码迷,mamicode.com
首页 > 编程语言 > 详细

SpringBoot 集成 Shiro:使用Shiro的角色管理(五)

时间:2018-09-08 14:08:24      阅读:195      评论:0      收藏:0      [点我收藏+]

标签:shiro   serial   star   init   htm   har   static   页面   数据源   

  Shiro的角色管理,可以根据  

 

添加Role实体类,修改User类,修改数据源

技术分享图片
@Getter
@Setter
@AllArgsConstructor
public class Role implements Serializable {
    private String name;
}
Role.java
技术分享图片
@Getter
@Setter
public class User implements Serializable {
    private String id;
    private String username;
    private String password;
    private String salt;
    private Set<Role> roles;
    public User(String username, String password) {
        this.id = UUID.randomUUID().toString().replace("-", "");
        this.username = username;
        this.salt = getId().substring(0, 6);
        this.password = new Sha512Hash(password, getSalt()).toString();
        this.roles = new HashSet<>();
    }
}
User.java
技术分享图片
static {
    userMap.put("user", new User("user", "123456"));
    userMap.put("admin", new User("admin", "123456"));
    Role userRole = new Role("user");
    Role adminRole = new Role("admin");
    userMap.get("user").getRoles().add(userRole);
    userMap.get("admin").getRoles().add(userRole);
    userMap.get("admin").getRoles().add(adminRole);
}
UserService.java

增加、修改页面用于测试功能

技术分享图片
<!—403.html-->
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>403</title>
</head>
<body>
没有权限 <a href="/index">返回首页</a>
</body>
</html>
403.html
技术分享图片
<!—admin.html-->
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="UTF-8">
    <title>管理界面</title>
</head>
<body>
<p th:text="${user.username}+‘ 管理员您好‘"></p>
<a href="/index">返回首页</a>
</body>
</html>
admin.html
技术分享图片
<!—index.html-->
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>welcome</title>
</head>
<body>
欢迎登录网页
<a href="/user">个人主页</a>
<a href="/admin">用户管理</a>
<a href="/logout">退出登录</a>
</body>
</html>
index.htm
技术分享图片
<!—user.html-->
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="UTF-8">
    <title>个人页面</title>
</head>
<body>
<p th:text="${user.username}+‘ 用户您好‘"></p>
<a href="/index">返回首页</a>
</body>
</html>
user.html

修改Controller

技术分享图片
@RequestMapping(value = {"/user"}, method = RequestMethod.GET)
public String user(Model model) {
    User user = (User) ShiroUtils.getSubject().getPrincipal();
    model.addAttribute("user", user);
    return "user";
}
@RequestMapping(value = {"/admin"}, method = RequestMethod.GET)
public String admin(Model model) {
    User user = (User) ShiroUtils.getSubject().getPrincipal();
    model.addAttribute("user", user);
    return "admin";
}
@RequestMapping(value = {"/403"}, method = RequestMethod.GET)
public String noAuth(Model model) {
    return "403";
}
HomeController

在MyRealm的doGetAuthorizationInfo 中将用户的角色配置到AuthorizationInfo 中返回

技术分享图片
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    User user = (User) principalCollection.getPrimaryPrincipal();
    for (Role role : user.getRoles()) {
        info.addRole(role.getName());
    }
    return info;
}
MyRealm.java

修改Shiro拦截器配置

//角色拦截
filterChainDefinitionMap.put("/user", "authc,roles[user]");
filterChainDefinitionMap.put("/admin", "authc,roles[user,admin]");
//未授权界面;
shiroFilterFactoryBean.setUnauthorizedUrl("/403");

分别登录使用user、admin用户访问/admin 和/user 可以发现user 没有权限访问/admin

 

源码地址:https://github.com/StarkTan/SpringBootShiro

SpringBoot 集成 Shiro:使用Shiro的角色管理(五)

标签:shiro   serial   star   init   htm   har   static   页面   数据源   

原文地址:https://www.cnblogs.com/starktan/p/9608897.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!