Shiro 教程_1
2024-05-22 13:30:54
教案 https://gitee.com/fakerlove/Shiro
文章目录
- Shiro 教程
- 1. Shiro 介绍
- 1.1 什么是 Shiro
- 1.2 Shiro 好处
- 1.3 Shiro 认证流程
- 2. Shiro 单机版使用
- 2.1 创建项目
- 1. 添加依赖
- 2. 创建配置文件 shiro.ini
- 3. 创建测试类TextAuthenticator.java
- 4. 项目结构如下
- 2.2 源码验证流程
- 2.2.1 Realm 关系图
- 2.2.2 源码讲解
- 2.2.3 继承关系的讲解
- 2.3 实现自定义的Realm
- 1. 首先自定义Realm
- 2. 使用自定义Realm
- 2.4 Md5 +Salt 认证流程
- 1. Service 层 业务层中算出Md5 算出来的结果
- 2.设置自定义的Realm
- 3. 使用 Realm
- 2.5 授权流程
- 1. 基于角色的控制访问
- 2. 基于资源的控制访问
- 3. 权限字符串
- 4. 授权实现方式
- 3. Shiro 整和SpringBoot 使用
- 3.1 环境搭建
- Shiro+SpringBoot+Mysql+Redis(缓存)
- 1. 添加依赖
- 2. 配置 yml
- 3. 创建 实体类
- 4. 创建Mapper
- 5. 创建 db
- 6. 创建Dao 层
- 7. 创建 service
- 8. 创建 Controller
- 9. 创建Redis 配置类
- 10 .创建 RedisUtils
- 11. 创建自定义 Realm
- 12. 创建Shiro缓存
- 13. 创建 自定义的ShiroFilter
- 14. 创建异常处理器
- 3.2 内置过滤器
- 4. Shiro+JWT 的使用,
Shiro 教程
1. Shiro 介绍
1.1 什么是 Shiro
Shiro是Apache旗下的一个开源项目,它是一个非常易用的安全框架,提供了包括认证、授权、加密、会话管理等功能,与Spring Security一样属基于权限的安全框架,但是与Spring Security 相比,Shiro使用了比较简单易懂易于使用的授权方式。Shiro属于轻量级框架,相对于Spring Security简单很多,并没有security那么复杂。
1.2 Shiro 好处
它是一个功能强大、灵活的、优秀的、开源的安全框架。
它可以胜任身份验证、授权、企业会话管理和加密等工作。
它易于使用和理解,与Spring Security相比,入门门槛低。
1.3 Shiro 认证流程
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-RUb0NY0H-1609288679506)(picture/6.png)]
Realm 中的具体实现
- Subject:代表当前用户,Subject 可以是一个人,也可以是第三方服务、守护进程帐户、时钟守护任务或者其它当前和软件交互的任何事件。
- SecurityManager:管理所有Subject,SecurityManager 是 Shiro 架构的核心,配合内部安全组件共同组成安全伞。
- Realms:用于进行权限信息的验证,我们自己实现。Realm 本质上是一个特定的安全 DAO:它封装与数据源连接的细节,得到Shiro 所需的相关的数据。在配置 Shiro 的时候,你必须指定至少一个Realm 来实现认证(authentication)和/或授权(authorization)。
2. Shiro 单机版使用
2.1 创建项目
1. 添加依赖
<dependencies><!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.5.3</version></dependency></dependencies>
2. 创建配置文件 shiro.ini
[users]
xiao=123
joker=123456
3. 创建测试类TextAuthenticator.java
package com.joker;import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;public class TextAuthenticator {public static void main(String[] args) {// 创建安全管理器对象DefaultSecurityManager securityManager=new DefaultSecurityManager();// 2. 给安全管理器设置RealmsecurityManager.setRealm(new IniRealm("classpath:shiro.ini"));// 给SecurityUtils 给全局安全工具类 设置安全管理器SecurityUtils.setSecurityManager(securityManager);// 关键对象 Subject 主体Subject subject=SecurityUtils.getSubject();// 创建令牌UsernamePasswordToken token=new UsernamePasswordToken("joker","123456");try {System.out.println("认证状态"+subject.isAuthenticated());subject.login(token);System.out.println("认证状态"+subject.isAuthenticated());}catch (Exception e){e.printStackTrace();}}
}4. 项目结构如下
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-MInBnch3-1609288679510)(picture/1.png)]
2.2 源码验证流程
2.2.1 Realm 关系图
2.2.2 源码讲解
SimpleAccountRealm.java 中doGetAuthenticationInfo 方法验证用户名
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {UsernamePasswordToken upToken = (UsernamePasswordToken)token;SimpleAccount account = this.getUser(upToken.getUsername());if (account != null) {if (account.isLocked()) {throw new LockedAccountException("Account [" + account + "] is locked.");}if (account.isCredentialsExpired()) {String msg = "The credentials for account [" + account + "] are expired";throw new ExpiredCredentialsException(msg);}}return account;}
AuthenticatingRealm.java 中assertCredentialsMatch 这个方法 ,校验账户密码
protected void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {CredentialsMatcher cm = this.getCredentialsMatcher();if (cm != null) {if (!cm.doCredentialsMatch(token, info)) {String msg = "Submitted credentials for token [" + token + "] did not match the expected credentials.";throw new IncorrectCredentialsException(msg);}} else {throw new AuthenticationException("A CredentialsMatcher must be configured in order to verify credentials during authentication. If you do not wish for credentials to be examined, you can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance.");}}
2.2.3 继承关系的讲解
AuthenticatingRealm 认证 getAuthenticationInfo 方法
AuthorizingRealm 授权 getAuthorizationInfo 方法
SimpleAccountRealm 为什么能够实现认证+授权呢??
SimpleAccountRealm 继承于AuthorizingRealm ,AuthorizingRealm 继承于AuthenticatingRealm
public class SimpleAccountRealm extends AuthorizingRealm
如果想要实现 自定义的Realm ,就必须要自己继承AuthorizingRealm 这个类,模仿SimpleAccountRealm
2.3 实现自定义的Realm
1. 首先自定义Realm
package com.joker.myrealm;import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.PrincipalCollection;/*** 上章讲解过 自定义Realm 就需要 继承 AuthorizingRealm 中的两个方法*/
public class CumstomRealm extends AuthorizingRealm {/*** 授权* @param principalCollection* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {return null;}/*** 认证* @param authenticationToken* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {// 取到用户名String name=(String)authenticationToken.getPrincipal();System.out.println("自定义Realm "+name+" ");// 判断用户是否存在,连接数据库if(name.equals("joker")){// 这里的 “123456” 是数据库中查到的密码SimpleAuthenticationInfo simpleAccountRealm=new SimpleAuthenticationInfo(name,"123456",this.getName());return simpleAccountRealm;}return null;}
}2. 使用自定义Realm
package com.joker.myrealm;import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;/*** 在这里我们使用 自定义的Realm*/
public class TestAuthorRealm {public static void main(String[] args) {DefaultSecurityManager securityManager=new DefaultSecurityManager();// 2. 给安全管理器设置RealmsecurityManager.setRealm(new CumstomRealm());// 给SecurityUtils 给全局安全工具类 设置安全管理器SecurityUtils.setSecurityManager(securityManager);// 关键对象 Subject 主体Subject subject=SecurityUtils.getSubject();// 创建令牌UsernamePasswordToken token=new UsernamePasswordToken("joker","123456");try {// 如果输入的 token 是错误的信息,会报错System.out.println("自定义认证状态"+subject.isAuthenticated());subject.login(token);System.out.println("自定义认证状态"+subject.isAuthenticated());Realm realm;}catch (UnknownAccountException e){e.printStackTrace();System.out.println("用户名错误");} catch (IncorrectCredentialsException e){System.out.println("密码错误");e.printStackTrace();}catch (Exception e){e.printStackTrace();}}
}2.4 Md5 +Salt 认证流程
1. Service 层 业务层中算出Md5 算出来的结果
package com.joker.md5p;import org.apache.shiro.crypto.hash.Md5Hash;public class Md5Test {public static void main(String[] args) {/*** 第一个参数 source ,就是密码* 第二个参数 salt ,加盐 ,随机字符串* 第三个参数 hashlterations ,哈希散列 ,越大散列越均匀*/Md5Hash hash=new Md5Hash("123456","xod",1024);System.out.println(hash.toHex());}
}2.设置自定义的Realm
package com.joker.md5p;import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;public class CumstomMd5Realm extends AuthorizingRealm {/*** 授权* @param principalCollection* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {return null;}/*** 认证* @param authenticationToken* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {// 取到用户名String name=(String)authenticationToken.getPrincipal();System.out.println("自定义Realm "+name+" ");// 判断用户是否存在,连接数据库if(name.equals("joker")){// 这里的 “f3aed468e9246cbdff61fc59084154e0” Md5Test 算出来的 ,是数据库中查到的密码// ByteSource.Util.bytes("xod") 这个是随机盐saltSimpleAuthenticationInfo simpleAccountRealm=new SimpleAuthenticationInfo(name,"f3aed468e9246cbdff61fc59084154e0", ByteSource.Util.bytes("xod"),this.getName());return simpleAccountRealm;}return null;}
}3. 使用 Realm
package com.joker.md5p;import com.joker.myrealm.CumstomRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.Subject;/*** 在这里我们使用 自定义的Realm*/
public class TestMd5AuthorRealm {public static void main(String[] args) {DefaultSecurityManager securityManager=new DefaultSecurityManager();CumstomMd5Realm cumstomMd5Realm=new CumstomMd5Realm();// 设置匹配策略,HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();//设置Md5 加密hashedCredentialsMatcher.setHashAlgorithmName("md5");// 设置hash 散列度hashedCredentialsMatcher.setHashIterations(1024);cumstomMd5Realm.setCredentialsMatcher(hashedCredentialsMatcher);// 2. 给安全管理器设置RealmsecurityManager.setRealm(cumstomMd5Realm);// 给SecurityUtils 给全局安全工具类 设置安全管理器SecurityUtils.setSecurityManager(securityManager);// 关键对象 Subject 主体Subject subject=SecurityUtils.getSubject();// 创建令牌UsernamePasswordToken token=new UsernamePasswordToken("joker","123456");try {// 如果输入的 token 是错误的信息,会报错System.out.println("自定义认证状态"+subject.isAuthenticated());subject.login(token);System.out.println("自定义认证状态"+subject.isAuthenticated());Realm realm;}catch (UnknownAccountException e){e.printStackTrace();System.out.println("用户名错误");} catch (IncorrectCredentialsException e){System.out.println("密码错误");e.printStackTrace();}catch (Exception e){e.printStackTrace();}}
}2.5 授权流程
1. 基于角色的控制访问
2. 基于资源的控制访问
3. 权限字符串
命名规则 资源标识符:操作:资源实例标识符
4. 授权实现方式
编程式
package com.joker.other;import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource;public class MyRealm extends AuthorizingRealm {/*** 授权* @param principalCollection* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {System.out.println("授权道路开始了");String pr=(String)principalCollection.getPrimaryPrincipal();System.out.println("身份信息为 "+pr);SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();simpleAuthorizationInfo.addRole("admin");simpleAuthorizationInfo.addRole("user");// 这个用户对于 001 这个资源有着所有的操作权限 simpleAuthorizationInfo.addStringPermission("user:*:001");return simpleAuthorizationInfo;}/*** 认证* @param authenticationToken* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {// 取到用户名String name=(String)authenticationToken.getPrincipal();System.out.println("自定义Realm "+name+" ");// 判断用户是否存在,连接数据库if(name.equals("joker")){// 这里的 “f3aed468e9246cbdff61fc59084154e0” Md5Test 算出来的 ,是数据库中查到的密码// ByteSource.Util.bytes("xod") 这个是随机盐saltSimpleAuthenticationInfo simpleAccountRealm=new SimpleAuthenticationInfo(name,"f3aed468e9246cbdff61fc59084154e0", ByteSource.Util.bytes("xod"),this.getName());return simpleAccountRealm;}return null;} }package com.joker.other;import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.Realm; import org.apache.shiro.subject.Subject;import java.util.Arrays;/*** 在这里我们使用 自定义的Realm*/ public class TestMAuthorRealm {public static void main(String[] args) {DefaultSecurityManager securityManager=new DefaultSecurityManager();MyRealm cumstomMd5Realm=new MyRealm();// 设置匹配策略,HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();//设置Md5 加密hashedCredentialsMatcher.setHashAlgorithmName("md5");// 设置hash 散列度hashedCredentialsMatcher.setHashIterations(1024);cumstomMd5Realm.setCredentialsMatcher(hashedCredentialsMatcher);// 2. 给安全管理器设置RealmsecurityManager.setRealm(cumstomMd5Realm);// 给SecurityUtils 给全局安全工具类 设置安全管理器SecurityUtils.setSecurityManager(securityManager);// 关键对象 Subject 主体Subject subject=SecurityUtils.getSubject();// 创建令牌UsernamePasswordToken token=new UsernamePasswordToken("joker","123456");try {// 如果输入的 token 是错误的信息,会报错System.out.println("自定义认证状态"+subject.isAuthenticated());subject.login(token);System.out.println("自定义认证状态"+subject.isAuthenticated());Realm realm;}catch (UnknownAccountException e){e.printStackTrace();System.out.println("用户名错误");} catch (IncorrectCredentialsException e){System.out.println("密码错误");e.printStackTrace();}catch (Exception e){e.printStackTrace();}//开始授权if(subject.isAuthenticated()){System.out.println(subject.hasRole("admin"));// 这个是多角色权限System.out.println(subject.hasAllRoles(Arrays.asList("admin","user")));// 基于字符串的权限控制System.out.println( subject.isPermitted("user:*:001"));}} }注解式
标签式
项目结构如下
3. Shiro 整和SpringBoot 使用
3.1 环境搭建
Shiro+SpringBoot+Mysql+Redis(缓存)
1. 添加依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.3.1.RELEASE</version><relativePath/> <!-- lookup parent from repository --></parent><groupId>com.example</groupId><artifactId>demo</artifactId><version>0.0.1-SNAPSHOT</version><name>demo</name><description>Demo project for Spring Boot</description><properties><java.version>1.8</java.version></properties><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.mybatis.spring.boot</groupId><artifactId>mybatis-spring-boot-starter</artifactId><version>2.1.3</version></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-devtools</artifactId><scope>runtime</scope><optional>true</optional></dependency><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId><scope>runtime</scope></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-configuration-processor</artifactId><optional>true</optional></dependency><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId><optional>true</optional></dependency><!-- https://mvnrepository.com/artifact/com.alibaba/druid --><dependency><groupId>com.alibaba</groupId><artifactId>druid</artifactId><version>1.1.23</version></dependency><!-- shiro+springboot 启动 --><!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring-boot-web-starter --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring-boot-web-starter</artifactId><version>1.5.3</version></dependency><!-- shiro 的缓存--><!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-ehcache --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-ehcache</artifactId><version>1.5.3</version></dependency><!-- jwt--><!-- https://mvnrepository.com/artifact/com.auth0/java-jwt --><dependency><groupId>com.auth0</groupId><artifactId>java-jwt</artifactId><version>3.10.3</version></dependency><!-- 使用自定义的配置信息,就必须使用这样子的--><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-configuration-processor</artifactId><optional>true</optional></dependency><!-- 连接redis--><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-data-redis</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-freemarker</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-thymeleaf</artifactId></dependency><dependency><groupId>com.alibaba</groupId><artifactId>fastjson</artifactId><version>1.2.67</version></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope><exclusions><exclusion><groupId>org.junit.vintage</groupId><artifactId>junit-vintage-engine</artifactId></exclusion></exclusions></dependency></dependencies><build><plugins><plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId></plugin></plugins></build></project>2. 配置 yml
server:port: 9099
spring:application:name: demo1# 配置 mybatisdatasource:driver-class-name: com.mysql.cj.jdbc.Driverurl: jdbc:mysql://rm-uf682626j42h0nn6ljo.mysql.rds.aliyuncs.com:3306/faker?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTCusername: jokerpassword: type: com.alibaba.druid.pool.DruidDataSource# resources:
# static-locations:redis:host: 47.100.104.187database: 0password: port: 6379jedis:pool:max-wait: 3600max-active: 8timeout: 3600mvc:static-path-pattern: classpath:/static/ classpath:/templates/view:suffix: .htmlprefix: classpath:/templates/resources:static-locations: classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,classpath:/public/thymeleaf:cache: falsesuffix: .htmlprefix: classpath:/templates/mybatis:mapper-locations: classpath:mapper/*.xmltype-aliases-package: com.example.demo.entity3. 创建 实体类
package com.example.demo.entity;import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;/*** 是 用户的 信息*/@Data
@NoArgsConstructor
@Accessors(chain = true)
@AllArgsConstructor
public class Person {private int user_id;private String user_name;private String user_password;private Double user_money;private int user_lev;private String user_email;private String user_address;private String user_banner_img;private String user_telephone;private String user_introduce;private int user_gender;private String user_salt;
}
package com.example.demo.entity;import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;/*** 返回结果* @param <T>*/@Data
@AllArgsConstructor
@NoArgsConstructor
@Accessors(chain = true)
public class ResultData<T>{private String message;private Integer code;private T data;
}4. 创建Mapper
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN""http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.example.demo.mapper.PersonMapper"><!-- --><resultMap id="PersonMap" type="com.example.demo.entity.Person"><id column="user_id" property="user_id" jdbcType="INTEGER"/><result column="user_lev" jdbcType="INTEGER" property="user_lev"/><result column="user_gender" jdbcType="INTEGER" property="user_gender"/><result column="user_password" jdbcType="VARCHAR" property="user_password"/><result column="user_email" jdbcType="VARCHAR" property="user_email"/><result column="user_address" jdbcType="VARCHAR" property="user_address"/><result column="user_banner_img" jdbcType="VARCHAR" property="user_banner_img"/><result column="user_telephone" jdbcType="VARCHAR" property="user_telephone"/><result column="user_introduce" jdbcType="VARCHAR" property="user_introduce"/><result column="user_password" jdbcType="VARCHAR" property="user_password"/><result column="user_money" property="user_money" jdbcType="DOUBLE"/><result column="user_salt" property="user_salt" jdbcType="VARCHAR"/></resultMap><select id="checkLogin" resultType="int">SELECT count(*) FROM personwhere user_id=#{user_id} and user_password=#{user_password}</select><select id="findPersonById" resultMap="PersonMap">SELECT * FROM personwhere user_id=#{user_id}</select><select id="findPersonByName" resultMap="PersonMap">SELECT * FROM personwhere user_name=#{user_name}</select><select id="findPersonAll" resultMap="PersonMap" parameterType="int">select * from personwhere user_lev=#{user_lev}</select><insert id="addPerson" parameterType="Person">insert into person(user_name,user_password,user_money,user_lev,user_gender,user_salt)values(#{user_name},#{user_password},#{user_money},#{user_lev},#{user_gender},#{user_salt});</insert><select id="findid" resultType="int">SELECT @@IDENTITY</select><update id="modifyPerson" parameterType="Person">update person<set><if test="user_name!=null and user_name!=''">user_name=#{user_name},</if><if test="user_money!=null and user_money!=''">user_money=#{user_money},</if><if test="user_email!=null and user_email!=''">user_email=#{user_email},</if><if test="user_address!=null and user_address!=''">user_address=#{user_address},</if><if test="user_banner_img!=null and user_banner_img!=''">user_banner_img=#{user_banner_img},</if><if test="user_telephone!=null and user_telephone!=''">user_telephone=#{user_telephone},</if><if test="user_introduce!=null and user_introduce!=''">user_introduce=#{user_introduce},</if><if test="user_gender!=null and user_gender!=''">user_gender=#{user_gender},</if></set>where user_id=#{user_id}</update><update id="addMoney">update person set user_money=#{user_money} where user_id=#{user_id}</update><delete id="deletePerson" parameterType="int">delete from person where user_id=#{user_id}</delete></mapper>
5. 创建 db
CREATE DATABASE IF NOT EXISTS `faker` /*!40100 DEFAULT CHARACTER SET utf8 */ /*!80016 DEFAULT ENCRYPTION='N' */;
USE `faker`;
-- MySQL dump 10.13 Distrib 8.0.17, for Win64 (x86_64)
--
-- Host: rm-uf682626j42h0nn6ljo.mysql.rds.aliyuncs.com Database: faker
-- ------------------------------------------------------
-- Server version 8.0.18/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!50503 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
SET @MYSQLDUMP_TEMP_LOG_BIN = @@SESSION.SQL_LOG_BIN;
SET @@SESSION.SQL_LOG_BIN= 0;--
-- GTID state at the beginning of the backup
--SET @@GLOBAL.GTID_PURGED=/*!80000 '+'*/ '58413bdc-b9ef-11ea-8020-00163e0ab18f:1-66';--
-- Table structure for table `person`
--DROP TABLE IF EXISTS `person`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!50503 SET character_set_client = utf8mb4 */;
CREATE TABLE `person` (`user_id` int(10) NOT NULL AUTO_INCREMENT,`user_name` varchar(20) NOT NULL,`user_password` varchar(100) NOT NULL,`user_money` double NOT NULL DEFAULT '0',`user_lev` int(11) NOT NULL DEFAULT '1',`user_address` varchar(100) DEFAULT '"没有写地址"',`user_email` varchar(100) DEFAULT NULL,`user_banner_img` varchar(1000) DEFAULT NULL,`user_telephone` varchar(100) DEFAULT NULL,`user_introduce` varchar(1000) DEFAULT NULL,`user_gender` int(11) NOT NULL DEFAULT '1',`user_salt` varchar(45) DEFAULT NULL,PRIMARY KEY (`user_id`)
) ENGINE=InnoDB AUTO_INCREMENT=10 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
/*!40101 SET character_set_client = @saved_cs_client */;--
-- Dumping data for table `person`
--LOCK TABLES `person` WRITE;
/*!40000 ALTER TABLE `person` DISABLE KEYS */;
INSERT INTO `person` VALUES (1,'joker','123',126,1,'南京','203462009@qq.com','https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1590311354953&di=ea3b02c8f9e45664f87794a4c3692e26&imgtype=0&src=http%3A%2F%2Fa3.att.hudong.com%2F35%2F34%2F19300001295750130986345801104.jpg','15651771520','炸鸡店',0,NULL),(2,'peter','123456',997,2,'北京','203462009@qq.com','https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1590311354953&di=ea3b02c8f9e45664f87794a4c3692e26&imgtype=0&src=http%3A%2F%2Fa3.att.hudong.com%2F35%2F34%2F19300001295750130986345801104.jpg','15651771520','新石器烤肉',0,NULL),(3,'admin','123wan',888,2,'北京','203462009@qq.com','https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1590311354953&di=ea3b02c8f9e45664f87794a4c3692e26&imgtype=0&src=http%3A%2F%2Fa3.att.hudong.com%2F35%2F34%2F19300001295750130986345801104.jpg','15651771520','黄焖鸡店',0,NULL),(5,'pp','213',0,1,NULL,'','https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1590311354953&di=ea3b02c8f9e45664f87794a4c3692e26&imgtype=0&src=http%3A%2F%2Fa3.att.hudong.com%2F35%2F34%2F19300001295750130986345801104.jpg','15651771520',NULL,1,NULL),(6,'dd','123',0,1,NULL,'','https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1590311354953&di=ea3b02c8f9e45664f87794a4c3692e26&imgtype=0&src=http%3A%2F%2Fa3.att.hudong.com%2F35%2F34%2F19300001295750130986345801104.jpg','15651771520',NULL,1,NULL),(7,'joker','123',19988,1,NULL,'203462009@qq.com','D:\\code\\shopping\\src\\main\\resources\\upload\\8474d5bf-9486-4a60-a349-59448e408972.jpg','15651771520','苦而不言,喜而不语',1,NULL),(8,'akk','f9704410c5d8cca9c920102b92e2d3e2',0,1,'\"没有写地址\"',NULL,NULL,NULL,NULL,1,'3uhku6bx'),(9,'ad','cbfc5f5fd18dc905266d0272a93ebc62',0,2,'\"没有写地址\"',NULL,NULL,NULL,NULL,1,'1chsswry');
/*!40000 ALTER TABLE `person` ENABLE KEYS */;
UNLOCK TABLES;--
-- Dumping events for database 'faker'
----
-- Dumping routines for database 'faker'
--
SET @@SESSION.SQL_LOG_BIN = @MYSQLDUMP_TEMP_LOG_BIN;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;-- Dump completed on 2020-07-24 12:20:426. 创建Dao 层
package com.example.demo.mapper;import com.example.demo.entity.Person;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;import java.util.List;@Mapper
@Repository
public interface PersonMapper {/*** 表示登录** @param user_id* @param user_password* @return*/int checkLogin(@Param("user_id") int user_id, @Param("user_password") String user_password);/*** 返回的是刚刚插入的主键值* @param p* @return*/int addPerson(Person p);/*** 根据用户 的id 来查找用户信息* @param id* @return*/Person findPersonById(int id);/*** 修改用户 信息* @param person* @return*/int modifyPerson(Person person);/*** 根据 用户等级,查找所有用户* @param user_lev* @return*/List<Person> findPersonAll(int user_lev);/*** 删除 用户* @param user_id* @return*/int deletePerson(int user_id);/*** 修改钱** @param user_money* @param user_id* @return*/int addMoney(@Param("user_money") Double user_money, @Param("user_id") int user_id);int findid();Person findPersonByName(String user_name);
}7. 创建 service
package com.example.demo.service;import com.example.demo.entity.Person;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;import java.util.List;@Service
public interface LoginService{Person loginCheck(int user_id, String user_name);List<Person> findall(int user_lev);Person selectPersonById(Integer id);Person selectPersonByName(String name);Boolean addPerson(Person person);
}
package com.example.demo.service.impl;import com.example.demo.entity.Person;
import com.example.demo.mapper.PersonMapper;
import com.example.demo.service.LoginService;
import lombok.extern.java.Log;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;import java.util.List;@Service
@Transactional
public class LoginServiceImpl implements LoginService {@AutowiredPersonMapper personMapper;/**** @param user_id* @param user_name* @return*/@Overridepublic Person loginCheck(int user_id, String user_name) {return personMapper.findPersonById(user_id);}/*** 按照等级查找用户* @param user_lev* @return*/@Overridepublic List<Person> findall(int user_lev) {return personMapper.findPersonAll(user_lev);}@Overridepublic Person selectPersonById(Integer id) {return personMapper.findPersonById(id);}@Overridepublic Person selectPersonByName(String name) {return personMapper.findPersonByName(name);}@Overridepublic Boolean addPerson(Person person) {int result=personMapper.addPerson(person);return result>0;}}8. 创建 Controller
package com.example.demo.controller;import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;/*** @author bn*/
@Controller
public class JumpController {@RequestMapping("/login")public String user(){return "login";}@RequestMapping("/register")public String red(){return "register";}
}package com.example.demo.controller;import com.example.demo.entity.Person;
import com.example.demo.entity.ResultData;
import com.example.demo.service.LoginService;
import com.example.demo.utils.ShiroUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;import java.util.ArrayList;
import java.util.List;/*** 用户控制类*/
@Controller
@RequestMapping("/person")
public class LoginController {protected static final Logger logger = LoggerFactory.getLogger(com.example.demo.controller.LoginController.class);LoginService loginService;@Autowiredpublic void setLoginService(LoginService loginService) {this.loginService = loginService;}@RequestMapping("/test")@RequiresRoles("user")public String test(){return "test";}@RequestMapping("/admin")@RequiresRoles("admin")public String amdin(){return "admin";}@RequestMapping("/user")public String user(){return "user";}@RequestMapping("/login")public String login(String user_name, String user_password){System.out.println(user_name+" "+user_password);try {UsernamePasswordToken usernamePasswordToken=new UsernamePasswordToken(user_name,user_password);Subject subject= SecurityUtils.getSubject();subject.login(usernamePasswordToken);}catch (UnknownAccountException e){e.printStackTrace();System.out.println("用户名错误");return "login";} catch (IncorrectCredentialsException e){System.out.println("密码错误");e.printStackTrace();return "login";}catch (Exception e){e.printStackTrace();return "login";}return "success";}@RequestMapping("/findAll")@ResponseBodypublic ResultData<List<Person>> findAll(@RequestParam("user_lev") int user_lev){ResultData<List<Person>> data=new ResultData<>();System.out.println(user_lev);try {List<Person> result= new ArrayList<>();result=loginService.findall(user_lev);if(result!=null&&result.size()>=0){data.setCode(200);data.setMessage("查找成功");data.setData(result);}else {data.setCode(-1);data.setMessage("查找失败");data.setData(null);}}catch (Exception e){e.printStackTrace();logger.info("对不起 登录出现问题");}return data;}@RequestMapping("/register")public String register(String user_name, String user_password,Integer user_lev){System.out.println(user_name+" "+user_password);Person person=new Person();String salt=ShiroUtils.getRandomSalt(8);// 这里进行盐处理String password=ShiroUtils.md5(user_password,salt);person.setUser_name(user_name);person.setUser_password(password);person.setUser_address("");person.setUser_lev(user_lev);person.setUser_salt(salt);person.setUser_gender(1);person.setUser_money(0.0);System.out.println("存储的"+person);Boolean result=loginService.addPerson(person);if(result){return "login";}else {return "register";}}
}9. 创建Redis 配置类
package com.example.demo.config.redis;import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.type.TypeFactory;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.data.redis.serializer.SerializationException;
import com.alibaba.fastjson.parser.ParserConfig;
import org.springframework.util.Assert;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
/*** FastJson2JsonRedisSerializer* Redis使用FastJson序列化* by zhengkai.blog.csdn.net*/
public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T> {private ObjectMapper objectMapper = new ObjectMapper();public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");private Class<T> clazz;static {ParserConfig.getGlobalInstance().setAutoTypeSupport(true); //如果遇到反序列化autoType is not support错误,请添加并修改一下包名到bean文件路径// ParserConfig.getGlobalInstance().addAccept("com.xxxxx.xxx");}public FastJson2JsonRedisSerializer(Class<T> clazz) {super();this.clazz = clazz;}@Overridepublic byte[] serialize(T t) throws SerializationException {if (t == null) {return new byte[0];}return JSON.toJSONString(t, SerializerFeature.WriteClassName).getBytes(DEFAULT_CHARSET);}@Overridepublic T deserialize(byte[] bytes) throws SerializationException {if (bytes == null || bytes.length <= 0) {return null;}String str = new String(bytes, DEFAULT_CHARSET);return JSON.parseObject(str, clazz);}public void setObjectMapper(ObjectMapper objectMapper) {Assert.notNull(objectMapper, "'objectMapper' must not be null");this.objectMapper = objectMapper;}protected JavaType getJavaType(Class<?> clazz) {return TypeFactory.defaultInstance().constructType(clazz);}}package com.example.demo.config.redis;import com.alibaba.fastjson.support.spring.FastJsonRedisSerializer;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.StringRedisSerializer;
import org.springframework.stereotype.Component;/*** @author bn*/
@Data
@Component
@Configuration
@Slf4j
public class RedisConfig {@Beanpublic RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) {RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();redisTemplate.setConnectionFactory(redisConnectionFactory);FastJsonRedisSerializer<Object> fastJsonRedisSerializer = new FastJsonRedisSerializer<>(Object.class);// 设置值value的序列化方式redisTemplate.setValueSerializer(fastJsonRedisSerializer);redisTemplate.setHashValueSerializer(fastJsonRedisSerializer);// 设置键key的序列化方式redisTemplate.setKeySerializer(new StringRedisSerializer());redisTemplate.setHashKeySerializer(new StringRedisSerializer());redisTemplate.afterPropertiesSet();return redisTemplate;}}
10 .创建 RedisUtils
package com.example.demo.utils;import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;import javax.annotation.Resource;@Component
public class RedisUtil implements ApplicationContextAware {private static RedisTemplate redisTemplate;public static RedisTemplate get(){return redisTemplate;}@Overridepublic void setApplicationContext(ApplicationContext applicationContext) throws BeansException {redisTemplate=(RedisTemplate)applicationContext.getBean("redisTemplate");}// public String get(String key) {// if (StringUtils.isEmpty(key)) {// return null;
// }
// return redisTemplate.opsForValue().get(key);
// }
//
// public void set(String key, String value) {// if (StringUtils.isEmpty(key) || StringUtils.isEmpty(value)) {// return;
// }
// redisTemplate.opsForValue().set(key, value);
// }
}
11. 创建自定义 Realm
package com.example.demo.config.shiro;import com.example.demo.entity.Person;
import com.example.demo.service.LoginService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;/*** 自定义的 Realm 这里进行 用户认证和授权的操作* 我们这里假定 user_lev =1 就是用户的操作,user_lev=2 就是 管理员的操作*/
public class ShiroRealm extends AuthorizingRealm {@AutowiredLoginService loginService;/*** 这里进行授权* @param principalCollection* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {System.out.println("=======授权=====");String name=(String)principalCollection.getPrimaryPrincipal();System.out.println("身份信息为 "+name);// 查询数据库,获取 角色信息Person person=loginService.selectPersonByName(name);int lev=person.getUser_lev();SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();// 等级为 1 ,就是 userif(lev==1){simpleAuthorizationInfo.addRole("user");// 等级为 2 ,就是 admin}else{simpleAuthorizationInfo.addRole("admin");}return simpleAuthorizationInfo;}/*** 认证是否有这个用户* @param authenticationToken* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {// 获取用户的 nameString name=(String) authenticationToken.getPrincipal();Person person=loginService.selectPersonByName(name);System.out.println("=======认证=====");System.out.println(name);// 表示有这个用户if(person!=null&&person.getUser_name()!=null){String password=person.getUser_password();String salt=person.getUser_salt();// 这里是 和 Controller 层中的UsernamePasswordToken 密码进行比较SimpleAuthenticationInfo simpleAuthorizationInfo=new SimpleAuthenticationInfo(name,password,new Md5Hash(salt),this.getName());return simpleAuthorizationInfo;}return null;}
}12. 创建Shiro缓存
package com.example.demo.config.shiro;import com.example.demo.utils.RedisUtil;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;import javax.annotation.Resource;
import java.util.Collection;
import java.util.Set;/*** 重写Shiro 中的缓存* @param <K>* @param <V>*/
//@Component
public class ShiroCache<K,V> implements Cache<K,V> {/*** 获取Cache* @param k* @return* @throws CacheException*/@Overridepublic V get(K k) throws CacheException {System.out.println("ShiroCache get===key "+ k);if(k==null){return null;}else {RedisTemplate redisTemplate=RedisUtil.get();return (V)redisTemplate.opsForValue().get(k);}}/**** @param k* @param v* @return* @throws CacheException*/@Overridepublic V put(K k, V v) throws CacheException {System.out.println(k+"=ShiroCache=="+v);
// System.out.println("redisUtils=="+redisUtil);RedisTemplate redisTemplate=RedisUtil.get();
// System.out.println("redisTemplate=="+redisTemplate);
// System.out.println(redisUtil==null);redisTemplate.opsForValue().set(k.toString(),v);return null;}@Overridepublic V remove(K k) throws CacheException {RedisTemplate redisTemplate=RedisUtil.get();redisTemplate.delete(k);return null;}@Overridepublic void clear() throws CacheException {RedisTemplate redisTemplate=RedisUtil.get();Set<String> keys = redisTemplate.keys("*");redisTemplate.delete(keys);}@Overridepublic int size() {return 0;}@Overridepublic Set<K> keys() {return null;}@Overridepublic Collection<V> values() {return null;}
}package com.example.demo.config.shiro;import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.apache.shiro.cache.CacheManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;/*** @author bn*/
@Component
public class ShiroCacheManager implements CacheManager {@Overridepublic <K, V> Cache<K, V> getCache(String s) throws CacheException {System.out.println("shiro 缓存"+s);return new ShiroCache<K,V>();}
}13. 创建 自定义的ShiroFilter
package com.example.demo.config.shiro;import com.example.demo.service.LoginService;
import com.example.demo.utils.ShiroUtils;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;import java.util.HashMap;
import java.util.Map;/*** 配置shiro*/
@Configuration
public class ShiroConfig {@AutowiredLoginService loginService;// 1. 创建 ShiroFilter@Bean("shiroFilterFactoryBean")public ShiroFilterFactoryBean getshiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();// 设置 安全管理器System.out.println("=======ShiroFilterFactoryBean======");bean.setSecurityManager(defaultWebSecurityManager);// 设置文件资源Map<String ,String> map=new HashMap<>();// 开放了 login ,和 register 页面map.put("/login","anon");// 开放首页map.put("/register","anon");map.put("/person/login","anon");map.put("/person/register","anon");// 拦截了 /findAll 这个请求 ,这个资源需要 授权加上认证。所以访问不了map.put("/person/findAll","authc");// 剩下的两个 路由,因为添加了 注解,所以这里不需要添加 ,也是有用的bean.setFilterChainDefinitionMap(map);bean.setUnauthorizedUrl("quanxian");// 如果文件资源没有权限,跳转到那个页面bean.setLoginUrl("login");return bean;}/*** 2. 创建 web 类型的 安全管理器* @param realm* @return*/@BeanDefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("getRealm") Realm realm){DefaultWebSecurityManager manager=new DefaultWebSecurityManager();manager.setRealm(realm);return manager;}/*** 自定义一个 Realm 管理器* @return*/@Bean("getRealm")public Realm realm(){// 设置算法的密度HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();//设置Md5 加密hashedCredentialsMatcher.setHashAlgorithmName(ShiroUtils.hashAlgorithmName);// 设置hash 散列度hashedCredentialsMatcher.setHashIterations(ShiroUtils.hashIterations);ShiroRealm realm=new ShiroRealm();realm.setCredentialsMatcher(hashedCredentialsMatcher);realm.setCacheManager(new ShiroCacheManager());realm.setCachingEnabled(true);// 开启全局缓存realm.setAuthenticationCachingEnabled(true);realm.setAuthenticationCacheName("renZhenCache");realm.setAuthorizationCachingEnabled(true);realm.setAuthorizationCacheName("shouQuanCache");return realm;}
}14. 创建异常处理器
package com.example.demo.exception;import com.example.demo.entity.ResultData;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;/*** @author bn*/
@ControllerAdvice
public class MyControllerAdvice {/*** 全局异常捕捉处理* @param ex* @return*/@ResponseBody@ExceptionHandler(value = Exception.class)public ResultData<String> errorHandler(Exception ex) {ResultData<String> data=new ResultData<>();data.setCode(-1);data.setMessage("对不起没有权限");data.setData("错误");return data;}/*** 拦截捕捉自定义异常 MyException.class* @param ex* @return*/
// @ResponseBody
// @ExceptionHandler(value = MyException.class)
// public Map myErrorHandler(MyException ex) {
// Map map = new HashMap();
// map.put("code", ex.getCode());
// map.put("msg", ex.getMsg());
// return map;
// }}
3.2 内置过滤器
| 过滤器名字 | 名称 | 用途 |
|---|---|---|
| anon(匿名) | org.apache.shiro.web.filter.authc.AnonymousFilter | 公共资源 |
| authc(身份验证) | org.apache.shiro.web.filter.authc.FormAuthenticationFilter | |
| authcBasic(http基本验证) | org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter | |
| logout(退出) | org.apache.shiro.web.filter.authc.LogoutFilter | |
| noSessionCreation(不创建session) | org.apache.shiro.web.filter.session.NoSessionCreationFilter | |
| perms(许可验证) | org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter | |
| port(端口验证) | org.apache.shiro.web.filter.authz.PortFilter | |
| rest (rest方面) | org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter | |
| roles(权限验证) | org.apache.shiro.web.filter.authz.RolesAuthorizationFilter | |
| ssl (ssl方面) | org.apache.shiro.web.filter.authz.SslFilter | |
| user (用户方面) | org.apache.shiro.web.filter.authc.UserFilter |
4. Shiro+JWT 的使用,
实现无session ,前后端分离
1.用户登陆之后,使用密码对账号进行签名生成并返回token并设置过期时间;
2.将token保存到本地,并且每次发送请求时都在header上携带token。
3.shiro过滤器拦截到请求并获取header中的token,并提交到自定义realm的doGetAuthenticationInfo方法。
4.通过jwt解码获取token中的用户名,从数据库中查询到密码之后根据密码生成jwt效验器并对token进行验证。
Shiro 教程_1相关推荐
- Shiro 教程,Shiro教程0.2 下载,Shiro功能修复与升级说明。
2019独角兽企业重金招聘Python工程师标准>>> Shiro + SSM(框架) + Freemarker(jsp)讲解的权限控制Demo,还不赶快去下载? 原文链接:http ...
- Apache Shiro教程
跟开涛学系列: 来自开涛的Apache Shiro教程:http://jinnianshilongnian.iteye.com/blog/2018398 附带的代码例子:https://github. ...
- shiro教程(2)- shiro介绍
shiro教程系列 shiro教程(3)-shiro授权 1 shiro介绍 1.1 什么是shiro Shiro是apache旗下一个开源框架,它将软件系统的安全认证相关的功能抽取出来,实现用户身 ...
- [Shiro教程] Shiro 教程基于SSM(SpringMVC + Spring + Mybatis)EHCache版本
一.Shiro简介 Apache Shiro 是 Java 的一个安全框架.我们经常看到它被拿来和 Spring 的 Security 来对比.大部分人认为 Shiro 比 Security ...
- [Shiro教程] Shiro 教程基于SSM(SpringMVC + Spring + Mybatis)
一.Shiro简介 Apache Shiro 是 Java 的一个安全框架.我们经常看到它被拿来和 Spring 的 Security 来对比.大部分人认为 Shiro 比 Security ...
- 2017.2.16 开涛shiro教程-第十七章-OAuth2集成(一)服务器端
原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398 根据下载的pdf学习. 开涛shiro教程-第十七章-OAuth2集成 1.OAuth2介 ...
- 2017.2.15 开涛shiro教程-第二十一章-授予身份与切换身份(二) controller
原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398 根据下载的pdf学习. 开涛shiro教程-第二十一章-授予身份与切换身份(二) 1.回顾 ...
- 2017.2.12 开涛shiro教程-第七章-与Web集成
2017.2.9 开涛shiro教程-第七章-与Web集成(一) 原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398 根据下载的pdf学习. ...
- shiro教程1(HelloWorld)
shiro简介 官网 Apache Shiro是一个强大且易用的Java安全框架,执行身份验证.授权.密码和会话管理.使用Shiro的易于理解的API,您可以快速.轻松地获得任何应用程序,从最小的 ...
最新文章
- 【MATLAB】数据分析之函数数值积分
- Java程序在命令行的编译运行
- php mysql怎么实现,使用php与mysql怎么实现一个无限级分类
- php分页教程,php 如何分页 教程
- DOM 节点类型及属性
- 现在是小程序最好的时代
- 计算机图形学生活应用,计算机图形学的应用实例(计算机图形作业).doc
- 测试面试题集-1.测试基础理论
- Zipkin-1.19.0学习系列13: Brave-Web-Filter的filter机制分析
- 安全分析:叫好不叫座
- 菜鸟安装Linux的问题记录
- 论文翻译|疾病自动编码|Clinical-Coder: Assigning Interpretable ICD-10 Codes to Chinese Clinical Notes
- 批处理实现软件静默批量安装
- 单片机、嵌入式ARM学习网站推荐(多年的积累)
- 房地产开发项目管理浅析
- 注册表-隐藏快捷图标斜箭头
- EMV规范(五)——脱机数据认证
- 关于鼠标右键无法正常加载一直转圈
- SQL SERVER 日期时间 格式
- idc机房托管服务器数据相关常见问题解答