SSM+Shiro实现三级权限管理
一、基本步骤
- 创建maven项目(版本3.3.9)
- pom文件添加shiro依赖(shiro版本1.2.4)
- 自定义realm类
- 创建先关包(model、controller、service、dao、mappers、util)
- 引入SSM配置文件
二、相关文件
1、pom.xml文件
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.imti.garbageManager</groupId>
<artifactId>GarbageManager44</artifactId>
<packaging>jar</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>GarbageManager44 Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<!-- 添加Servlet支持 -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>javax.servlet.jsp-api</artifactId>
<version>2.3.1</version>
</dependency>
<!-- 添加jstl支持 -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- 添加Spring支持 -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>4.1.7.RELEASE</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>1.2.3</version>
</dependency>
<!-- 添加日志支持 -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<!-- 添加mybatis支持 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>3.3.0</version>
</dependency>
<!-- jdbc驱动包 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.37</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.12</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
<version>1.8.8</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.module</groupId>
<artifactId>jackson-module-jaxb-annotations</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>com.hynnet</groupId>
<artifactId>json-lib</artifactId>
<version>2.4</version>
</dependency>
</dependencies>
<build>
<finalName>GarbageManager44</finalName>
</build>
</project>
2、spring配置文件applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd">
<context:annotation-config/>
<!-- 自动扫描 -->
<context:component-scan base-package="com.imti.service" />
<!-- 加载jdbc参数配置文件 -->
<context:property-placeholder location="classpath:jdbc.properties"/>
<!-- 配置数据源 -->
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="${jdbc.jdbcDriver}"/>
<property name="url" value="${jdbc.jdbcUrl}"/>
<property name="username" value="${jdbc.userName}"/>
<property name="password" value="${jdbc.password}"/>
</bean>
<!-- 配置mybatis的sqlSessionFactory -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<!-- 自动扫描mappers.xml文件 -->
<property name="mapperLocations" value="classpath:com/imti/mappers/*.xml"></property>
<!-- mybatis配置文件 -->
<property name="configLocation" value="classpath:mybatis-config.xml"></property>
</bean>
<!-- DAO接口所在包名,Spring会自动查找其下的类 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.imti.dao" />
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
</bean>
<!-- (事务管理)transaction manager, use JtaTransactionManager for global tx -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource" />
</bean>
<!-- 自定义Realm -->
<bean id="myRealm" class="com.imti.realm.MyRealm"/>
<!-- 安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="myRealm"/>
</bean>
<!-- Shiro过滤器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- Shiro的核心安全接口,这个属性是必须的 -->
<property name="securityManager" ref="securityManager"/>
<!-- 身份认证失败,则跳转到登录页面的配置 -->
<property name="loginUrl" value="/login.jsp"/>
<!-- 权限认证失败,则跳转到指定页面 -->
<property name="unauthorizedUrl" value="/unauthor.jsp"/>
<!-- Shiro连接约束配置,即过滤链的定义 -->
<property name="filterChainDefinitions">
<value>
/login=anon
/main.jsp=authc
/admin*=authc
/student=roles[teacher]
/teacher=perms["user:create"]
</value>
</property>
</bean>
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<!-- 开启Shiro注解 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- 配置事务通知属性 -->
<tx:advice id="txAdvice" transaction-manager="transactionManager">
<!-- 定义事务传播属性 -->
<tx:attributes>
<tx:method name="insert*" propagation="REQUIRED" />
<tx:method name="update*" propagation="REQUIRED" />
<tx:method name="edit*" propagation="REQUIRED" />
<tx:method name="save*" propagation="REQUIRED" />
<tx:method name="add*" propagation="REQUIRED" />
<tx:method name="new*" propagation="REQUIRED" />
<tx:method name="set*" propagation="REQUIRED" />
<tx:method name="remove*" propagation="REQUIRED" />
<tx:method name="delete*" propagation="REQUIRED" />
<tx:method name="change*" propagation="REQUIRED" />
<tx:method name="check*" propagation="REQUIRED" />
<tx:method name="get*" propagation="REQUIRED" read-only="true" />
<tx:method name="find*" propagation="REQUIRED" read-only="true" />
<tx:method name="load*" propagation="REQUIRED" read-only="true" />
<tx:method name="*" propagation="REQUIRED" read-only="true" />
</tx:attributes>
</tx:advice>
<!-- 配置事务切面 -->
<aop:config>
<aop:pointcut id="serviceOperation"
expression="execution(* com.imti.service.*.*(..))" />
<aop:advisor advice-ref="txAdvice" pointcut-ref="serviceOperation" />
</aop:config>
</beans>
3、数据库配置文件jdbc.properties
jdbc.jdbcDriver=com.mysql.jdbc.Driver
jdbc.jdbcUrl=jdbc:mysql://127.0.0.1:3306/db_garbagemanager44?userUnicode=true&allowMultiQueries=true&characterEncoding=utf8
jdbc.userName=root
jdbc.password=123456
4、日志配置文件log4j.properties
log4j.rootLogger=DEBUG, Console
#Console
log4j.appender.Console=org.apache.log4j.ConsoleAppender
log4j.appender.Console.layout=org.apache.log4j.PatternLayout
log4j.appender.Console.layout.ConversionPattern=%d [%t] %-5p [%c] - %m%n
log4j.logger.java.sql.ResultSet=INFO
log4j.logger.org.apache=INFO
log4j.logger.java.sql.Connection=DEBUG
log4j.logger.java.sql.Statement=DEBUG
log4j.logger.java.sql.PreparedStatement=DEBUG
5、mybatis配置文件mybatis-config.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration
PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<!-- 别名 -->
<typeAliases>
<package name="com.imti.model"/>
</typeAliases>
</configuration>
6、spring-mvc配置文件spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
">
<!-- 支持对象与json的转换。 -->
<mvc:annotation-driven/>
<!-- 使用注解的包,包括子集 -->
<context:component-scan base-package="com.imti.controller" />
<!-- 视图解析器 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/" />
<property name="suffix" value=".jsp"></property>
</bean>
</beans>
7、web配置文件web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<display-name>GarbageManager44</display-name>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
<!-- shiro过滤器定义 -->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<!-- 该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理 -->
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
<!-- Spring配置文件 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<!-- 编码过滤器 -->
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
<!-- Spring监听器 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- 添加对springmvc的支持 -->
<servlet>
<servlet-name>springMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-mvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>springMVC</servlet-name>
<url-pattern>*.action</url-pattern>
</servlet-mapping>
</web-app>
8、用户实体类:EmployeeInfo
private Integer emId;
private int roleId;
private String emName;
private String password;
private String emSalt;
private String emEmail;
private String emPhone;
private int emAge;
private String emIdCard;
private int emDelflag;
private int emState;
private String em_createTime;
private String em_updateTime;
private int emOptId;
private String emRemark;
9、角色实体类:RoleInfo
private Integer roleId;
private String roleName;
private int roleDelflag;
private int roleState;
private String roleCreateTime;
private String roleUpdateTime;
private int roleOptId;
private String roleRemark;
10、权限实体类:PermissionInfo
private Integer perId;
private String perName;
private int parentId; //父Id,将父节点和子节点进行关联
private String perState; //判断当前节点是否存在子节点,如果存在值为closed,如果不存在,值为open
private String perUrl; //节点路径
private String perms; //当前节点所拥有的权限
private String perSimple; //简拼
private int perType; //判断当前节点的类型,如果当前节点类型为菜单类型,则值为1,如果节点类型为按钮,则值为0
private String perIcon; //节点图标
private int perDelflag; //节点删除标记,0为未删除,1为删除
private String perCreateTime;
private String perUpdateTime;
private String perRemark;
private int perOptId;
11、自定义realm类MyRealm
public class MyRealm extends AuthorizingRealm{
@Autowired
private EmployeeInfoService employeeInfoService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String emName=(String) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
authorizationInfo.setRoles(employeeInfoService.getRoleInfoByName(emName));
authorizationInfo.setStringPermissions(employeeInfoService.getPermissionsByName(emName));
return authorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String emName=(String) token.getPrincipal();
EmployeeInfo employeeInfo=employeeInfoService.getEmployeeInfoByName(emName);
if(employeeInfo!=null) {
AuthenticationInfo authenticationInfo=new SimpleAuthenticationInfo(employeeInfo.getEmName(),employeeInfo.getPassword(),employeeInfo.getEmSalt());
SecurityUtils.getSubject().getSession().setAttribute("currentEmployee", employeeInfo);
return authenticationInfo;
}else {
return null;
}
}
}
12、登录测试类Controller层EmployeeInfoController
@RequestMapping("employeeInfo")
public class EmployeeInfoController {
@Autowired
private EmployeeInfoService employeeInfoService;
@RequestMapping("/login")
public String login(EmployeeInfo employeeInfo,HttpServletRequest request) {
String dRand=request.getParameter("yzm");
HttpSession session=request.getSession();
String sRand=(String) session.getAttribute("sRand");
if(dRand.equals(sRand)) {
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(employeeInfo.getEmName(),Md5Util.md5(employeeInfo.getPassword(), employeeInfo.getEmName()));
try {
subject.login(token);
return "redirect:../main.jsp";
} catch (Exception e) {
return "redirect:/login.jsp?error=1&emName="+employeeInfo.getEmName()+"&password="+employeeInfo.getPassword()+"&sRand="+dRand;
}
}else {
return "redirect:/login.jsp?error=2&emName="+employeeInfo.getEmName()+"&password="+employeeInfo.getPassword()+"&sRand="+dRand;
}
}
}
13、service接口类EmployeeInfoService
public interface EmployeeInfoService {
public EmployeeInfo getEmployeeInfoByName(String emName);
public Set<String> getRoleInfoByName(String emName);
public Set<String> getPermissionsByName(String emName);
}
14、service实现类EmployeeInfoServiceImpl
@Service
public class EmployeeInfoServiceImpl implements EmployeeInfoService {
@Autowired
private EmployeeInfoDao employeeInfoDao;
@Override
public EmployeeInfo getEmployeeInfoByName(String emName) {
return employeeInfoDao.getEmployeeInfoByName(emName);
}
@Override
public Set<String> getRoleInfoByName(String emName) {
return employeeInfoDao.getRoleInfoByName(emName);
}
@Override
public Set<String> getPermissionsByName(String emName) {
return employeeInfoDao.getPermissionsByName(emName);
}
}
15、dao接口类EmployeeInfoDao
public interface EmployeeInfoDao {
public EmployeeInfo getEmployeeInfoByName(String emName);
public Set<String> getRoleInfoByName(String emName);
public Set<String> getPermissionsByName(String emName);
}
16、mappers层SQL语句
<!-- 通过用户名查询当前用户信息 -->
<select id="getEmployeeInfoByName" parameterType="String" resultType="EmployeeInfo">
select
emId,
roleId,
emName,
password,
emSalt,
emEmail,
emPhone,
emAge,
emIdCard,
emDelflag,
emState,
em_createTime,
em_updateTime,
emOptId,
emRemark
from
t_employeeinfo
<where>
emDelflag=0
and
emName=#{emName}
</where>
</select>
<!-- 通过用户名查询当前用户所拥有的的角色 -->
<select id="getRoleInfoByName" parameterType="String" resultType="String">
SELECT
ro.roleName
FROM
t_employeeinfo em
INNER JOIN
t_employeerole er
ON
em.emId=er.emId
INNER JOIN
t_roleinfo ro
ON
er.roleId=ro.roleId
WHERE
em.emDelflag=0
AND
ro.roleDelflag=0
AND
em.emName=#{emName}
</select>
<!-- 通过当前用户名查询当前用户所拥有的权限 -->
<select id="getPermissionsByName" parameterType="String" resultType="String">
SELECT
per.perms
FROM
t_employeeinfo em
INNER JOIN
t_employeerole er
ON
em.emId=er.emId
INNER JOIN
t_roleinfo ro
ON
er.roleId=ro.roleId
INNER JOIN
t_rolepermission rp
ON
rp.roleId=ro.roleId
INNER JOIN
t_permissioninfo per
ON
per.perId=rp.perId
WHERE
em.emDelflag=0
AND
ro.roleDelflag=0
AND
per.perDelflag=0
AND
em.emName=#{emName}
</select>
</mapper>
17、mysql表关系