标签:iss protected 优先 realm url 权限控制 hash 菜单 ken
4个POJO
/** * @description:菜单 */ @Entity @Table(name = "T_MENU") public class Menu { @Id @GeneratedValue @Column(name = "C_ID") private int id; @Column(name = "C_NAME") private String name; // 菜单名称 @Column(name = "C_PAGE") private String page; // 访问路径 @Column(name = "C_PRIORITY") private Integer priority; // 优先级 @Column(name = "C_DESCRIPTION") private String description; // 描述 @ManyToMany(mappedBy = "menus") private Set<Role> roles = new HashSet<Role>(0); @OneToMany(mappedBy = "parentMenu") private Set<Menu> childrenMenus = new HashSet<Menu>(); @ManyToOne @JoinColumn(name = "C_PID") private Menu parentMenu;
/** * @description:权限名称 */ @Entity @Table(name = "T_PERMISSION") public class Permission { @Id @GeneratedValue @Column(name = "C_ID") private int id; @Column(name = "C_NAME") private String name; // 权限名称 @Column(name = "C_KEYWORD") private String keyword; // 权限关键字,用于权限控制 @Column(name = "C_DESCRIPTION") private String description; // 描述 @ManyToMany(mappedBy = "permissions") private Set<Role> roles = new HashSet<Role>(0);
/** * @description:角色 */ @Entity @Table(name = "T_ROLE") public class Role { @Id @GeneratedValue @Column(name = "C_ID") private int id; @Column(name = "C_NAME") private String name; // 角色名称 @Column(name = "C_KEYWORD") private String keyword; // 角色关键字,用于权限控制 @Column(name = "C_DESCRIPTION") private String description; // 描述 @ManyToMany(mappedBy = "roles") private Set<User> users = new HashSet<User>(0); @ManyToMany @JoinTable(name = "T_ROLE_PERMISSION", joinColumns = { @JoinColumn(name = "C_ROLE_ID", referencedColumnName = "C_ID") }, inverseJoinColumns = { @JoinColumn(name = "C_PERMISSION_ID", referencedColumnName = "C_ID") }) private Set<Permission> permissions = new HashSet<Permission>(0); @ManyToMany @JoinTable(name = "T_ROLE_MENU", joinColumns = { @JoinColumn(name = "C_ROLE_ID", referencedColumnName = "C_ID") }, inverseJoinColumns = { @JoinColumn(name = "C_MENU_ID", referencedColumnName = "C_ID") }) private Set<Menu> menus = new HashSet<Menu>(0);
/** * @description:后台用户 */ @Entity @Table(name = "T_USER") public class User { @Id @GeneratedValue @Column(name = "C_ID") private int id; // 主键 @Column(name = "C_BIRTHDAY") private Date birthday; // 生日 @Column(name = "C_GENDER") private String gender; // 性别 @Column(name = "C_PASSWORD") private String password; // 密码 @Column(name = "C_REMARK") private String remark; // 备注 @Column(name = "C_STATION") private String station; // 状态 @Column(name = "C_TELEPHONE") private String telephone; // 联系电话 @Column(name = "C_USERNAME", unique = true) private String username; // 登陆用户名 @Column(name = "C_NICKNAME") private String nickname; // 真实姓名 @ManyToMany @JoinTable(name = "T_USER_ROLE", joinColumns = { @JoinColumn(name = "C_USER_ID", referencedColumnName = "C_ID") }, inverseJoinColumns = { @JoinColumn(name = "C_ROLE_ID", referencedColumnName = "C_ID") }) private Set<Role> roles = new HashSet<Role>(0);
在web.xml中配置filter
<!-- 配置 shiro的filter--> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
配置applicationContext-shiro.xml文件
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jpa="http://www.springframework.org/schema/data/jpa" xmlns:task="http://www.springframework.org/schema/task" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd"> <!-- 配置Shiro核心Filter --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <!-- 安全管理器 --> <property name="securityManager" ref="securityManager" /> <!-- 未认证,跳转到哪个页面 --> <property name="loginUrl" value="/login.html" /> <!-- 登录页面页面 --> <property name="successUrl" value="/index.html" /> <!-- 认证后,没有权限跳转页面 --> <property name="unauthorizedUrl" value="/unauthorized.html" /> <!-- shiro URL控制过滤器规则 --> <property name="filterChainDefinitions"> <value> /login.html* = anon /user_login.action* = anon /css/** = anon /js/** = anon /images/** = anon /services/** = anon /pages/base/courier.html* = perms[courier:list] /pages/base/area.html* = roles[base] /** = authc </value> </property> </bean> <!-- 安全管理器 --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="bosRealm" /> </bean> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> </beans>
基于shiro登录的部分核心代码
// 基于shiro实现登录 Subject subject = SecurityUtils.getSubject(); AuthenticationToken authenticationToken = new UsernamePasswordToken(model.getUsername(), model.getPassword()); try { subject.login(authenticationToken); return SUCCESS; } catch (AuthenticationException e) { //登录失败 e.printStackTrace(); return "login"; }
realm类
@Service("bosRealm") public class BosRealm extends AuthorizingRealm{ @Autowired private UserService userService; @Autowired private RoleService roleService; @Autowired private PermissionService permissionService; //授权 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) { SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); //根据当前登录的用户查询对应角色和权限 Subject subject = SecurityUtils.getSubject(); User user = (User) subject.getPrincipal(); //查询角色 List<Role> roles = roleService.findByUser(user); for (Role role : roles) { authorizationInfo.addRole(role.getKeyword()); } //查询权限 List<Permission> permissions = permissionService.findByUser(user); for (Permission permission : permissions) { authorizationInfo.addStringPermission(permission.getKeyword()); } return authorizationInfo; } //认证 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { //转换taken UsernamePasswordToken passwordToken = (UsernamePasswordToken) token; //根据用户名查询用户信息 User user = userService.findByUsername(passwordToken.getUsername()); if(user == null) { //用户名不存在, return null; }else { //用户名存在 //当用户返回密码时,securityManager安全管理器,自动比较返回密码和用户输入密码是否一致, //密码一致.登录成功,密码不一致,报出异常 return new SimpleAuthenticationInfo(user, user.getPassword(), getName()); } } }
标签:iss protected 优先 realm url 权限控制 hash 菜单 ken
原文地址:http://www.cnblogs.com/learnjfm/p/7347846.html