1.首先一个项目的完工是需要团队里面很多人的配合,但是此项目只是我一个人的纯开发,所以开发的项目漏洞比较多,不过每个项目的开发,都是在调试和改bug中进行的。
说一下这个项目的总体架构,前端采用的是最简单的JQuery技术,后台是用Maven管理,是用SSM框架,数据库使用的是mySql,安全框架使用的是shiro,这些是本项目使用的一些技术。
本项目的项目需求是为了满足访客到某个大厦进行访问的时候的一个记录,主要的功能就是管理访客信息兼数据库的功能,这是项目涉及到的主要功能。
2.主要的小技术;
(1)登录的第一个人作为总的管理员
(2)登录之后菜单权限的显示
(3)接口实现的编码
(4)手机短信的实现
3.在这里主要说一下shiro框架的使用,它的配置文件如下:
<bean id="myRealm" class="com.cn.demo.realm.MyRealm"></bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="myRealm"></property>
<property name="cacheManager" ref="cacheManager"></property>
</bean>
<bean id="myFormAuthenticationFilter" class="com.cn.demo.filter.MyFormAuthenticationFilter"/>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"></property>
<property name="loginUrl" value="/login.do"></property>
<property name="successUrl" value="/main.do"></property>
<property name="filters">
<map>
<entry key="logout" value-ref="systemLogoutFilter" />
<entry key="authc" value-ref="myFormAuthenticationFilter" />
</map>
</property>
<property name="filterChainDefinitions">
<value>
/favicon.ico = anon
/js/**=anon
/images/**=anon
/style/**=anon
/login.jsp=anon
/visitor/insert.do=anon
/visitor/getRoom.do=anon
/logout=logout
/**=authc
</value>
</property>
</bean>
它的实现的类如下:
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import com.cn.demo.domain.Role;
import com.cn.demo.domain.User;
import com.cn.demo.service.IRightService;
import com.cn.demo.service.IRoleService;
import com.cn.demo.service.IUserService;
public class MyRealm extends AuthorizingRealm{
@Autowired
private IUserService userService;
@Autowired
private IRoleService roleService;
@Autowired
private IRightService rightService;
public String getName(){
return "MyRealm";
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username =(String) token.getPrincipal();
List<User> userList = userService.listAll();
if(userList.size()==0){
User user=new User();
user.setName(username);
user.setPassword("1");
user.setUserType(0);
userService.insert(user);
}
User user=userService.queryByName(username);
if(user==null){
return null;
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), getName());
return info;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
User currentUser = (User) principals.getPrimaryPrincipal();
List<String> roles=new ArrayList<>();
List<String> rights=new ArrayList<>();
if(currentUser.getUserType()==0){
List<Role> roleList = roleService.selectAll();
for (Role role : roleList) {
roles.add(role.getName());
}
rights = Arrays.asList("*:*");
}else{
roles = roleService.queryByUserId(currentUser.getId());
rights = rightService.queryByUserId(currentUser.getId());
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRoles(roles);
info.addStringPermissions(rights);
return info;
}
public void clearCache() {
super.clearCache(SecurityUtils.getSubject().getPrincipals());
}
}
4.在这里有一个乱码问题的解决,加入你使用的是Maven启动tomcat,那么一定要在pom.xml文件里面导插件的时候,一定要配置编码方式为UTF-8,配置如下:
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
<configuration>
<path>/</path>
<port>80</port>
<uriEncoding>UTF-8</uriEncoding>
</configuration>
</plugin>
