[shiro学习笔记]第二节 shiro与web融合实现一个简单的授权认证
本文地址:http://blog.csdn.net/sushengmiyan/article/details/39933993
shiro官网: http://shiro.apache.org/
本文作者:sushengmiyan
------------------------------------------------------------------------------------------------------------------------------------
一。新建java webproject 这里取名为shirodemo
二。加入依赖的jar包。例如以下:
三。加入web对shiro的支持
如第一篇文章所述,在此基础上添加webs.xml部署描写叙述:
<listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <filter> <filter-name>shiro</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> </filter> <filter-mapping> <filter-name>shiro</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
四。加入jsp页面登陆button以及标签支持:
<% String user = request.getParameter("username"); String pwd = request.getParameter("password"); if(user != null && pwd != null){ Subject sub = SecurityUtils.getSubject(); String context = request.getContextPath(); try{ sub.login(new UsernamePasswordToken(user.toUpperCase(),pwd)); out.println("登录成功"); }catch(IncorrectCredentialsException e){ out.println("{success:false,msg:'username和password不对!'}"); }catch(UnknownAccountException e){ out.println("{success:false,msg:'用户名不存在。'}"); } return; } %>
在jsp页面中添加username与password登陆框。
五。新建realm实现
package com.susheng.shiro; import javax.annotation.PostConstruct; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.LockedAccountException; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.cache.CacheManager; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; //认证数据库存储 public class ShiroRealm extends AuthorizingRealm { public Logger logger = LoggerFactory.getLogger(getClass()); final static String AUTHCACHENAME = "AUTHCACHENAME"; public static final String HASH_ALGORITHM = "MD5"; public static final int HASH_INTERATIONS = 1; public ShiroDbRealm() { // 认证 super.setAuthenticationCachingEnabled(false); // 授权 super.setAuthorizationCacheName(AUTHCACHENAME); } // 授权 @Override protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principalCollection) { if (!SecurityUtils.getSubject().isAuthenticated()) { doClearCache(principalCollection); SecurityUtils.getSubject().logout(); return null; } // 加入角色及权限信息 SimpleAuthorizationInfo sazi = new SimpleAuthorizationInfo(); return sazi; } // 认证 @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String userName = upToken.getUsername(); String passWord = new String(upToken.getPassword()); AuthenticationInfo authinfo = new SimpleAuthenticationInfo( userName, passWord, getName()); return authinfo; } /** * 设定Password校验的Hash算法与迭代次数. */ @PostConstruct public void initCredentialsMatcher() { HashedCredentialsMatcher matcher = new HashedCredentialsMatcher( HASH_ALGORITHM); matcher.setHashIterations(HASH_INTERATIONS); setCredentialsMatcher(matcher); } }
六。shiro.ini文件内容添加对realm的支持。
# # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # # ============================================================================= # Quickstart INI Realm configuration # # For those that might not understand the references in this file, the # definitions are all based on the classic Mel Brooks' film "Spaceballs". ;) # ============================================================================= # ----------------------------------------------------------------------------- # Users and their assigned roles # # Each line conforms to the format defined in the # org.apache.shiro.realm.text.TextConfigurationRealm#setUserDefinitions JavaDoc # ----------------------------------------------------------------------------- #realm myRealm = com.susheng.shiro.ShiroDbRealm securityManager.realm = $myRealm [users] # user 'root' with password 'secret' and the 'admin' role root = secret, admin # user 'guest' with the password 'guest' and the 'guest' role guest = guest, guest # user 'presidentskroob' with password '12345' ("That's the same combination on # my luggage!!!" ;)), and role 'president' presidentskroob = 12345, president # user 'darkhelmet' with password 'ludicrousspeed' and roles 'darklord' and 'schwartz' darkhelmet = ludicrousspeed, darklord, schwartz # user 'lonestarr' with password 'vespa' and roles 'goodguy' and 'schwartz' lonestarr = vespa, goodguy, schwartz # ----------------------------------------------------------------------------- # Roles with assigned permissions # # Each line conforms to the format defined in the # org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc # ----------------------------------------------------------------------------- [roles] # 'admin' role has all permissions, indicated by the wildcard '*' admin = * # The 'schwartz' role can do anything (*) with any lightsaber: schwartz = lightsaber:* # The 'goodguy' role is allowed to 'drive' (action) the winnebago (type) with # license plate 'eagle5' (instance specific id) goodguy = winnebago:drive:eagle5 [urls] /login.jsp = anon /index.html = user /index.jsp = user /homePageDebug.jsp = user /module/** = user
七。tomcat添加对这个应用的部署。启动tomcat,输入相应的url。
查看实现效果:
登录界面的显示
点击登录之后,插入了shiro的实现。
临时没有进行实质认证。仅仅是大概搭建的shiro环境。
自己插入自己的realm实现就能够了。
OK。如今。以及实现了对web的支持。
代码下载地址:http://download.csdn.net/detail/sushengmiyan/8022503