基于springmvc+mybatis的shiro搭建实例

 

1.导入以来的jar包，这里只列出关于shiro的

<dependency>

<groupId>org.apache.shiro</groupId>

<artifactId>shiro-core</artifactId>

<version>${shiro.version}</version>

</dependency>

<dependency>

<groupId>org.apache.shiro</groupId>

<artifactId>shiro-spring</artifactId>

<version>${shiro.version}</version>

</dependency>

<dependency>

<groupId>org.apache.shiro</groupId>

<artifactId>shiro-web</artifactId>

<version>${shiro.version}</version>

</dependency>

<dependency>

<groupId>org.apache.shiro</groupId>

<artifactId>shiro-ehcache</artifactId>

<exclusions>

<exclusion>

<groupId>net.sf.ehcache</groupId>

<artifactId>ehcache-core</artifactId>

</exclusion>

</exclusions>

<version>${shiro.version}</version>

</dependency>

 

2.编写配置文件 application-shiro.xml

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jee="http://www.springframework.org/schema/jee"

xmlns:tx="http://www.springframework.org/schema/tx" xmlns:util="http://www.springframework.org/schema/util"

xmlns:context="http://www.springframework.org/schema/context"

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"

default-lazy-init="true">

 

<!--shiro的配置，关键两点，配置SecurityManager和依赖的RealM -->

<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">

<!-- <property name="cacheManager" ref="shiroEhcacheManager" /> -->

<property name="realm" ref="myRealm"/>

 

</bean>

 

<bean id="shiroSessionManager"

class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">

<!-- default:1 hours -->

<property name="globalSessionTimeout" value="3600000" />

<property name="sessionValidationScheduler" ref="sessionValidationScheduler" />

<property name="sessionValidationSchedulerEnabled" value="true" />

<property name="deleteInvalidSessions" value="false" />

</bean>

 

<!-- 用户授权信息Cache, 采用EhCache -->

<!-- <bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> -->

<!-- <property name="cacheManagerConfigFile" value="classpath:ehcache-shiro.xml" /> -->

<!-- </bean> -->

 

<!-- Shiro Filter -->

<!-- Shiro主过滤器本身功能十分强大,其强大之处就在于它支持任何基于URL路径表达式的、自定义的过滤器的执行 -->

<!-- Web应用中,Shiro可控制的Web请求必须经过Shiro主过滤器的拦截,Shiro对基于Spring的Web应用提供了完美的支持 -->

<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">

<!-- Shiro的核心安全接口,这个属性是必须的 -->

<property name="securityManager" ref="securityManager" />

<property name="loginUrl" value="/login" />

<property name="successUrl" value="/main" />

<property name="unauthorizedUrl" value="/login" />

<property name="filterChainDefinitions">

<value>

/login = anon

/js/**=anon

/** =authc

</value>

</property>

</bean>

<bean id="myRealm" class ="com.util.OracleJdbcRealm">

</bean>

</beans>

 

3.编写com.util.OracleJdbcRealm继承JdbcRealm，主要是编写获取认证信息和授权信息方法

package com.util;

 

import java.util.List;

 

import org.apache.shiro.SecurityUtils;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.jdbc.JdbcRealm;

import org.apache.shiro.session.Session;

import org.apache.shiro.subject.PrincipalCollection;

import org.apache.shiro.subject.Subject;

import org.apache.shiro.util.ByteSource;

import org.springframework.beans.factory.annotation.Autowired;

 

import com.dao.entity.Operator;

import com.dao.entity.OperatorRole;

import com.dao.entity.UserInfo;

import com.service.SystemPersonnelCollectionService;

 

public class OracleJdbcRealm extends JdbcRealm {

 

@Autowired

private SystemPersonnelCollectionService loginService;

//认证信息

@Override

protected AuthenticationInfo doGetAuthenticationInfo(

AuthenticationToken auToken) throws AuthenticationException {

UsernamePasswordToken token = (UsernamePasswordToken) auToken;

String userName = token.getUsername();

 

try {

Operator user = loginService.getOperatorByOperatorNo(token

.getUsername());

 

System.out.println("userName:" + user.getOperatorNo());

if (user != null) {

SimpleAuthenticationInfo sai = new SimpleAuthenticationInfo(

userName, user.getOperatorPassword(), getName());

sai.setCredentialsSalt(ByteSource.Util.bytes(userName));

/**

* 将用户信息放到session

*/

UserInfo userInfo = new UserInfo();

userInfo.setOperator(user);

userInfo.setIp(token.getHost());

setSession("USER_INFO", userInfo);

return sai;

} else {

return null;

}

} catch (Exception e) {

throw new AuthenticationException(e.getMessage(), e);

}

}

 

private void setSession(Object key, Object value) {

Subject currentUser = SecurityUtils.getSubject();

if (null != currentUser) {

Session session = currentUser.getSession();

if (null != session) {

session.setAttribute(key, value);

}

}

}

 

//授权信息

@Override

protected AuthorizationInfo doGetAuthorizationInfo(

PrincipalCollection principals) {

 

UserInfo userInfo = SpringSecurityUtils.getCurrentUser();

 

List<OperatorRole> operatorRoles = loginService

.getRoleByOperatorId(String.valueOf(userInfo.getOperatorId()));

SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

for (OperatorRole role : operatorRoles) {// 添加角色

simpleAuthorizationInfo.addRole(role.getRoleName());

}

// 设置网格操作权限

// if(userInfo.getGridId() != null){}

// if (simpleAuthorizationInfo.getRoles().contains("admin")

// || userInfo.getGridId() != null) {

// simpleAuthorizationInfo.addStringPermissions(loginService

// .findAllChildGridById("grid:edit:", userInfo.getGridId()));

// }

return simpleAuthorizationInfo;

}

 

}

 

4.编写mybatis连接数据库需要的Java类和映射文件

OperatorMapper.xml文件内容如下：

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >

<mapper namespace="com.dao.mapper.OperatorMapper">

<resultMap id="result_getOperatorByOperatorNo" type="com.dao.entity.Operator">

<id property="operatorId" column="OPERATOR_ID" />

<result property="employeeId" column="EMPLOYEE_ID" />

<result property="operatorNo" column="OPERATOR_NO" />

<result property="operatorType" column="OPERATOR_TYPE" />

<result property="operatorPassword" column="OPERATOR_PASSWORD" />

<result property="operatorStatus" column="OPERATOR_STATUS" />

<result property="createTime" column="CREATE_TIME" />

<result property="modifyTime" column="MODIFY_TIME" />

<result property="gridId" column="GRID_ID" />

<result property="operatorName" column="OPERATOR_NAME" />

<result property="operatorTel" column="OPERATOR_TEL" />

<result property="operatorEmail" column="OPERATOR_EMAIL" />

<result property="gridOpType" column="GRID_OP_TYPE" />

<result property="gridOpImg" column="GRID_OP_IMG" />

</resultMap>

 

<sql id="operator_column">

OPERATOR_ID, EMPLOYEE_ID, OPERATOR_NO, OPERATOR_TYPE,

OPERATOR_PASSWORD, OPERATOR_STATUS, CREATE_TIME, MODIFY_TIME,

GRID_ID,

OPERATOR_NAME, OPERATOR_TEL, OPERATOR_EMAIL, GRID_OP_TYPE,GRID_OP_IMG

</sql>

<!-- 根据用户名获取操作员信息 -->

<select id="getOperatorByOperatorNo" parameterType="string"

resultMap="result_getOperatorByOperatorNo">

SELECT

<include refid="operator_column" />

FROM T_OPERATOR WHERE OPERATOR_NO= #{operatorNo}

</select>

 

<resultMap id="result_getRoleByOperatorId"

type="com.dao.entity.OperatorRole">

<id property="operatorRoleId" column="OPERATOR_ROLE_ID" />

<result property="operatorId" column="OPERATOR_ID" />

<result property="roleId" column="ROLE_ID" />

<result property="roleName" column="ROLE_NAME" />

</resultMap>

<select id="getRoleByOperatorId" resultMap="result_getRoleByOperatorId">

SELECT

OPERATOR_ROLE_ID,OPERATOR_ID,ROLE_ID,(SELECT ROLE_NAME FROM T_ROLE

WHERE ROLE_ID = TOR.ROLE_ID) ROLE_NAME

FROM T_OPERATOR_ROLE TOR

WHERE

OPERATOR_ID = #{operatorId}

</select>

 

</mapper>

 

com.dao.entity.Operator实体类：

 

package  com.dao.entity;

 

import java.io.Serializable;

import java.util.Date;

 

public class Operator implements Serializable{

/**

* 

*/

private static final long serialVersionUID = 7642745218798808968L;

private Long operatorId; // 操作员ID 

private Long employeeId; // 员工ID 

private String operatorNo; // 操作员账号 

private String operatorType; // 1系统管理员;2网格管理员;3:网格操作员

private String operatorPassword; // 登陆口令

private String operatorStatus = "1"; // 操作员状态1有效0归档 

private Date createTime; // 创建时间 

private Date modifyTime; // 修改时间

private Long gridId;//网格操作员所属的网格

private String operatorName; // 操作员名称 

private String operatorTel; // 操作员电话

private String operatorEmail; // 操作员邮箱 

private String operatorRoleId; //操作员角色

private String gridOpType; //网格员类型1: 网格管理员（社区居委管理人员）、2: 网格协管员（机关包片干部）、3: 网格警务员（片警）、4:网格监督员

private String gridOpImg;//网格员照片URL

/**

* 获取 操作员ID

*/

public Long getOperatorId(){

return this.operatorId;

}

 

/**

* 设置 操作员ID

*/

public void setOperatorId(Long operatorId){

this.operatorId=operatorId;

}

 

/**

* 获取 员工ID

*/

public Long getEmployeeId(){

return this.employeeId;

}

 

/**

* 设置 员工ID

*/

public void setEmployeeId(Long employeeId){

this.employeeId=employeeId;

}

 

/**

* 获取 操作员账号

*/

public String getOperatorNo(){

return this.operatorNo;

}

 

/**

* 设置 操作员账号

*/

public void setOperatorNo(String operatorNo){

this.operatorNo=operatorNo;

}

 

/**

* 获取 1管理员2业务操作员

*/

public String getOperatorType(){

return this.operatorType;

}

 

/**

* 设置 1管理员2业务操作员

*/

public void setOperatorType(String operatorType){

this.operatorType=operatorType;

}

 

/**

* 获取 登陆口令LGN_PWD

*/

public String getOperatorPassword(){

return this.operatorPassword;

}

 

/**

* 设置 登陆口令LGN_PWD

*/

public void setOperatorPassword(String operatorPassword){

this.operatorPassword=operatorPassword;

}

 

/**

* 获取 操作员状态OP_STT1有效0归档

*/

public String getOperatorStatus(){

return this.operatorStatus;

}

 

/**

* 设置 操作员状态OP_STT1有效0归档

*/

public void setOperatorStatus(String operatorStatus){

this.operatorStatus=operatorStatus;

}

 

/**

* 获取 null

*/

public Date getCreateTime(){

return this.createTime;

}

 

/**

* 设置 null

*/

public void setCreateTime(Date createTime){

this.createTime=createTime;

}

 

/**

* 获取 null

*/

public Date getModifyTime(){

return this.modifyTime;

}

 

/**

* 设置 null

*/

public void setModifyTime(Date modifyTime){

this.modifyTime=modifyTime;

}

 

public String getOperatorName() {

return operatorName;

}

 

public void setOperatorName(String operatorName) {

this.operatorName = operatorName;

}

 

public String getOperatorTel() {

return operatorTel;

}

 

public void setOperatorTel(String operatorTel) {

this.operatorTel = operatorTel;

}

 

public String getOperatorEmail() {

return operatorEmail;

}

 

public void setOperatorEmail(String operatorEmail) {

this.operatorEmail = operatorEmail;

}

 

public String getOperatorRoleId() {

return operatorRoleId;

}

 

public void setOperatorRoleId(String operatorRoleId) {

this.operatorRoleId = operatorRoleId;

}

 

public Long getGridId() {

return gridId;

}

 

public void setGridId(Long gridId) {

this.gridId = gridId;

}

 

public String getGridOpType() {

return gridOpType;

}

 

public void setGridOpType(String gridOpType) {

this.gridOpType = gridOpType;

}

 

public String getGridOpImg() {

return gridOpImg;

}

 

public void setGridOpImg(String gridOpImg) {

this.gridOpImg = gridOpImg;

}

 

public String toString(){

StringBuffer sb = new StringBuffer();

sb.append("operatorId="+operatorId).append(";");

sb.append("employeeId="+employeeId).append(";");

sb.append("operatorNo="+operatorNo).append(";");

sb.append("operatorType="+operatorType).append(";");

sb.append("operatorPassword="+operatorPassword).append(";");

sb.append("operatorStatus="+operatorStatus).append(";");

sb.append("createTime="+createTime).append(";");

sb.append("modifyTime="+modifyTime).append(";");

sb.append("operatorName="+operatorName).append(";");

sb.append("operatorTel="+operatorTel).append(";");

sb.append("operatorEmail="+operatorEmail).append(";");

sb.append("gridOpType="+gridOpType).append(";");

sb.append("gridOpImg="+gridOpImg).append(";");

return sb.toString();

}

 

}

com.dao.entity.OperatorRole实体类：

package  com.dao.entity;

 

import java.io.Serializable;

 

public class OperatorRole implements Serializable{

 

/**

* 

*/

private static final long serialVersionUID = -7384310951225091546L;

 

private Long operatorRoleId; // ID

private String operatorId; // 操作员ID

private String roleId; // 角色代码 

private String roleName;

public Long getOperatorRoleId() {

return operatorRoleId;

}

public void setOperatorRoleId(Long operatorRoleId) {

this.operatorRoleId = operatorRoleId;

}

public String getOperatorId() {

return operatorId;

}

public void setOperatorId(String operatorId) {

this.operatorId = operatorId;

}

public String getRoleId() {

return roleId;

}

public void setRoleId(String roleId) {

this.roleId = roleId;

}

public String getRoleName() {

return roleName;

}

public void setRoleName(String roleName) {

this.roleName = roleName;

}

 

 

}

 

com.dao.mapper.OperatorMapper接口：

package com.dao.mapper;

 

import java.util.List;

import java.util.Map;

 

import org.apache.ibatis.annotations.Param;

import org.apache.ibatis.session.RowBounds;

 

import com.dao.entity.Operator;

import com.dao.entity.OperatorRole;

 

/**

 * 系统菜单

 * 

 * @author cykj

 * 

 */

public interface OperatorMapper {

/**

* 根据用户名获取操作员信息

* 

* @param operatorNo

* @return

*/

Operator getOperatorByOperatorNo(String operatorNo);

 

/**

* 查询用户角色

* 

* @param operatorId

* @return

*/

public List<OperatorRole> getRoleByOperatorId(String operatorId);

 

}

 

 

6.编写服务接口和服务类

接口

package com.service;

 

import java.util.List;

 

import com.dao.entity.Operator;

import com.dao.entity.OperatorRole;

 

 

/**

 * 系统人员管理大接口____________服务端

 */

public interface SystemPersonnelCollectionService {

 

/**

* 根据操作员工号取得操作员信息

* 

* @param operatorNo

* @return

*/

public Operator getOperatorByOperatorNo(String operatorNo); // 测试

 

/**

* 查询用户对应的角色

* 

* @param operatorId

* @return

*/

public List<OperatorRole> getRoleByOperatorId(String operatorId);

 

}

 

 

实现类：

package com.service.impl;

 

import java.util.List;

 

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Service;

 

import com.dao.entity.Operator;

import com.dao.entity.OperatorRole;

import com.dao.mapper.OperatorMapper;

import com.service.SystemPersonnelCollectionService;

 

@Service("loginService")

public class SystemPersonnelCollectionServiceImpl implements

SystemPersonnelCollectionService {

 

@Autowired

OperatorMapper operatorMapper;

 

@Override

public Operator getOperatorByOperatorNo(String operatorNo) {

return operatorMapper.getOperatorByOperatorNo(operatorNo);

}

 

@Override

public List<OperatorRole> getRoleByOperatorId(String operatorId) {

return operatorMapper.getRoleByOperatorId(operatorId);

}

 

}

 

7.编写前台登陆界面和controller

前台登陆界面 login.jsp:

<%@ page language="java" contentType="text/html; charset=UTF-8"%>

<html>

<head>

<title>登陆</title>

<link href="/js/easyui-1.3.6/themes/default/easyui.css" rel="stylesheet"

type="text/css" />

<link href="/js/easyui-1.3.6/themes/icon.css" rel="stylesheet"

type="text/css" />

<script src="/js/jquery-1.9.1.min.js" type="text/javascript"></script>

<script src="/js/easyui-1.3.6/jquery.easyui.min.js"

type="text/javascript"></script>

</head>

<body>

<div class="box">

<div class="login">

<form id="loginForm" method="post" class="form">

<table border="0" cellpadding="0" cellspacing="0">

<tr>

<td style="font-size: 16px; color: #0e7b9a; font-weight: bold;">用户名：</td>

<td style="padding-left: 10px;" colspan="2"><input

type="text" id="username" name="username" class="text"

onkeydown="if(event.keyCode==13)$('#password').focus();"></td>

</tr>

<tr>

<td style="font-size: 16px; color: #0e7b9a; font-weight: bold;">密

码：</td>

<td style="padding-left: 10px;" colspan="2"><input

type="password" id="password" name="password"

onkeydown="if(event.keyCode==13)loginFun();" class="text"></td>

</tr>

<tr>

<td></td>

<td colspan="2" style="padding-left: 10px;"><input

type="button" onclick="loginFun()" class="button" value="登　　陆"><input

type="reset" class="button" value="清　　空"

style="margin-left: 32px;"></td>

</tr>

</table>

</form>

 

</div>

<div id="errorMessages" class="tips"></div>

</div>

</body>

</html>

<script type="text/javascript">

function loginFun() {

var $form = $('#loginForm');//选中的tab里面的form

 

$.post('/login', $form.serialize(), function(data) {

alert(data.success);

if (data.success) {

alert("alert");

self.location.href = 'main';

} else {

$('#errorMessages').html("&nbsp;" + data.msg).show();

}

}, 'json');

 

}

</script>

 

登陆成功后的main.jsp:

<%@ page language="java" contentType="text/html; charset=UTF-8"%>

<html>

<head>

<title>登陆成功</title>

</head>

<body>

 登陆成功

</body>

</html>

 

 

controller 类：

package com.controller;

 

import java.io.PrintWriter;

 

import javax.servlet.http.HttpServletRequest;

 

import org.apache.shiro.SecurityUtils;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.subject.Subject;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.RequestMethod;

 

import com.google.gson.Gson;

import com.util.SpringSecurityUtils;

 

@Controller

public class LoginController {

 

@RequestMapping(value="login",method=RequestMethod.POST)

public void login(HttpServletRequest request,PrintWriter out){

String userName = request.getParameter("username");

String password = request.getParameter("password");

String pass = SpringSecurityUtils.generatePassword(userName, password);

 

Subject subject = SecurityUtils.getSubject();

         subject.login(new UsernamePasswordToken(userName, pass));

         Gson gson = new Gson();

         if(subject.isAuthenticated()){

        String success = "true";

       

        out.print("{\"success\":\"true\"}");

         }

 

       

 

}

 

 

@RequestMapping(value = "login", method = RequestMethod.GET)

public String showLoginForm() {

return "login";

}

 

@RequestMapping("main")

public String showMain(){

return "main";

}

 

}

 

详细的源码见附件