Shiro与Springboot整合:配置依赖改造登录方法
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><groupId>cn.learn</groupId><artifactId>shiro_springboot</artifactId><version>1.0-SNAPSHOT</version><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.0.5.RELEASE</version><relativePath/></parent><properties><project.build.sourceEncoding>UTF-8</project.build.sourceEncoding><project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding><java.version>1.8</java.version><fastjson.version>1.2.47</fastjson.version></properties><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-data-jpa</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-logging</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope></dependency><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId><version>1.16.16</version></dependency><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId></dependency><!--shiro与spring整合 --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring</artifactId><version>1.3.2</version></dependency><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.3.2</version></dependency><!--shiro与redis整合实现sessionDao --><dependency><groupId>org.crazycake</groupId><artifactId>shiro-redis</artifactId><version>3.0.0</version></dependency></dependencies><repositories><repository><id>spring-snapshots</id><name>Spring Snapshots</name><url>https://repo.spring.io/snapshot</url><snapshots><enabled>true</enabled></snapshots></repository><repository><id>spring-milestones</id><name>Spring Milestones</name><url>https://repo.spring.io/milestone</url><snapshots><enabled>false</enabled></snapshots></repository></repositories><pluginRepositories><pluginRepository><id>spring-snapshots</id><name>Spring Snapshots</name><url>https://repo.spring.io/snapshot</url><snapshots><enabled>true</enabled></snapshots></pluginRepository><pluginRepository><id>spring-milestones</id><name>Spring Milestones</name><url>https://repo.spring.io/milestone</url><snapshots><enabled>false</enabled></snapshots></pluginRepository></pluginRepositories><build><plugins><!--编译插件--><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-compiler-plugin</artifactId><version>3.1</version><configuration><source>${java.version}</source><target>${java.version}</target></configuration></plugin><!--单元测试插件--><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-surefire-plugin</artifactId><version>2.12.4</version><configuration><skipTests>true</skipTests></configuration></plugin></plugins></build>
</project>
package cn.learn.shiro.controller;import cn.learn.shiro.domain.User;
import cn.learn.shiro.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;import javax.servlet.http.HttpSession;
import java.util.Enumeration;@RestController
public class UserController {@Autowiredprivate UserService userService;//个人主页//使用shiro注解鉴权//@RequiresPermissions() -- 访问此方法必须具备的权限//@RequiresRoles() -- 访问此方法必须具备的角色/*** 1.过滤器:如果权限信息不匹配setUnauthorizedUrl地址* 2.注解:如果权限信息不匹配,抛出异常*/@RequiresPermissions("user-home")@RequestMapping(value = "/user/home")public String home() {return "访问个人主页成功";}//添加@RequestMapping(value = "/user",method = RequestMethod.POST)public String add() {return "添加用户成功";}//查询@RequestMapping(value = "/user",method = RequestMethod.GET)public String find() {return "查询用户成功";}//更新@RequestMapping(value = "/user/{id}",method = RequestMethod.GET)public String update(String id) {return "更新用户成功";}//删除@RequestMapping(value = "/user/{id}",method = RequestMethod.DELETE)public String delete() {return "删除用户成功";}/*** 1.传统登录* 前端发送登录请求 => 接口部分获取用户名密码 => 程序员在接口部分手动控制* 2.shiro登录* 前端发送登录请求 => 接口部分获取用户名密码 => 通过subject.login => realm域的认证方法**///用户登录@RequestMapping(value="/login")public String login(String username,String password) {//构造登录令牌try {/*** 密码加密:* shiro提供的md5加密* Md5Hash:* 参数一:加密的内容* 111111 --- abcd* 参数二:盐(加密的混淆字符串)(用户登录的用户名)* 111111+混淆字符串* 参数三:加密次数**/password = new Md5Hash(password,username,3).toString();UsernamePasswordToken upToken = new UsernamePasswordToken(username,password);//1.获取subjectSubject subject = SecurityUtils.getSubject();//获取sessionString sid = (String) subject.getSession().getId();//2.调用subject进行登录subject.login(upToken);return "登录成功";}catch (Exception e) {return "用户名或密码错误";}}
}
package cn.learn.shiro.dao;import cn.learn.shiro.domain.User;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.JpaSpecificationExecutor;/*** 用户数据访问接口*/
public interface UserDao extends JpaRepository<User, String>, JpaSpecificationExecutor<User> {//根据手机号获取用户信息User findByUsername(String name);
}
package cn.learn.shiro.domain;import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
import java.io.Serializable;@Entity
@Table(name = "pe_permission")
@Getter
@Setter
@NoArgsConstructor
public class Permission implements Serializable {private static final long serialVersionUID = -4990810027542971546L;/*** 主键*/@Idprivate String id;private String name;private String code;private String description;
}
package cn.learn.shiro.domain;import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Getter;
import lombok.Setter;import javax.persistence.*;
import java.io.Serializable;
import java.util.HashSet;
import java.util.Set;@Entity
@Table(name = "pe_role")
@Getter
@Setter
public class Role implements Serializable {private static final long serialVersionUID = 594829320797158219L;@Idprivate String id;private String name;private String description;//角色与用户 多对多@ManyToMany(mappedBy="roles")private Set<User> users = new HashSet<User>(0);//角色与权限 多对多@ManyToMany(fetch = FetchType.EAGER)@JoinTable(name="pe_role_permission",joinColumns={@JoinColumn(name="role_id",referencedColumnName="id")},inverseJoinColumns={@JoinColumn(name="permission_id",referencedColumnName="id")})private Set<Permission> permissions = new HashSet<Permission>(0);
}
package cn.learn.shiro.domain;import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Getter;
import lombok.Setter;import javax.persistence.*;
import java.io.Serializable;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;/*** 用户实体类*/
@Entity
@Table(name = "pe_user")
@Getter
@Setter
public class User implements Serializable {private static final long serialVersionUID = 4297464181093070302L;/*** ID*/@Idprivate String id;private String username;private String password;@ManyToMany(fetch = FetchType.EAGER)@JoinTable(name="pe_user_role",joinColumns={@JoinColumn(name="user_id",referencedColumnName="id")},inverseJoinColumns={@JoinColumn(name="role_id",referencedColumnName="id")})private Set<Role> roles = new HashSet<Role>();//用户与角色 多对多
}
package cn.learn.shiro.service;import cn.learn.shiro.dao.UserDao;
import cn.learn.shiro.domain.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;import java.util.List;@Service
public class UserService {@Autowiredprivate UserDao userDao;public User findByName(String name) {return this.userDao.findByUsername(name);}public List<User> findAll() {return userDao.findAll();}
}
package cn.learn.shiro;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.domain.EntityScan;
import org.springframework.context.annotation.Bean;
import org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter;@SpringBootApplication(scanBasePackages = "cn.learn")
@EntityScan("cn.learn.shiro.domain")
public class ShiroApplication {public static void main(String[] args) {SpringApplication.run(ShiroApplication.class, args);}@Beanpublic OpenEntityManagerInViewFilter openEntityManagerInViewFilter() {return new OpenEntityManagerInViewFilter();}}
server:port: 8081
spring:application:name: ihrm-company #指定服务名datasource:driver-class-name: com.mysql.jdbc.Driverurl: jdbc:mysql://localhost:3306/shiro_db?useUnicode=true&characterEncoding=utf8username: rootpassword: 123456jpa:database: MySQLshow-sql: trueopen-in-view: trueredis:host: 127.0.0.1port: 6379
Shiro与Springboot整合:配置依赖改造登录方法相关推荐
- Shiro与SpringBoot整合,实现登录拦截、用户认证、用户授权等。实战demo
文章目录 开篇必读: 一.开发环境 二.项目搭建 三.配置 shiro 配置类 1.自定义 Realm 类. 2.创建shiro配置类. 四.创建页面.Controller. Service等. 五. ...
- SpringBoot整合微信扫码登录
SpringBoot整合微信扫码登录 准备工作 基本思路流程 搭建SpringBoot 引入依赖 加入配置文件 代码实现 工具类 controller层 结果 准备工作 1.登录官网了解到,学习者想本 ...
- CAS5.3服务器搭建及SpringBoot整合CAS实现单点登录
CAS5.3服务器搭建及SpringBoot整合CAS实现单点登录 1.1 什么是单点登录 1.2 什么是CAS 1.3 CAS服务端部署 1.template下载 1.4 客户端搭建 1.1 什么是 ...
- SpringBoot整合Keycloak实现单点登录
Keycloak是一个开源的身份和权限访问管理工具,轻松为应用程序和安全服务添加身份验证,无需处理储存用户或者验证用户,其提供用户联合.强健的身份验证.用户管理和细粒度授权等功能. 1. 搭建Keyc ...
- SpringBoot整合小程序微信登录功能
一.SpringBoot整合微信登录 小程序的使用已经是一个普遍的现象,对于刚学习SpringBoot的我们来说完全的写好一套微信登录的案例有一定的难度,这里结合自己的一些学习经验,把微信登录这一 ...
- SpringBoot整合完成Themeleaf完成登录功能
概述 用SpringBoot整合完成Themeleaf完成简单的登录功能,有错误提示和判空处理 具体实现 表格: <form method="post" th:action= ...
- Shiro安全框架(Shiro与SpringBoot整合开发)之图片验证码(五)
这篇博文主要讲解实现图片验证码的实现,之前已经将权限,认证,自带缓存,redis缓存,都实现了,现在我们就来了解一下简单的图片验证码的实现: 首先,我们要来修改一下登录的页面,login.jsp这个页 ...
- SSH配置免密登录方法
转载自https://blog.csdn.net/jeikerxiao/article/details/84105529 1.客户端生成公私钥 本地客户端生成公私钥:(一路回车默认即可) ssh-ke ...
- Shiro入门以及Shiro与web整合
标题Shiro入门以及Shiro与web整合 Shiro框架 - 什么是Shiro? Apache shiro是一个强大,易用的java安全框架执行身份认证,授权,密码和会话管理. Shiro框架的核 ...
最新文章
- java new 引用_java不用new运算符也能创建引用吗?
- Oracle中判断空游标的方法
- VisualSVN server 无法启动
- 【PAT笔记】PAT中的散列思想
- Win10_MySQL环境搭建以及Navicat的使用全解
- 什么是CDP(连续数据保护)?
- Hibernate Tomcat JNDI DataSource示例教程
- 基于Linux内核红黑树的TR069参数解析工具:树形结构+CPE RPC支持
- 随想录(从开源or1k看gcc后端移植)
- Eclipse Class Decompiler——Java反编译插件
- 开源网站项目-静态网址导航网站
- 键盘盲打练习打字软件 v6.30绿色版
- PHP九九乘法表代码
- 转:计算机视觉专业词汇(中英文对照)
- 你是哪种类型的拖延症患者?
- 【转】Android Hook框架Xposed详解
- Redis使用入门(二)【Windows下Python客户端redis-py使用】
- virtualbox出现failed to attach usb,VERR_PDM_NO_USB_PORTS问题解决
- 如何生成EI检索报告
- 论文领读|基于 VQVAE 的长文本生成