)request.getAttribute("shiroLoginFailure");
System.out.println("exception"+ exception);
String msg = "";
if (exception != null) {
if (UnknownAccountException.class.getName().equals(exception)) {
System.out.println("UnknownAccountException -- > 账号不存在:");
msg = "unknownAccount";
} else if (IncorrectCredentialsException.class.getName().equals(exception)) {
msg = "incorrectPassword";
} else if ("kaptchaValidateFailed".equals(exception)) {
System.out.println("kaptchaValidateFailed -- > 验证码错误");
msg = "kaptchaValidateFailed -- > 验证码错误";
} else {
msg = "else >> "+exception;
System.out.println("else -- >" + exception);
}
}
map.put("msg", msg);
//认证成功由shiro框架自行处理
return "login";
}
@GetMapping("/user/{username}")
@ResponseBody
@RequiresPermissions("/user/add")
public SysUser findUserByName(@PathVariable("username") String username){
SysUser user = userService.findUserByUserName(username);
return user;
}
}
编写页面
login.html
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login</title>
</head>
<body>
<form action="/login" method="post">
用户名:<input type="text" name="username">
密码 : <input type="password" name="password">
<input type="submit" value="提交">
</form>
</body>
</html>
index.html
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Index</title>
</head>
<body>
<h1>Index</h1>
<a href="/logout">退出</a>
</body>
</html>
403.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>403</title>
</head>
<body>
<h1>403</h1>
</body>
</html>
index.html
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Index</title>
</head>
<body>
<h1>Index</h1>
<a href="/logout">退出</a>
</body>
</html>
403.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>403</title>
</head>
<body>
<h1>403</h1>
</body>
</html>