Shiro授权及注解式开发
2024-08-26 21:47:07
目的:
shiro授权
shiro注解式开发
Shiro授权
首先设计shiro权限表:
从图中我们也清晰的看出五张表之间的关系
ShiroUserMapper
Set<String> getRolesByUserId(Integer uid);
Set<String> getPersByUserId(Integer uid);
ShiroUserMapper.xml
<select id="getRolesByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
select r.roleid from t_shiro_user u,t_shiro_user_role ur,t_shiro_role r
where u.userid = ur.userid and ur.roleid = r.roleid
and u.userid = #{uid}
</select>
<select id="getPersByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
select p.permission from t_shiro_user u,t_shiro_user_role ur,t_shiro_role_permission rp,t_shiro_permission p
where u.userid = ur.userid and ur.roleid = rp.roleid and rp.perid = p.perid
and u.userid = #{uid}
</select>
Service层
ShiroUserService
/**
* 角色验证
* @param uid
* @return
*/
Set<String> getRolesByUserId(Integer uid); /**
* 权限判断
* @param uid
* @return
*/
Set<String> getPersByUserId(Integer uid);
ShiroUserServiceIpml
@Service("shiroUserService")
public class ShiroUserServiceImpl implements ShiroUserService {
@Autowired
private ShiroUserMapper shiroUserMapper;
@Override
public ShiroUser queryByName(String userName) {
return shiroUserMapper.queryByName(userName);
}
@Override
public int insert(ShiroUser shiroUser) {
return shiroUserMapper.insert(shiroUser);
}
@Override
public Set<String> getRolesByUserId(Integer uid) {
return shiroUserMapper.getRolesByUserId(uid);
}
@Override
public Set<String> getPersByUserId(Integer uid) {
return shiroUserMapper.getPersByUserId(uid);
}
}
编写MyRealm中的授权方法去获取数据源
public class MyRealm extends AuthorizingRealm {
private ShiroUserService shiroUserService;
public ShiroUserService getShiroUserService() {
return shiroUserService;
}
public void setShiroUserService(ShiroUserService shiroUserService) {
this.shiroUserService = shiroUserService;
}
/**
* 授权
* @param principalCollection
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
ShiroUser shiroUser = this.shiroUserService.queryByName(principalCollection.getPrimaryPrincipal().toString());
Set<String> roleids = this.shiroUserService.getRolesByUserId(shiroUser.getUserid());
Set<String> perIds = this.shiroUserService.getPersByUserId(shiroUser.getUserid());
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.setRoles(roleids);
info.setStringPermissions(perIds);
return info;
}
}
Shiro注解式开发
常用注解介绍
@RequiresAuthenthentication:表示当前Subject已经通过login进行身份验证;即 Subject.isAuthenticated()返回 true
@RequiresUser:表示当前Subject已经身份验证或者通过记住我登录的
@RequiresGuest:表示当前Subject没有身份验证或者通过记住我登录过,即是游客身份
@RequiresRoles(value = {"admin","user"},logical = Logical.AND):表示当前Subject需要角色admin和user
@RequiresPermissions(value = {"user:delete","user:b"},logical = Logical.OR):表示当前Subject需要权限user:delete或者user:b
注意: 必须将Shiro注解的开启放置到spring-mvc.xml中(即放在springMVC容器中加载),不然Shiro注解开启无效!
所以我们要在Springmvc文件中配置他
Springmvc.xml
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true"></property>
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean> <bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.apache.shiro.authz.UnauthorizedException">
unauthorized
</prop>
</props>
</property>
<property name="defaultErrorView" value="unauthorized"/>
</bean>
再Controller中运用注解
/**
* @author 黄大娘
* @company dogsun
* @oreata 2019-10-14 21:28
*/
@Controller
public class ShiroUserController {
@Autowired
private ShiroUserService shiroUserService;/**
* 讲解身份认证的注释
* @param req
* @param resp
* @return
*/
@RequiresUser
@RequestMapping("/passUser")
public String passUser(HttpServletRequest req, HttpServletResponse resp){
return "admin/addUser";
} /**
* 角色认证的注释
* 此方法只有同时具备1.4两个角色id,才能访问
* @param req
* @param resp
* @return
*/
@RequiresRoles(value = {"1","4"},logical = Logical.AND)
@RequestMapping("/passRole")
public String passRole(HttpServletRequest req, HttpServletResponse resp){
return "admin/listUser";
} /**
* 如果角色,身份,权限的认证失败后的处理方式
* @param req
* @param resp
* @return
*/
@RequestMapping("/unauthorized")
public String ht(HttpServletRequest req, HttpServletResponse resp){
System.out.print("处理错误的方式!!!");
return "login";
}
/**
* 权限认证的注释
*
* @param req
* @param resp
* @return
*/
@RequiresPermissions(value = {"user:update","user:view"},logical = Logical.OR)
@RequestMapping("/passPer")
public String passPer(HttpServletRequest req, HttpServletResponse resp){
return "admin/resetPwd";
}
}
main.jsp测试
<ul>
shiro注解
<li>
<a href="${pageContext.request.contextPath}/passUser">身份认证</a>
</li>
<li>
<a href="${pageContext.request.contextPath}/passRole">角色认证</a>
</li>
<li>
<a href="${pageContext.request.contextPath}/passPer">权限认证</a>
</li>
</ul>
谢谢观看!
最新文章
- iOS在导航栏上居中显示分段控件(UISegmentedControl)
- Spring常见问题-通配符的匹配很全面, 但无法找到元素 'aop:aspectj-autoproxy' 的声明
- (转)C#特性学习与使用(为枚举定义Description)
- Oracle之虚拟索引
- 《Java程序员修炼之道》
- CommandLine 和 Options
- win2008远程桌面卡顿和上传慢的解决方法
- uva 11137 Ingenuous Cubrency(完全背包)
- Two-phase clustering process for outliers detection 文章翻译
- Linux内核入门到放弃-页面回收和页交换-《深入Linux内核架构》笔记
- AS导入一个工程出现Error:please select Android SDK的错误
- BugkuCTF sql注入
- sitecore系统教程之限制对客户端的访问
- 【二十二】mysqli事务处理与预处理总结
- [工作日志] 2018-11-21 主要: 改bug 自测 :校验图片后缀名
- HDU 2578(二分查找)
- mysql跨节点join——federated引擎
- linux 目标文件 bss,data,text,rodata,堆,栈***
- Hydra--密码破解的神器
- ActiveMq 高级特性的使用