-
Shiro简例
目录
UserRealm
包含两个方法,用户的授权和登录认证。
- public class UserRealm extends AuthorizingRealm {
- //用户授权
- @Override
- protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
- //获取MenuService
- MenuService menuService = ApplicationContextRegister.getBean(MenuService.class);
- //获取用户id
- Long userId = ShiroUtils.getUserId();
- //获取该对象的权限列表
- Set<String> parms = menuService.getParms(userId);
- SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
- for (String parm : parms) {
- info.addStringPermission(parm);
- }
- return info;
- }
- //登录认证
- @Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
- //包含用户输入的信息 如用户名和密码
- UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
- String userName = (String) usernamePasswordToken.getPrincipal();
- //从数据库中 根据用户名查询用户信息
- UserDao userDao = ApplicationContextRegister.getBean(UserDao.class);
- User u = userDao.getUserByUserName(userName);
- String password = new String(usernamePasswordToken.getPassword());
- if (u == null){
- throw new UnknownAccountException("账号或者密码不正确");
- }
- else if (!password.equals(u.getPassword())){
- throw new IncorrectCredentialsException("账号或密码不正确");
- }
- // 账号锁定
- if (u.getStatus() == 0) {
- throw new LockedAccountException("账号已被锁定,请联系管理员");
- }
- //user对象、数据库中的密码,当前类的名字
- return new SimpleAuthenticationInfo(u, u.getPassword(), getName());
- }
- }
ApplicationContextRegister
实现接口ApplicationContextAware ,获取Spring的ioc容器,方便获取java bean。
- @Repository
- public class ApplicationContextRegister implements ApplicationContextAware {
- private static Logger logger = LoggerFactory.getLogger(ApplicationContextAware.class);
- private static ApplicationContext APPLICATION_CONTEXT;
- @Override
- public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
- logger.info("applicationContext--->",applicationContext);
- APPLICATION_CONTEXT = applicationContext;
- }
- public static ApplicationContext getApplicationContext(){
- return APPLICATION_CONTEXT;
- }
- public static <T> T getBean(Class<T> type ){
- return APPLICATION_CONTEXT.getBean(type);
- }
- }
ShiroUtil
方便获取用户对象及信息
- public class ShiroUtils {
- public static Subject getSubject(){
- Subject subject = SecurityUtils.getSubject();
- return subject;
- }
- public static User getUser(){
- User user = (User) getSubject().getPrincipal();
- return user;
- }
- public static Long getUserId(){
- return getUser().getUserId();
- }
- public static void logout(){
- getSubject().logout();
- }
- }
UsernamePasswordToken
AuthenticationToken 用于收集用户提交的身份(如用户名)及凭据(如密码):
- public interface AuthenticationToken extends Serializable {
- Object getPrincipal(); //身份 用户名
- Object getCredentials(); //凭据 密码
- }
扩展接口RememberMeAuthenticationToken:提供了“boolean isRememberMe()”现“记住我”的功能;扩展接口是HostAuthenticationToken:提供了“String getHost()”方法用于获取用户“主机”的功能。
Shiro 提供了一个直接拿来用的UsernamePasswordToken,用于实现用户名/密码Token组,另外其实现了RememberMeAuthenticationToken和HostAuthenticationToken,可以实现记住我及主机验证的支持。
- getPrincipal 与 getUserName
- getCredentials 与 getPassword
SimpleAuthenticationInfo
密码验证,交予shiro做。将数据库中的密码和前端传回的密码进行匹配。
- //user对象、数据库中的密码,当前类的名字
- new SimpleAuthenticationInfo(u, u.getPassword(), getName());
ShiroConfig
shiro的配置文件,配置三个组件。
ShiroFilterFactoryBean 、SecurityManager 、UserRealm
- @Configuration
- public class ShiroConfig {
- @Bean
- ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
- ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
- shiroFilterFactoryBean.setSecurityManager(securityManager);
- //设置登录失败,授权成功、授权失败之后的uri
- shiroFilterFactoryBean.setLoginUrl("/login");
- shiroFilterFactoryBean.setSuccessUrl("/index");
- shiroFilterFactoryBean.setUnauthorizedUrl("/403");
- //设置资源权限
- /*
- anon 无拦截
- authc 认证后登录
- user 拥有记住我访问
- perms 拥有某个资源权限权限
- role 拥有某个角色权限权限
- */
- LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
- filterChainDefinitionMap.put("/login","anon");
- filterChainDefinitionMap.put("/getVerify","anon");
- filterChainDefinitionMap.put("/css/**", "anon");
- filterChainDefinitionMap.put("/js/**", "anon");
- filterChainDefinitionMap.put("/fonts/**", "anon");
- filterChainDefinitionMap.put("/img/**", "anon");
- filterChainDefinitionMap.put("/docs/**", "anon");
- filterChainDefinitionMap.put("/druid/**", "anon");
- filterChainDefinitionMap.put("/upload/**", "anon");
- filterChainDefinitionMap.put("/files/**", "anon");
- filterChainDefinitionMap.put("/logout", "logout");
- filterChainDefinitionMap.put("/", "anon");
- filterChainDefinitionMap.put("/blog", "anon");
- filterChainDefinitionMap.put("/blog/open/**", "anon");
- filterChainDefinitionMap.put("/**", "authc");
- shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
- return shiroFilterFactoryBean;
- }
- @Bean
- public SecurityManager securityManager(){
- DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
- securityManager.setRealm(userRealm());
- return securityManager;
- }
- @Bean
- UserRealm userRealm(){
- return new UserRealm();
- }
- // ShiroDialect 用来整合 shiro-thymeleaf整合
- @Bean
- public ShiroDialect getShiroDialect(){
- return new ShiroDialect();
- }
- }
前端接收参数
- @PostMapping("/login")
- @ResponseBody
- public ResponseInfo login(String username, String password, String verify, HttpSession session,HttpServletRequest request){
- String key = (String) session.getAttribute(RandomValidateCodeUtil.RANDOMCODEKEY);
- System.out.println(key);
- if (verify.length() != 0 && verify != ""){
- if (verify.equals(key)){
- //加密
- String encrypt = MD5Utils.encrypt(username,password);
- UsernamePasswordToken token = new UsernamePasswordToken(username, encrypt);
- Subject subject = SecurityUtils.getSubject();
- //跳转到UserRealm中的用户登录中
- subject.login(token);
- logger.info("登录成功");
- return ResponseInfo.ok();
- }
- return ResponseInfo.error(1,"验证码错误");
- }else {
- logger.error("验证码错误");
- return ResponseInfo.error(1,"验证码不能为空!");
- }
- }
-
相关阅读:
1359:围成面积
云计算介绍
对于JSP原理以及源码的深入剖析与理解心得
商城免费搭建之java商城 开源java电子商务Spring Cloud+Spring Boot+mybatis+MQ+VR全景+b2b2c
MongoDB聚合运算符:$cond
Xilinx FPGA DDR3设计(三)DDR3 IP核详解及读写测试
Go-Excelize API源码阅读(十五)——SetSheetViewOptions
Spring与Redis的整合&&Redis注解式缓存以及Redis雪崩等问题的解决
得物App弱网诊断探索之路
Feign配置应用
- 原文地址:https://blog.csdn.net/qq_56800327/article/details/125606655
