一、配置pom文件
-
导入shiro的依赖库
<!--加载shiro的库--> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-all</artifactId> <version>1.3.2</version> </dependency>
二、配置web.xml
-
配置shiro的过滤器
<!--配置shiro的过滤器 注意:spring会在ioc容器去找filter同名的bean,因此filter的名字不能乱改 --> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/spring-dao.xml,classpath:spring/spring-service.xml,classpath:spring/spring-shiro.xml</param-value>
</context-param>
三、新建spring-shiro.xml
-
跟ssm整合是类似的
<?xml version="1.0" encoding="UTF-8"?><!--配置SecurityManager的bean对象--> <bean id="defaultWebSecurityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <!--注入认证器--> <property name="authenticator" ref="modularrealmauthenticator"/> <!--注入数据域--> <property name="realm" ref="oaSysRealm"/> </bean> <!--数据域--> <bean id="oaSysRealm" class="com.gec.oasys.realm.OaSysRealm"> </bean> <!--认证器--> <bean id="modularrealmauthenticator" class="org.apache.shiro.authc.pam.ModularRealmAuthenticator"> <!--使用策略--> <property name="authenticationStrategy"> <bean class="org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy"></bean> </property> </bean> <!--配置 LifecycleBeanPostProcessor. 可以自定的来调用配置在 Spring IOC 容器中 shiro bean 的生命周期方法.--> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> <!--启用 IOC 容器中使用 shiro 的注解. 但必须在配置了 LifecycleBeanPostProcessor 之后才可以使用--> <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> <property name="securityManager" ref="defaultWebSecurityManager"/> </bean> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="defaultWebSecurityManager"/> <!--登录页--> <property name="loginUrl" value="/login.jsp"/> <!--认证成功的页面--> <property name="successUrl" value="/index"/> <!--认证失败的页面--> <property name="unauthorizedUrl" value="/login.jsp"/> <property name="filterChainDefinitions"> <value> /login = anon /login.jsp = anon /jquery-3.3.1/** = anon /js/** = anon /layui/** = anon /res/** = anon <!-- /shiro/login = anon /shiro/logout = logout /user.jsp = roles[user] /admin.jsp = roles[admin] --> # everything else requires authentication: /** = authc </value> </property> </bean>
四、编写一个案例
- 自定义数据域
package com.gec.oasys.realm;
import com.gec.oasys.pojo.SysUser;
import com.gec.oasys.service.SysUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.List;
/**
* @Author Lin_Home
* @Date 2020/11/16 16:12
* @Version 1.0
*/
public class OaSysRealm extends AuthorizingRealm {
@Autowired
private SysUserService sysUserService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
//获取用户名
String username = usernamePasswordToken.getUsername();
System.out.println("realm中的用户名"+username);
//获取密码
String pwd = new String(usernamePasswordToken.getPassword());
System.out.println("realm中的密码"+pwd);
//把上面的数值存储到pojo的对象中
SysUser sysUser = new SysUser();
sysUser.setLogin_name(username);
sysUser.setPwd(pwd);
//根据上面的数据进行查询
List<SysUser> query = sysUserService.queryShiro(sysUser);
if (query != null && query.size()>0){
//查询出来数值之后进行
SysUser outSysUser = query.get(0);
String userId="";
SimpleAuthenticationInfo simpleAuthenticationInfo=new SimpleAuthenticationInfo(
String.valueOf(outSysUser.getId()),
outSysUser.getPwd(),
"OaSysRealm"
);
return simpleAuthenticationInfo;
}else {
throw new AuthenticationException("认证失败");
}
}
}
- Controller层实现
/*shiro登录返回来验证*/
@RequestMapping("/login")
public String login(SysUser sysUser) {
System.out.println("登录名"+sysUser.getLogin_name());
System.out.println("登录密码"+sysUser.getPwd());
//获取shiro的主体
Subject subject = SecurityUtils.getSubject();
//传入指令对象
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(
sysUser.getLogin_name(),
sysUser.getPwd());
try {
subject.login(usernamePasswordToken);
// return "index";
return "sysdepart/sysdepart";
}catch (AuthenticationException e){
System.out.println(e.getMessage());
return "login";
}
- service层的接口
public interface SysUserService {
//实现shiro的查询
List<SysUser> queryShiro(SysUser sysUser);
}
- 实现接口
@Service
@Transactional
public class SysUserServiceImpl implements SysUserService {
@Autowired
private SysUserMapper sysUserMapper;
@Override
public List<SysUser> queryShiro(SysUser sysUser) {
return sysUserMapper.queryShiro(sysUser);
}
}
- Mapper接口
@Repository
public interface SysUserMapper {
//登录之前的shiro 验证
List<SysUser> queryShiro(SysUser sysUser);
}
- Mapper的映射文件配置
<!--shiro 登录授权查询-->
<select id="queryShiro" parameterType="com.gec.oasys.pojo.SysUser" resultMap="ResultMap">
SELECT u.id,u.login_name,u.pwd,u.sex,u.`status`,u.`name`,r.`name` as role, d.`Name` as org
FROM sys_user u
LEFT JOIN sys_department d
on d.Id=u.org_id
LEFT JOIN sys_role r
on r.id=u.role_id where login_name = #{login_name} and pwd = #{pwd}
</select>
<resultMap id="ResultMap" type="com.gec.oasys.pojo.UserRole">
<id property="id" column="id"/>
<id property="login_name" column="login_name"/>
<id property="pwd" column="pwd"/>
<id property="sex" column="sex"/>
<id property="status" column="status"/>
<id property="name" column="name"/>
<id property="role" column="role"/>
<id property="org" column="org"/>
</resultMap>