码迷,mamicode.com
首页 > 其他好文 > 详细

SSM+Redis+Shiro+Maven框架搭建及集成应用

时间:2018-12-18 19:56:17      阅读:150      评论:0      收藏:0      [点我收藏+]

标签:apache   pool   lis   参数   ppi   connect   .sql   context   1.0   

 

 

引文:

  本文主要讲述项目框架搭建时的一些简单的使用配置,教你如何快速进行项目框架搭建。

 

技术: Spring+SpringMVC+Mybatis+Redis+Shiro+Maven            mybatis、redis都是使用spring集成

 

技术介绍就不再讲述了,话不多说,急忙上代码了。

 

1、新建Web项目使用Maven 进行项目管理

  具体步骤不进行讲述。。。。

  主要配置 web.xml 文件

  1 <?xml version="1.0" encoding="UTF-8"?>
  2 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3     xmlns="http://java.sun.com/xml/ns/javaee"
  4     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
  5     version="3.0">
  6     
  7     <display-name></display-name>
  8     
  9     <welcome-file-list>
 10         <welcome-file>index</welcome-file>
 11     </welcome-file-list>
 12     
 13     <error-page>
 14         <error-code>404</error-code>
 15         <location>/WEB-INF/jsp/other/404.jsp</location>
 16     </error-page>
 17     <error-page>
 18         <error-code>500</error-code>
 19         <location>/WEB-INF/jsp/other/500.jsp</location>
 20     </error-page>
 21     
 22     <context-param>
 23         <param-name>contextConfigLocation</param-name>
 24         <param-value>classpath:applicationContext.xml</param-value>
 25     </context-param>
 26     
 27     <listener>
 28         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 29     </listener>
 30     <listener>
 31         <listener-class>com.idbk.eastevs.webapi.ApplicationListener</listener-class>
 32     </listener>
 33     
 34     <!-- shiro 过滤器 -->
 35     <filter>
 36         <filter-name>shiroFilter</filter-name>
 37         <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
 38         <!-- 设置true由servlet容器控制filter的生命周期 -->
 39         <init-param>
 40             <param-name>targetFilterLifecycle</param-name>
 41             <param-value>true</param-value>
 42         </init-param>
 43     </filter>
 44     <filter-mapping>
 45         <filter-name>shiroFilter</filter-name>
 46         <url-pattern>/*</url-pattern>
 47     </filter-mapping>
 48     
 49     <!-- springMVC编码过滤器 -->
 50     <filter>
 51         <filter-name>CharacterEncodingFilter</filter-name>
 52         <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
 53         <init-param>
 54             <param-name>encoding</param-name>
 55             <param-value>utf-8</param-value>
 56         </init-param>
 57         <init-param>
 58             <param-name>forceEncoding</param-name>
 59             <param-value>true</param-value>
 60         </init-param>
 61     </filter>
 62     <filter-mapping>
 63         <filter-name>CharacterEncodingFilter</filter-name>
 64         <url-pattern>/*</url-pattern>
 65     </filter-mapping>
 66     
 67     <!-- xss攻击防御过滤器 -->
 68     <filter>
 69         <filter-name>MyXssFilter</filter-name>
 70         <filter-class>com.idbk.eastevs.webapi.filter.MyXssFilter</filter-class>
 71     </filter>
 72     <filter-mapping>
 73         <filter-name>MyXssFilter</filter-name>
 74         <url-pattern>/*</url-pattern>
 75     </filter-mapping>
 76     
 77     <servlet-mapping>
 78         <servlet-name>default</servlet-name>
 79         <url-pattern>*.htm</url-pattern>
 80         <url-pattern>*.html</url-pattern>
 81         <url-pattern>*.js</url-pattern>
 82         <url-pattern>*.css</url-pattern>
 83         <url-pattern>*.json</url-pattern>
 84         <url-pattern>*.svg</url-pattern>
 85         <url-pattern>*.txt</url-pattern>
 86         <url-pattern>*.tiff</url-pattern>
 87         <url-pattern>*.gif</url-pattern>
 88         <url-pattern>*.ico</url-pattern>
 89         <url-pattern>*.jpg</url-pattern>
 90         <url-pattern>*.jpeg</url-pattern>
 91         <url-pattern>*.png</url-pattern>
 92         <url-pattern>*.ttf</url-pattern>
 93         <url-pattern>*.woff</url-pattern>
 94         <url-pattern>*.woff2</url-pattern>
 95         <url-pattern>*.eot</url-pattern>
 96         <url-pattern>/include/*</url-pattern>
 97     </servlet-mapping>
 98     
 99     <servlet>
100         <servlet-name>springMVC</servlet-name>
101         <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
102         <init-param>
103             <param-name>contextConfigLocation</param-name>
104             <param-value>classpath:beans-springmvc.xml</param-value>
105         </init-param>
106         <load-on-startup>1</load-on-startup>
107     </servlet>
108     <servlet-mapping>
109         <servlet-name>springMVC</servlet-name>
110         <url-pattern>/</url-pattern>
111     </servlet-mapping>
112 </web-app>

 

2、Spring 配置文件

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <beans xmlns="http://www.springframework.org/schema/beans"
 3     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4     xmlns:p="http://www.springframework.org/schema/p"
 5     xmlns:context="http://www.springframework.org/schema/context"
 6     xmlns:mvc="http://www.springframework.org/schema/mvc"
 7     xmlns:task="http://www.springframework.org/schema/task"
 8     xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.1.xsd
 9         http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-4.3.xsd
10         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
11         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd">
12 
13 
14     <import resource="classpath*:/beans-mybatis.xml" />
15 
16     <import resource="classpath*:/beans-jedis.xml" />
17     
18     <import resource="classpath*:/beans-shiro.xml" />
19 
20     <context:component-scan base-package="com.idbk.eastevs.webapi"></context:component-scan>
21     <context:component-scan base-package="com.idbk.eastevs.webapi.service.impl"></context:component-scan>
22     <context:component-scan base-package="com.idbk.eastevs.webapi.server"></context:component-scan>
23     
24     <bean id="app" class="org.springframework.beans.factory.config.PropertiesFactoryBean">  
25         <property name="locations">  
26             <array>  
27                 <value>classpath:app.properties</value>  
28             </array>  
29         </property>  
30     </bean>
31 
32     <bean
33         class="com.idbk.eastevs.webapi.App">
34     </bean>
35     
36     <!-- 开启定时任务注解识别 -->
37     <task:annotation-driven/>  
38 </beans>

 

3、SpringMVC配置文件

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <beans xmlns="http://www.springframework.org/schema/beans"
 3     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
 4     xmlns:mvc="http://www.springframework.org/schema/mvc"
 5     xsi:schemaLocation="http://www.springframework.org/schema/beans 
 6         http://www.springframework.org/schema/beans/spring-beans.xsd
 7         http://www.springframework.org/schema/context 
 8         http://www.springframework.org/schema/context/spring-context-4.0.xsd
 9         http://www.springframework.org/schema/mvc 
10         http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd">
11 
12 
13     <!-- 配置自动扫描的包 -->
14     <context:component-scan base-package="com.idbk.eastevs.webapi.controller"></context:component-scan>
15     <context:component-scan base-package="com.idbk.eastevs.webapi.controller.*"></context:component-scan>
16 
17     <!-- 配置视图解析器 如何把handler 方法返回值解析为实际的物理视图 -->
18     <bean
19         class="org.springframework.web.servlet.view.InternalResourceViewResolver">
20         <property name="prefix" value="/WEB-INF/jsp/"></property>
21         <property name="suffix" value=".jsp"></property>
22     </bean>
23 
24     <!-- 如果springMVC拦截了根目录,这还需要放行资源目录 <mvc:resources mapping="/include/**" location="/include/" 
25         /> -->
26 
27     <!-- 配置文件上传 -->
28     <bean id="multipartResolver"
29         class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
30         <property name="maxUploadSize" value="104857600" />
31         <property name="maxInMemorySize" value="4096" />
32         <property name="defaultEncoding" value="UTF-8"></property>
33     </bean>
34 
35     <mvc:annotation-driven>
36         <!-- 消息转换器 -->
37         <mvc:message-converters register-defaults="true">
38             <bean class="org.springframework.http.converter.StringHttpMessageConverter">
39                 <property name="supportedMediaTypes" value="text/html;charset=UTF-8" />
40             </bean>
41         </mvc:message-converters>
42     </mvc:annotation-driven>
43 
44     <!-- 配置请求拦截器 -->
45     <mvc:interceptors>
46         <!-- 多个拦截器,顺序执行 -->
47         <!-- 中电联、曹操专车拦截器 -->
48         <mvc:interceptor>
49             <!-- /**的意思是所有文件夹及里面的子文件夹 /*是所有文件夹,不含子文件夹 /是web项目的根目录 -->
50             <!-- <mvc:mapping path="/*/caocao/**" />
51             <mvc:mapping path="/caocao/**" /> -->
52             <mvc:mapping path="/**" />
53             <!-- 不拦截的地址 -->
54             <mvc:exclude-mapping path="/login" />
55             <bean id="CoreInterceptor" class="com.idbk.eastevs.webapi.CoreInterceptor" />
56         </mvc:interceptor>
57     </mvc:interceptors>
58 </beans>

 

4、Spring-Mybatis配置文件

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <beans xmlns="http://www.springframework.org/schema/beans"
 3     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
 4     xmlns:tx="http://www.springframework.org/schema/tx"
 5     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 6         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd
 7         http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd">
 8 
 9     <context:component-scan base-package="com.idbk.eastevs.webapi.pojo" />
10     <!-- 加载配置文件 -->
11     <context:property-placeholder location="classpath*:jdbc.properties"
12         ignore-unresolvable="true" />
13 
14     <!-- 配置数据源 -->
15     <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
16         destroy-method="close">
17         <property name="driverClassName" value="${jdbc.driverClassName}" />
18         <property name="url" value="${jdbc.url}" />
19         <property name="username" value="${jdbc.username}" />
20         <property name="password" value="${jdbc.password}" />
21 
22         <!-- 可同时连接的最大的连接数 -->
23         <property name="maxActive" value="${jdbc.maxActive}" />
24         <!-- 最大的空闲的连接数 -->
25         <property name="maxIdle" value="${jdbc.maxIdle}" />
26         <!-- 最小的空闲的连接数,低于这个数量会被创建新的连接,默认为0 -->
27         <property name="minIdle" value="${jdbc.minIdle}" />
28         <!-- 连接池启动时创建的初始化连接数量,默认值为0 -->
29         <property name="initialSize" value="${jdbc.initialSize}" />
30         <!-- 等待连接超时时间,毫秒,默认为无限 -->
31         <property name="maxWait" value="${jdbc.maxWait}" />
32         <!-- 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒 -->
33         <property name="timeBetweenEvictionRunsMillis" value="${jdbc.timeBetweenEvictionRunsMillis}" />
34         <!-- 配置一个连接在池中最小生存的时间,单位是毫秒 -->
35         <property name="minEvictableIdleTimeMillis" value="${jdbc.minEvictableIdleTimeMillis}" />
36         <!-- 打开removeAbandoned功能 -->
37         <property name="removeAbandoned" value="${jdbc.removeAbandoned}" />
38         <property name="removeAbandonedTimeout" value="${jdbc.removeAbandonedTimeout}" />
39         <property name="validationQuery" value="SELECT 1" />
40     </bean>
41     
42     <!-- 会话工厂bean sqlSessionFactoryBean -->
43     <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
44         <property name="dataSource" ref="dataSource" />
45         <!-- 扫描mybatis配置文件 -->
46         <property name="configLocation" value="classpath:mybatis-config.xml"></property>
47         <!-- 别名 -->
48         <property name="typeAliasesPackage" value="com.idbk.eastevs.dal.entity"></property>
49         <!-- sql映射文件路径 -->
50         <property name="mapperLocations"
51             value="classpath*:com/idbk/eastevs/dal/entity/mapper/*Mapper.xml"></property>
52     </bean>
53     
54     <!-- 自动扫描对象关系映射 -->
55     <bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
56         <!--指定会话工厂,如果当前上下文中只定义了一个则该属性可省去 -->
57         <property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
58         <!-- 指定要自动扫描接口的基础包,实现接口 -->
59         <property name="basePackage" value="com.idbk.eastevs.dal.entity.mapper" />
60     </bean>
61     
62     <!-- 声明式事务管理 -->
63     <!--定义事物管理器,由spring管理事务 -->
64     <bean id="transactionManager"
65         class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
66         <property name="dataSource" ref="dataSource" />
67     </bean>
68 
69     <!--支持注解驱动的事务管理,指定事务管理器 -->
70     <tx:annotation-driven transaction-manager="transactionManager" />
71 
72     <!-- 自定义sqlSessionFactory 工具类 -->
73     <bean id="SqlManager" class="com.idbk.eastevs.dal.SqlManager">
74         <property name="sqlSessionFactory" ref="sqlSessionFactory" />
75     </bean>
76 </beans>

 

5、Mybatis配置文件

 1 <?xml version="1.0" encoding="UTF-8" ?>
 2 <!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
 3 <configuration>
 4     <settings>
 5         <!-- 打印操作日志 -->
 6         <setting name="logImpl" value="LOG4J" />
 7     </settings>
 8     
 9     <!-- 分页插件 -->
10     <plugins>
11         <!-- com.github.pagehelper为PageHelper类所在包名 -->
12         <plugin interceptor="com.github.pagehelper.PageInterceptor">
13             <!-- 方言 -->
14             <property name="helperDialect" value="mysql" />
15             <!-- 该参数默认为false,设置为true时,使用RowBounds分页会进行count查询 -->
16             <!-- <property name="rowBoundsWithCount" value="true" /> -->
17         </plugin>
18     </plugins>
19 </configuration>

 

6、Spring-Redis配置文件

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <beans xmlns="http://www.springframework.org/schema/beans"
 3     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4     xmlns:context="http://www.springframework.org/schema/context"
 5     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 6         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd"
 7     default-lazy-init="false">
 8     
 9     <!-- 加载配置文件 -->  
10     <context:property-placeholder location="classpath*:jedis.properties" ignore-unresolvable="true"/>
11    
12     <!-- redis数据源 -->
13     <bean id="poolConfig" class="redis.clients.jedis.JedisPoolConfig">
14         <!-- 保留空闲连接数 -->
15         <property name="minIdle" value="${redis.minIdle}" />
16         <!-- 最大空连接数 -->
17         <property name="maxTotal" value="${redis.maxTotal}" />
18         <!-- 最大等待时间 -->
19         <property name="maxWaitMillis" value="${redis.maxWaitMillis}" />
20         <!-- 连接超时时是否阻塞,false时报异常,ture阻塞直到超时, 默认true -->
21          <property name="blockWhenExhausted" value="${redis.blockWhenExhausted}" /> 
22         <!-- 返回连接时,检测连接是否成功 -->
23         <property name="testOnBorrow" value="${redis.testOnBorrow}" />
24     </bean>
25 
26     <!-- Spring-redis连接池管理工厂 -->
27     <bean id="jedisConnectionFactory" class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
28         <!-- IP地址 -->
29         <property name="hostName" value="${redis.host}" />
30         <!-- 端口号 -->
31         <property name="port" value="${redis.port}" />
32         <!-- 密码 -->
33         <property name="password" value="${redis.password}" />
34         <!-- 超时时间 默认2000-->
35         <property name="timeout" value="${redis.timeout}" />
36         <!-- 连接池配置引用 -->
37         <property name="poolConfig" ref="poolConfig" />
38         <!-- usePool:是否使用连接池 -->
39         <property name="usePool" value="true"/>
40     </bean>
41 
42     <!-- redis 操作模板,集成序列化和连接管理 -->
43     <bean id="redisTemplate" class="org.springframework.data.redis.core.RedisTemplate">
44         <property name="connectionFactory" ref="jedisConnectionFactory" />
45         <property name="keySerializer">
46             <bean class="org.springframework.data.redis.serializer.StringRedisSerializer" />
47         </property>
48         <property name="valueSerializer">
49             <bean class="org.springframework.data.redis.serializer.JdkSerializationRedisSerializer" />
50         </property>
51         <property name="hashKeySerializer">
52             <bean class="org.springframework.data.redis.serializer.StringRedisSerializer" />
53         </property>
54         <property name="hashValueSerializer">
55             <bean class="org.springframework.data.redis.serializer.JdkSerializationRedisSerializer" />
56         </property>
57          <!--开启事务  -->  
58         <property name="enableTransactionSupport" value="true"></property>  
59     </bean>
60     
61     <!--自定义redis工具类,在需要缓存的地方注入此类  -->  
62     <bean id="jedis" class="com.idbk.eastevs.dal.jedis.Jedis">  
63         <property name="redisTemplate" ref="redisTemplate" />  
64     </bean>
65 
66 </beans>

 

7、jdbc配置文件

 1 #mysql jdbc
 2 jdbc.driverClassName=com.mysql.jdbc.Driver
 3 jdbc.url=${pom.jdbc.url}
 4 jdbc.username=${pom.jdbc.username}
 5 jdbc.password=${pom.jdbc.password}
 6 
 7 jdbc.initialSize=1
 8 jdbc.maxActive=60
 9 jdbc.maxIdle=60
10 jdbc.minIdle=5
11 jdbc.maxWait=30000
12 
13 jdbc.removeAbandoned:true
14 jdbc.removeAbandonedTimeout:1800
15 
16 jdbc.timeBetweenEvictionRunsMillis:60000  
17 jdbc.minEvictableIdleTimeMillis:300000 

 

8、jedis配置文件

1 redis.host=${pom.redis.host}
2 redis.port=${pom.redis.port}
3 redis.password=${pom.redis.password}
4 redis.minIdle=10
5 redis.maxTotal=50
6 redis.maxWaitMillis=3000
7 redis.blockWhenExhausted=true
8 redis.testOnBorrow=true
9 redis.timeout=5000

 

9、log4j配置文件

 1 #INFO WARN ERROR DEBUG 
 2 log4j.rootLogger=ERROR,console,file
 3 
 4 log4j.appender.console=org.apache.log4j.ConsoleAppender    
 5 log4j.appender.console.layout=org.apache.log4j.PatternLayout    
 6 log4j.appender.console.layout.ConversionPattern=[%d{yyyy-MM-dd HH\:mm\:ss,SSS}] [%p] [%t] [%C.%M(%L)] %m%n%n
 7 
 8 log4j.appender.file=org.apache.log4j.DailyRollingFileAppender
 9 log4j.appender.file.File=/home/tomcat/logall/WebApi_logs/WebApi.log
10 log4j.appender.file.DatePattern=‘.‘yyyy-MM-dd
11 log4j.appender.file.layout=org.apache.log4j.PatternLayout
12 log4j.appender.file.layout.ConversionPattern=[%d{yyyy-MM-dd HH\:mm\:ss,SSS}] [%p] [%t] [%C.%M(%L)] %m%n%n
13 log4j.appender.file.encoding=utf-8
14 
15 log4j.logger.com=ERROR
16 log4j.logger.org=ERROR
17 log4j.logger.freemarker=ERROR
18 log4j.logger.net=ERROR
19 log4j.logger.com.idbk=DEBUG 
20 
21 log4j.logger.org.springframework=DEBUG
22 log4j.logger.org.apache.ibatis=DEBUG

 

10、Spring-Shiro配置文件

  1 <?xml version="1.0" encoding="UTF-8"?>
  2 <beans xmlns="http://www.springframework.org/schema/beans"
  3     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
  5 
  6     <!-- 自定义认证和授权管理  -->
  7     <bean id="customRealm" class="com.idbk.eastevs.webapi.shiro.CustomRealm"></bean>
  8     
  9     <!-- 会话Cookie模板,maxAge=-1表示浏览器关闭时失效此Cookie -->
 10     <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
 11         <constructor-arg value="sid"/>
 12         <property name="httpOnly" value="true"/>
 13         <property name="maxAge" value="-1"/>
 14     </bean>
 15     <!-- rememberme相关 -->
 16     <bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
 17         <constructor-arg value="rememberMe" />
 18         <property name="httpOnly" value="true" />
 19         <property name="maxAge" value="604800" /><!-- 7天 -->
 20     </bean>
 21     
 22     <!-- rememberMe管理器 -->
 23     <bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
 24         <property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode(‘EASTEVShua1314520rsdag==‘)}"/>
 25         <property name="cookie" ref="rememberMeCookie"/>
 26     </bean>
 27     
 28     <!-- 基于Form表单的身份验证过滤器 --> 
 29     <!-- <bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
 30         <property name="rememberMeParam" value="rememberMe"/>
 31     </bean> -->
 32     
 33     <!-- sessionIdCookie的实现,用于重写覆盖容器默认的JSESSIONID -->
 34     <bean id="simpleCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
 35         <!-- 设置Cookie名字, 默认为: JSESSIONID 问题: 与SERVLET容器名冲突, 如JETTY, TOMCAT 等默认JSESSIONID,  
 36                                     当跳出SHIRO SERVLET时如ERROR-PAGE容器会为JSESSIONID重新分配值导致登录会话丢失! -->  
 37         <property name="name" value="SHIRO-COOKIE"/>
 38         <!-- JSESSIONID的path为/用于多个系统共享JSESSIONID -->
 39         <!-- <property name="path" value="/"/> -->
 40         <!-- 浏览器中通过document.cookie可以获取cookie属性,设置了HttpOnly=true,在脚本中就不能的到cookie,可以避免cookie被盗用 -->
 41         <property name="httpOnly" value="true"/>
 42     </bean>
 43     
 44     <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.MemorySessionDAO" />
 45     <!-- 会话管理器 -->  
 46     <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
 47         <property name="sessionDAO" ref="sessionDAO"/>
 48         <property name="sessionIdCookie" ref="simpleCookie"/>
 49         <!-- 全局的会话信息时间,,单位为毫秒  -->
 50         <property name="globalSessionTimeout" value="1800000"/>
 51         <!-- 检测扫描信息时间间隔,单位为毫秒-->
 52         <property name="sessionValidationInterval" value="60000"/>
 53         <!-- 是否开启扫描 -->
 54         <property name="sessionValidationSchedulerEnabled" value="false"/>
 55         <!-- 去掉URL中的JSESSIONID -->
 56         <property name="sessionIdUrlRewritingEnabled" value="true"/>
 57     </bean>
 58     
 59     <!-- 安全管理器 -->
 60     <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
 61         <property name="realm" ref="customRealm"></property>
 62         <property name="rememberMeManager" ref="rememberMeManager"/>
 63         <property name="sessionManager" ref="sessionManager" />
 64     </bean>
 65     
 66     <!-- Shiro生命周期处理器,保证实现了Shiro内部lifecycle函数的bean执行-->  
 67     <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>  
 68     
 69     <!-- 自定义shiro的filter -->
 70     <bean id="shiroAjaxFilter" class="com.idbk.eastevs.webapi.shiro.ShiroAjaxFilter" />
 71     
 72     <!-- 配置ShiroFilter -->
 73     <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
 74         <property name="securityManager" ref="securityManager"></property>
 75         <!-- 登入页面 -->
 76         <property name="loginUrl" value="/login"></property>
 77         <property name="successUrl" value="/index"></property>        
 78         <!-- 未授权的跳转 -->
 79         <property name="unauthorizedUrl" value="other/unauthorized.jsp"/>
 80         <property name="filterChainDefinitions">
 81             <value>
 82                 /caocao/** = anon
 83                 /evcs/** = anon
 84                 /resource/** = anon
 85                 /system/** = anon
 86                 /pay/** = anon
 87                 
 88                 /include/** = anon
 89                 /login = anon
 90                 /logout = logout
 91                 /captcha = anon
 92                 /unauthorized = anon
 93                 /ajax/login = anon
 94                 /ajax/register = anon
 95                 /ajax/** = shiroAjaxFilter
 96                 /** = user
 97             </value>
 98         </property>
 99     </bean>
100     
101     <!-- 开启Shiro Spring AOP 权限注解的支持 -->
102     <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/>
103     <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
104         <property name="securityManager" ref="securityManager"/>
105     </bean>
106     
107 </beans>

 

11、自定义CustomRealm

 1 package com.idbk.eastevs.webapi.shiro;
 2 
 3 import org.apache.log4j.Logger;
 4 import org.apache.shiro.authc.AuthenticationException;
 5 import org.apache.shiro.authc.AuthenticationInfo;
 6 import org.apache.shiro.authc.AuthenticationToken;
 7 import org.apache.shiro.authc.SimpleAuthenticationInfo;
 8 import org.apache.shiro.authc.UsernamePasswordToken;
 9 import org.apache.shiro.authz.AuthorizationInfo;
10 import org.apache.shiro.authz.SimpleAuthorizationInfo;
11 import org.apache.shiro.realm.AuthorizingRealm;
12 import org.apache.shiro.subject.PrincipalCollection;
13 import org.springframework.beans.factory.annotation.Autowired;
14 
15 import com.idbk.eastevs.webapi.App;
16 
17 /**
18  * @Author Tophua 
19  * @Date 2018年12月4日
20  * @Description 自定义shiro认证和授权处理
21  */
22 public class CustomRealm extends AuthorizingRealm {
23 
24     private static final Logger Log = Logger.getLogger(CustomRealm.class);
25     
26     @Autowired
27     App app;
28     
29     /**
30      * 授权、权限验证
31      */
32     @Override
33     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
34 //        Integer userId = (Integer) principals.getPrimaryPrincipal();
35         // 数据库获取权限
36         
37         SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
38         //加入角色
39         info.addRole("super");
40 //        info.setRoles(roles);
41         // 加入权限
42         info.addStringPermission("*");
43 //        info.setStringPermissions(stringPermissions);
44         return info;
45     }
46 
47     /**
48      * 身份认证、登录
49      */
50     @Override
51     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
52         UsernamePasswordToken _token = (UsernamePasswordToken) token;
53         String username = _token.getUsername();
54         String password = String.valueOf(_token.getPassword());
55         /**
56          * 做数据库登录验证,在此只先提供超级用户登录
57          * 
58          */
59         if (password.equals(app.getSuperPassword())) {
60             Log.info("超级用户登录,用户名:" + username);
61         } else {
62             throw new AuthenticationException();
63         }
64         
65         //此处无需比对,比对的逻辑Shiro会做,我们只需返回一个和令牌相关的正确的验证信息  
66         //说白了就是第一个参数填登录用户名,第二个参数填合法的登录密码(可以是从数据库中取到的)  
67         //这样一来,在随后的登录页面上就只有这里指定的用户和密码才能通过验证 
68         SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, password, getName());
69         return info;
70     }
71 
72 }

 

12、登录模型

 1 package com.idbk.eastevs.webapi.controller.inner.ajax;
 2 
 3 import org.apache.shiro.SecurityUtils;
 4 import org.apache.shiro.authc.AuthenticationException;
 5 import org.apache.shiro.authc.LockedAccountException;
 6 import org.apache.shiro.authc.UnknownAccountException;
 7 import org.apache.shiro.authc.UsernamePasswordToken;
 8 import org.apache.shiro.subject.Subject;
 9 import org.springframework.beans.factory.annotation.Autowired;
10 import org.springframework.web.bind.annotation.RequestMapping;
11 import org.springframework.web.bind.annotation.RequestParam;
12 import org.springframework.web.bind.annotation.RestController;
13 
14 import com.idbk.eastevs.webapi.App;
15 import com.idbk.eastevs.webapi.json.Result;
16 
17 /**
18  * @Author Tophua 
19  * @Date 2018年11月30日
20  * @Description 
21  */
22 @RestController
23 @RequestMapping("/ajax")
24 public class LoginMngController {
25 
26     @Autowired
27     App app;
28     
29     @RequestMapping("/login")
30     private Result login(
31             @RequestParam("loginName") String loginName, 
32             @RequestParam("password") String password, 
33             @RequestParam(name="rememberMe",required=false,defaultValue="false") boolean rememberMe
34             ) {
35         UsernamePasswordToken token = new UsernamePasswordToken(loginName, password, rememberMe);
36         Subject subject = SecurityUtils.getSubject();
37         try
38         {
39             subject.login(token);    
40             return Result.ok();            
41         }
42         catch (UnknownAccountException e)
43         {
44             return Result.failed("账号不存在");
45         }
46         catch (LockedAccountException e)
47         {
48             return Result.failed("账号不可用");
49         }
50         catch (AuthenticationException e)
51         {
52         }
53         return Result.failed("账号或密码错误");
54     }
55 }

 

13、全局异常管理

 1 package com.idbk.eastevs.webapi;
 2 
 3 import javax.servlet.http.HttpServletRequest;
 4 
 5 import org.apache.log4j.Logger;
 6 import org.apache.shiro.SecurityUtils;
 7 import org.apache.shiro.authz.UnauthorizedException;
 8 import org.apache.shiro.subject.Subject;
 9 import org.springframework.beans.factory.annotation.Autowired;
10 import org.springframework.web.bind.annotation.ControllerAdvice;
11 import org.springframework.web.bind.annotation.ExceptionHandler;
12 import org.springframework.web.bind.annotation.ModelAttribute;
13 import org.springframework.web.bind.annotation.ResponseBody;
14 
15 import com.idbk.eastevs.webapi.json.Result;
16 
17 /**
18  * @Author Tophua 
19  * @Date 2018年12月5日
20  * @Description 内部异常处理
21  */
22 @ControllerAdvice("com.idbk.eastevs.webapi.controller.inner")
23 public class SysInnerExceptionHandle {
24 
25     private static final Logger LOG = Logger.getLogger(SysInnerExceptionHandle.class);
26 
27     @Autowired
28     App app;
29     
30     @ModelAttribute("app")
31     public App getMyAppInfo() {
32         return app;
33     }
34     
35     @ModelAttribute("user")
36     public String getUser() {
37         Subject subject = SecurityUtils.getSubject();
38         return (String) subject.getPrincipal();
39     }
40     
41     @ModelAttribute("menu")
42     public String getMenu(HttpServletRequest request) {
43         return request.getRequestURI();
44     }
45     
46     /**
47      * 权限验证失败时异常
48      * @param e
49      * @return
50      */
51     @ExceptionHandler(UnauthorizedException.class)
52     String handleUnauthorizedException(UnauthorizedException e) {
53         LOG.error(e.getMessage(), e);
54         return "other/unauthorized.jsp";
55     }
56     
57     @ExceptionHandler(Exception.class)
58     @ResponseBody
59     Result handleException(Exception e) {
60         LOG.error(e.getMessage(), e);
61         return Result.sysBusy();
62     }
63 }

 

总结:

  现多项目多用此技术,常用配置足以满足项目要求。如需进一步了解,建议看官方文档!

 

至此结束!

多多关注!

 

Shiro参考:https://www.iteye.com/blogs/subjects/shiro

 

SSM+Redis+Shiro+Maven框架搭建及集成应用

标签:apache   pool   lis   参数   ppi   connect   .sql   context   1.0   

原文地址:https://www.cnblogs.com/top-sky-hua/p/10138729.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!