Shiro整合SpringBoot以及Thymeleaf
1.ShiroConfig
package org. best. config;
import org. apache. shiro. spring. web. ShiroFilterFactoryBean;
import org. apache. shiro. web. mgt. DefaultWebSecurityManager;
import org. springframework. beans. factory. annotation. Qualifier;
import org. springframework. context. annotation. Bean;
import org. springframework. context. annotation. Configuration;
import java. util. LinkedHashMap;
import java. util. Map;
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean ( @Qualifier ( "getDefaultWebSecurityManager" ) DefaultWebSecurityManager defaultWebSecurityManager) {
ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean ( ) ;
filterFactoryBean. setSecurityManager ( defaultWebSecurityManager) ;
filterFactoryBean. setLoginUrl ( "/goLogin" ) ;
filterFactoryBean. setUnauthorizedUrl ( "/403" ) ;
Map map = new LinkedHashMap < String, String> ( ) ;
map. put ( "/" , "anon" ) ;
map. put ( "/index" , "anon" ) ;
map. put ( "/user" , "perms[user]" ) ;
map. put ( "/admin" , "perms[admin]" ) ;
filterFactoryBean. setFilterChainDefinitionMap ( map) ;
return filterFactoryBean;
}
@Bean
public DefaultWebSecurityManager getDefaultWebSecurityManager ( @Qualifier ( "getMyShiroRealm" ) MyShiroRealm myShiroRealm) {
DefaultWebSecurityManager webSecurityManager = new DefaultWebSecurityManager ( ) ;
webSecurityManager. setRealm ( myShiroRealm) ;
return webSecurityManager;
}
@Bean
public MyShiroRealm getMyShiroRealm ( ) {
return new MyShiroRealm ( ) ;
}
}
2.自定义realm
package org. best. config;
import org. apache. shiro. SecurityUtils;
import org. apache. shiro. authc. *;
import org. apache. shiro. authz. AuthorizationInfo;
import org. apache. shiro. authz. SimpleAuthorizationInfo;
import org. apache. shiro. realm. AuthorizingRealm;
import org. apache. shiro. session. Session;
import org. apache. shiro. subject. PrincipalCollection;
import org. best. pojo. User;
import org. best. service. UserService;
import org. springframework. beans. factory. annotation. Autowired;
public class MyShiroRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo ( PrincipalCollection principalCollection)
{
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo ( ) ;
User primaryPrincipal = ( User) principalCollection. getPrimaryPrincipal ( ) ;
String username = primaryPrincipal. getUsername ( ) ;
info. addStringPermission ( userService. findUserByName ( username) . getRole ( ) ) ;
return info;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo ( AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken userToken = ( UsernamePasswordToken) token;
User user = userService. findUserByName ( userToken. getUsername ( ) ) ;
if ( user== null) {
return null;
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo ( user, user. getPassword ( ) , this . getName ( ) ) ;
SecurityUtils. getSubject ( ) . getSession ( ) . setAttribute ( "user" , user) ;
return info;
}
}
3.Controller层
package org. best. controller;
import org. apache. shiro. SecurityUtils;
import org. apache. shiro. authc. AuthenticationException;
import org. apache. shiro. authc. IncorrectCredentialsException;
import org. apache. shiro. authc. UnknownAccountException;
import org. apache. shiro. authc. UsernamePasswordToken;
import org. apache. shiro. subject. Subject;
import org. best. pojo. User;
import org. springframework. stereotype. Controller;
import org. springframework. ui. Model;
import org. springframework. web. bind. annotation. GetMapping;
import org. springframework. web. bind. annotation. ResponseBody;
@Controller
public class UserController {
@GetMapping ( value = { "/index" , "/" } )
public String index ( ) {
return "index" ;
}
@GetMapping ( "/goLogin" )
public String goLogin ( ) {
return "login" ;
}
@GetMapping ( "/user" )
@ResponseBody
public String user ( ) {
return "当前为user界面" ;
}
@GetMapping ( "/admin" )
@ResponseBody
public String admin ( ) {
return "当前为admin界面" ;
}
@GetMapping ( "/403" )
public String noType ( ) {
return "403" ;
}
@GetMapping ( "/login" )
public String login ( User user, Model model) {
if ( user== null) {
return "login" ;
}
UsernamePasswordToken token = new UsernamePasswordToken ( user. getUsername ( ) , user. getPassword ( ) ) ;
Subject subject = SecurityUtils. getSubject ( ) ;
try {
subject. login ( token) ;
return "index" ;
} catch ( IncorrectCredentialsException e) {
model. addAttribute ( "message" , "密码错误" ) ;
return "login" ;
} catch ( UnknownAccountException e) {
model. addAttribute ( "message" , "用户名不存在" ) ;
return "login" ;
}
}
}
4.Service层
package org. best. service;
import org. best. pojo. User;
public interface UserService {
User findUserByName ( String username) ;
}
package org. best. service. imp;
import org. best. mapper. UserMapper;
import org. best. pojo. User;
import org. best. service. UserService;
import org. springframework. beans. factory. annotation. Autowired;
import org. springframework. stereotype. Service;
@Service
public class UserServiceImpl implements UserService {
@Autowired
private UserMapper userMapper;
@Override
public User findUserByName ( String username) {
return userMapper. findUserByName ( username) ;
}
}
5.持久层
package org. best. mapper;
import org. apache. ibatis. annotations. Mapper;
import org. best. pojo. User;
import org. springframework. stereotype. Repository;
@Mapper
@Repository
public interface UserMapper {
User findUserByName ( String username) ;
}
6.接口映射文件
< ? xml version= "1.0" encoding= "UTF-8" ? >
< ! DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
< ! -- namespace为所对应的接口-- >
< mapper namespace= "org.best.mapper.UserMapper" >
< select id= "findUserByName" resultType= "user" >
select * from user where username= #{ username}
< / select>
< / mapper>
7.前端界面
403. html
< ! DOCTYPE html>
< html lang= "en" >
< head>
< meta charset= "UTF-8" >
< title> Title< / title>
< / head>
< body>
403 页面
< / body>
< / html>
index. html
< ! DOCTYPE html>
< html lang= "en" xmlns: th= "http://www.thymeleaf.org"
xmlns: shiro= "http://www.thymeleaf.org/thymeleaf-extras-shiro" >
< head>
< meta charset= "UTF-8" >
< title> Title< / title>
< / head>
< body>
< a th: href= "@{/goLogin}" th: if = "${session.user==null}" > 登录< / a>
< div shiro: hasPermission= "user" >
< a th: href= "@{/user}" > user可点击< / a>
< / div>
< div shiro: hasPermission= "admin" >
< a th: href= "@{/admin}" > admin可点击< / a>
< / div>
< / body>
< / html>
login. html
< ! DOCTYPE html>
< html lang= "en" xmlns: th= "http://www.thymeleaf.org" >
< head>
< meta charset= "UTF-8" >
< title> Title< / title>
< / head>
< body>
< form action= "login" method= "get" >
< h5 th: text= "${message}" > < / h5>
用户名: < input type= "text" name= "username" > < br>
密 码: < input type= "password" name= "password" > < br>
< input type= "submit" value= "登录" >
< / form>
< / body>
< / html>