首先定义标签格式,分为三个tag文件:
1.hasAllPermissions.tag,代码如下:
<%@ tag import="org.apache.shiro.util.StringUtils" %>
<%@ tag import="org.apache.shiro.SecurityUtils" %>
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true"%>
<%@ attribute name="name" type="java.lang.String" required="true" description="权限字符串列表" %>
<%@ attribute name="delimiter" type="java.lang.String" required="false" description="权限字符串列表分隔符" %><%
if(!StringUtils.hasText(delimiter)) {
delimiter = ",";//默认逗号分隔
}
if(!StringUtils.hasText(name)) {
%>
<jsp:doBody/>
<%
return;
}
String[] roles = name.split(delimiter);
if(!SecurityUtils.getSubject().isPermittedAll(roles)) {
return;
} else {
%>
<jsp:doBody/>
<%
}
%>
2.hasAllRoles.tag,代码如下:
<%@ tag import="org.apache.shiro.util.StringUtils" %>
<%@ tag import="org.apache.shiro.SecurityUtils" %>
<%@ tag import="java.util.Arrays" %>
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true"%>
<%@ attribute name="name" type="java.lang.String" required="true" description="角色列表" %>
<%@ attribute name="delimiter" type="java.lang.String" required="false" description="角色列表分隔符" %><%
if(!StringUtils.hasText(delimiter)) {
delimiter = ",";//默认逗号分隔
}
if(!StringUtils.hasText(name)) {
%>
<jsp:doBody/>
<%
return;
}
String[] roles = name.split(delimiter);
if(!SecurityUtils.getSubject().hasAllRoles(Arrays.asList(roles))) {
return;
} else {
%>
<jsp:doBody/>
<%
}
%>
3.hasAnyPermissions.tag,代码如下:
<%@ tag import="org.apache.shiro.util.StringUtils" %>
<%@ tag import="org.apache.shiro.SecurityUtils" %>
<%@ tag import="java.util.Arrays" %>
<%@ tag import="org.apache.shiro.subject.Subject" %>
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true"%>
<%@ attribute name="name" type="java.lang.String" required="true" description="权限字符串列表" %>
<%@ attribute name="delimiter" type="java.lang.String" required="false" description="权限字符串列表分隔符" %><%
if(!StringUtils.hasText(delimiter)) {
delimiter = ",";//默认逗号分隔
}
if(!StringUtils.hasText(name)) {
%>
<jsp:doBody/>
<%
return;
}
String[] permissions = name.split(delimiter);
Subject subject = SecurityUtils.getSubject();
for(String permission : permissions) {
if(subject.isPermitted(permission)) {
%>
<jsp:doBody/>
<%
return;
}
}
%>
以上三个文件放在tags文件夹下,其他页面引用代码如下:
<%@ taglib prefix="shiroextend" tagdir="/WEB-INF/tags" %>
<shiroextend:hasAnyPermissions name="terminal:import">
<a class="easyui-linkbutton" style="width:80px;" data-options="iconCls:'icon-upload',plain:true" οnclick="importCell();">导入</a>
</shiroextend:hasAnyPermissions>
然后在数据库配置相关权限以及对应关系即可
关于后台代码以及相关处理后续再说