springboot-shiro(大集合)

pom.xml#

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.lu</groupId>
    <artifactId>shiro-springboot</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>shiro-springboot</name>
    <description>shiro-springboot</description>
    <properties>
        <java.version>17</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>

<!--        shiro整合spring boot-->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.10.0</version>
        </dependency>

        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>2.2.2</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jdbc</artifactId>
        </dependency>

        <dependency>
            <groupId>com.mysql</groupId>
            <artifactId>mysql-connector-j</artifactId>
            <scope>runtime</scope>
        </dependency>

        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <version>1.18.24</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/com.github.theborakompanioni/thymeleaf-extras-shiro -->
        <dependency>
            <groupId>com.github.theborakompanioni</groupId>
            <artifactId>thymeleaf-extras-shiro</artifactId>
            <version>2.1.0</version>
        </dependency>




    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

application.yml#

spring:
  datasource:
    username: root
    password: root
    url: jdbc:mysql://localhost:3306/jz923?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8
    driver-class-name: com.mysql.cj.jdbc.Driver


  #整合mybatis
  thymeleaf:
    cache: false
mybatis:
  type-aliases-package: com.lu.pojo
  mapper-locations: classpath:mapper/*.xml

resources下面的静态资源#

login.html#

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<p th:text="${mss}" style="color: red"></p>
<form th:action="@{/login}">
    <input type="text" name="username">用户名
    <input type="password" name="password">密码<br>
    <input type="submit">
</form>

</body>
</html>

index.html#

<!DOCTYPE html>
<html lang="en"
      xmlns:th="http://www.thymeleaf.org"
      xmlns:shiro="	https://github.com/theborakompanioni/thymeleaf-extras-shiro">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>首页</h1>
<h1 th:text="${msg}"></h1>
<div shiro:hasPermission="">
    <a th:href="@{/add}">add</a>
</div>
<!--<div shiro:hasPermission="">这句话始终不成功-->
<div shiro:hasPermission="">
    <a th:href="@{/update}">update</a>
</div>

</body>
</html>

mapper.userMapper.xml#

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.lu.mapper.UserMapper">
    <select id="getUser" resultType="User">
        select * from user
    </select>

    <select id="selectUser" parameterType="String" resultType="user">
        select * from user where name=#{name}
    </select>

</mapper>

lu.pojo#

package com.lu.pojo;


import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;

@Data
@AllArgsConstructor
@NoArgsConstructor
public class User {
    private int id;
    private String name;
    private String pwd;
    private String geology;
}

lu.mapper#

package com.lu.mapper;


import com.lu.pojo.User;
import org.apache.ibatis.annotations.Mapper;
import org.springframework.stereotype.Repository;

import java.util.List;

@Mapper
@Repository
public interface UserMapper {
    List<User> getUser();
    User selectUser(String name);
}

lu.controller#

package com.lu.controller;


import org.apache.catalina.security.SecurityUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class MyController {
    @RequestMapping({"/","/index"})
    public String Text(Model model){
        model.addAttribute("msg","helloShiro");
        return "index";
    }
    @RequestMapping("/add")
    public String Text2(){
        return "user/add";
    }
    @RequestMapping("/update")
    public String Text3(){
        return "user/update";
    }
    @RequestMapping("/toLogin")
    public String ToLogin(){
        return "login";
    }
    @RequestMapping("/login")
    public String login(String username,String password,Model model){
        Subject subject = SecurityUtils.getSubject();
        //封装用户的登录数据
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username,password);

        try {
            subject.login(usernamePasswordToken);//执行登录方法如果没有异常就说明ok了
            return "index";
        } catch (UnknownAccountException e) {//用户名不存在
            model.addAttribute("mss","用户名错误");
            return "login";
        } catch (IncorrectCredentialsException e){//密码不存在
            model.addAttribute("mss","密码错误");
            return "login";
        }

    }


    @ResponseBody
    @RequestMapping("/unexpected")
    public String unexpected(){
        return "未经授权不能访问此页面";
    }
}

lu.cofig.shiroconfig#

package com.lu.config;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.sound.sampled.AudioFileFormat;
import javax.swing.*;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;


@Configuration
public class ShiroConfig   {
//    subject用户,securityManager管理所有用户,Realm连接数据 3
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("SecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);

        //添加shiro内置的过滤器
        //anon:无需认证就可以访问
        //authc:必须认证才可以访问
        //user:必须拥有 记住我功能才能用
        //perms:拥有对某个资源的权限才能访问
        //role:拥有某个角色权限才能访问
        Map<String, String> objectObjectHashMap = new LinkedHashMap<>();
        objectObjectHashMap.put("/add","perms[周口市]");
        objectObjectHashMap.put("/update","perms[焦作市]");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(objectObjectHashMap);
        //设置登录页面
        shiroFilterFactoryBean.setLoginUrl("/toLogin");
        //设置未授权页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/unexpected");
        return shiroFilterFactoryBean;
    }

    //DefaultWebSecurityManager:这些东西是固定的 2
    @Bean(name = "SecurityManager")
    public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //关联userRealm
        defaultWebSecurityManager.setRealm(userRealm);
        return defaultWebSecurityManager;
    }

    //创建realm,需要自定义类 1
    @Bean   //通过@Qualifier绑定userRealm
    public UserRealm userRealm(){
        return new UserRealm();
    }
}

lu.config.userRealm#

package com.lu.config;

import com.lu.mapper.UserMapper;
import com.lu.pojo.User;
import org.apache.catalina.security.SecurityUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;


public class UserRealm extends AuthorizingRealm {
    @Autowired
    UserMapper userMapper;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行了授权==》");
        SimpleAuthorizationInfo simpleAuthenticationInfo = new SimpleAuthorizationInfo();


        //拿到当前登录的这个对象(从认证里面拿)
        Subject subject = SecurityUtils.getSubject();
        User principal = (User) subject.getPrincipal();


        simpleAuthenticationInfo.addStringPermission(principal.getGeology());
        return simpleAuthenticationInfo;
    }
    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("执行了认证==》");
        //用户名和密码数据库中取
        //连接真实的数据库


        UsernamePasswordToken passwordToken =(UsernamePasswordToken) authenticationToken;
        User user = userMapper.selectUser(passwordToken.getUsername());
        if(user==null){
            return null;
        }
        //密码认证shiro做 ,shiro自己在源码中做了加密
        return new SimpleAuthenticationInfo(user,user.getPwd(),"");
        //1获取当前用户的认证
        //2要传递密码的对象
        //3认证名
    }
}

作者:freps

出处:https://www.cnblogs.com/freps/p/18459264

版权:本作品采用「署名-非商业性使用-相同方式共享 4.0 国际」许可协议进行许可。

posted @   LL。。。  阅读(2)  评论(0编辑  收藏  举报  
相关博文:
· springboot-security环境搭建和用户认证后授权
· spring-boot-mybatis
· Shiro
· Shiro实战+springboot集成
· springboot项目中使用shiro实现用户登录以及权限的验证
阅读排行:
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
more_horiz
keyboard_arrow_up dark_mode palette
选择主题
menu
点击右上角即可分享
微信分享提示