标签:
1、新建一个Maven的war工程,并在pom.xml中增加如下依赖。
<dependency> <groupId>org.springframework</groupId> <artifactId>spring-web</artifactId> <version>4.0.9.RELEASE</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>3.1.0</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-quartz</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>commons-collections</groupId> <artifactId>commons-collections</artifactId> <version>3.2.1</version> </dependency> <dependency> <groupId>javax.servlet.jsp</groupId> <artifactId>jsp-api</artifactId> <version>2.2</version> </dependency>
2、在web.xml中增加如下内容。
<context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:spring-core.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <async-supported>true</async-supported> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
3、新增两个页面,分别为login.jsp和index.jsp,主要用于展示登录界面和主界面。
login.jsp
<%@page language="java" pageEncoding="UTF-8"%> <html> <head> <title>shiro-spring登录页面</title> <style>.error{color:red;}</style> </head> <body> <div class="error">${error}</div> <form action="" method="post"> 用户名:<input name="username" type="text"> 密码:<input name="password" type="password"> <button type="submit">登录</button> </form> </body> </html>
index.jsp
<%@page language="java" pageEncoding="UTF-8"%> <%@taglib prefix="shiro" uri="http://shiro.apache.org/tags"%> <html> <head> <title>shiro-spring欢迎页面</title> </head> <body> <shiro:guest> 欢迎游客访问,<a href="${pageContext.request.contextPath}/login.jsp">点击登录</a><br/> </shiro:guest> <shiro:user> 欢迎[<shiro:principal/>]登录,<a href="${pageContext.request.contextPath}/logout">点击退出</a><br/> </shiro:user> </body> </html>
4、新增一个UserRealm类,用于实现用户登录操作的相关校验。这里为了简化,写死了用户名、密码和盐值。用户名:admin,密码:123456
package org.cloud.shiro.realm; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; public class UserRealm extends AuthorizingRealm{ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { return null; } protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username=(String) token.getPrincipal(); SimpleAuthenticationInfo authenticationInfo=new SimpleAuthenticationInfo(username,"123456",ByteSource.Util.bytes(username+"8d78869f470951332959580424d4bf4f"),getName()); return authenticationInfo; } }
5、新增spring-core.xml文件,主要用于shiro的配置。注意其中需要配置上面所编写的UserRealm类。
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd"> <!-- Realm实现 --> <bean id="userRealm" class="org.cloud.shiro.realm.UserRealm" /> <!-- 会话ID生成器 --> <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator" /> <!-- 会话Cookie模板 --> <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> <constructor-arg value="sid" /> <property name="httpOnly" value="true" /> <property name="maxAge" value="180000" /> </bean> <!-- 会话DAO --> <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"> <property name="activeSessionsCacheName" value="shiro-activeSessionCache" /> <property name="sessionIdGenerator" ref="sessionIdGenerator" /> </bean> <!-- 会话验证调度器 --> <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler"> <property name="sessionValidationInterval" value="1800000" /> <property name="sessionManager" ref="sessionManager" /> </bean> <!-- 会话管理器 --> <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> <property name="globalSessionTimeout" value="1800000" /> <property name="deleteInvalidSessions" value="true" /> <property name="sessionValidationSchedulerEnabled" value="true" /> <property name="sessionValidationScheduler" ref="sessionValidationScheduler" /> <property name="sessionDAO" ref="sessionDAO" /> <property name="sessionIdCookieEnabled" value="true" /> <property name="sessionIdCookie" ref="sessionIdCookie" /> </bean> <!-- 安全管理器 --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="userRealm" /> <property name="sessionManager" ref="sessionManager" /> </bean> <bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter"> <property name="usernameParam" value="username" /> <property name="passwordParam" value="password" /> </bean> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <property name="loginUrl" value="/login.jsp" /> <property name="successUrl" value="/index.jsp" /> <property name="filters"> <map> <entry key="authc" value-ref="formAuthenticationFilter"></entry> </map> </property> <property name="filterChainDefinitions"> <value> /login.jsp = authc /logout = logout /** = user </value> </property> </bean> <!-- Shiro生命周期处理器 --> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> </beans>
6、启动项目后,访问login.jsp后,会显示登录界面,输入用户名和密码后,可以进入到index.jsp页面。当然点击退出按钮后,返回至登录页面中。如果未登录系统,在地址栏中直接访问index.jsp是会被返回至登录页面中的。
到此,一个简单的shiro示例就搭建完成,大家可以根据项目的实际需要扩展内容。本文主要简单列举了一下shiro的示例,主要为shiro的首次学习者做一个开场示例,若要深入掌握shiro,还需自己多学习,多实践。
标签:
原文地址:http://my.oschina.net/zhaoyun1985/blog/477565