• shiro授权

    目录

    一、shiro授权角色、权限

    1、Mapper层、servlet层

    二、shiro的 授权的方法 

    运行:

     二、Shiro的注解式开发

    1、常用注解介绍

    2、测试

    controller层

    一、shiro授权角色、权限

    1、Mapper层、servlet层

    UserMapper.xml中新增方法

    1. <select id="selectRoleIdsByUserName" resultType="java.lang.String" parameterType="java.lang.String" >
    2.     select
    3.     roleid from t_shiro_user u,t_shiro_user_role ur
    4.     where u.userid = ur.userid and u.username=#{userName}
    5.   select>
    6.  
    7.   <select id="selectPerIdsByUserName" resultType="java.lang.String" parameterType="java.lang.String" >
    8.     select
    9.     rp.perid from t_shiro_user u,t_shiro_user_role ur,
    10.     t_shiro_role_permission rp
    11.     where
    12.     u.userid = ur.userid and ur.roleid = rp.roleid and u.username=#{userName}
    13.   select>

    UserMapper.java

    1. package com.zking.ssm.mapper;
    2.  
    3. import com.zking.ssm.model.User;
    4. import org.apache.ibatis.annotations.Param;
    5. import org.springframework.stereotype.Repository;
    6.  
    7. import java.util.Set;
    8.  
    9. @Repository
    10. public interface UserMapper {
    11.     int deleteByPrimaryKey(Integer userid);
    12.  
    13.     int insert(User record);
    14.  
    15.     int insertSelective(User record);
    16.  
    17.     User selectByPrimaryKey(Integer userid);
    18.  
    19.     //通过用户名查询用户信息
    20.     User queryByName(@Param("userName") String userName);
    21.  
    22.     //通过用户名查询对应的角色
    23.     Set selectRoleIdsByUserName(@Param("userName") String userName);
    24.  
    25.     //通过用户名查询对应的权限
    26.     Set selectPerIdsByUserName(@Param("userName") String userName);
    27.  
    28.     int updateByPrimaryKeySelective(User record);
    29.  
    30.     int updateByPrimaryKey(User record);
    31. }

    UserBiz.java

    1. package com.zking.ssm.biz;
    2.  
    3. import com.zking.ssm.model.User;
    4. import org.apache.ibatis.annotations.Param;
    5.  
    6. import java.util.Set;
    7.  
    8. public interface UserBiz {
    9.     int deleteByPrimaryKey(Integer userid);
    10.  
    11.     int insert(User record);
    12.  
    13.     int insertSelective(User record);
    14.  
    15.     User selectByPrimaryKey(Integer userid);
    16.  
    17.     User queryByName(String userName);
    18.  
    19.     int updateByPrimaryKeySelective(User record);
    20.  
    21.     int updateByPrimaryKey(User record);
    22.  
    23.     //通过用户名查询对应的角色
    24.     Set selectRoleIdsByUserName(String userName);
    25.  
    26.     //通过用户名查询对应的权限
    27.     Set selectPerIdsByUserName(String userName);
    28. }

    UserBizImpl.java

    1. package com.zking.ssm.impl;
    2.  
    3. import com.zking.ssm.biz.UserBiz;
    4. import com.zking.ssm.mapper.UserMapper;
    5. import com.zking.ssm.model.User;
    6. import org.springframework.beans.factory.annotation.Autowired;
    7. import org.springframework.stereotype.Service;
    8.  
    9. import java.util.Set;
    10.  
    11. /**
    12.  * @author 白未
    13.  * @site 3185579318
    14.  * @company xxx公司
    15.  * @create  2022-08-26 12:54
    16.  */
    17. @Service("userBiz")
    18. public class UserBizImpl implements UserBiz {
    19.     @Autowired
    20.     private UserMapper userMapper;
    21.     @Override
    22.     public int deleteByPrimaryKey(Integer userid) {
    23.         return userMapper.deleteByPrimaryKey(userid);
    24.     }
    25.  
    26.     @Override
    27.     public int insert(User record) {
    28.         return userMapper.insert(record);
    29.     }
    30.  
    31.     @Override
    32.     public int insertSelective(User record) {
    33.         return userMapper.insertSelective(record);
    34.     }
    35.  
    36.     @Override
    37.     public User selectByPrimaryKey(Integer userid) {
    38.         return userMapper.selectByPrimaryKey(userid);
    39.     }
    40.  
    41.     @Override
    42.     public User queryByName(String userName) {
    43.         return userMapper.queryByName(userName);
    44.     }
    45.  
    46.     @Override
    47.     public int updateByPrimaryKeySelective(User record) {
    48.         return userMapper.updateByPrimaryKeySelective(record);
    49.     }
    50.  
    51.     @Override
    52.     public int updateByPrimaryKey(User record) {
    53.         return userMapper.updateByPrimaryKey(record);
    54.     }
    55.  
    56.     @Override
    57.     public Set selectRoleIdsByUserName(String userName) {
    58.         return userMapper.selectRoleIdsByUserName(userName);
    59.     }
    60.  
    61.     @Override
    62.     public Set selectPerIdsByUserName(String userName) {
    63.         return userMapper.selectPerIdsByUserName(userName);
    64.     }
    65. }

    二、shiro的 授权的方法 

    1. package com.zking.ssm.shiro;
    2.  
    3. import com.zking.ssm.biz.UserBiz;
    4. import com.zking.ssm.model.User;
    5. import org.apache.shiro.authc.AuthenticationException;
    6. import org.apache.shiro.authc.AuthenticationInfo;
    7. import org.apache.shiro.authc.AuthenticationToken;
    8. import org.apache.shiro.authc.SimpleAuthenticationInfo;
    9. import org.apache.shiro.authz.AuthorizationInfo;
    10. import org.apache.shiro.authz.SimpleAuthorizationInfo;
    11. import org.apache.shiro.realm.AuthenticatingRealm;
    12. import org.apache.shiro.realm.AuthorizingRealm;
    13. import org.apache.shiro.subject.PrincipalCollection;
    14. import org.apache.shiro.util.ByteSource;
    15.  
    16. import java.util.Set;
    17.  
    18. /**
    19.  * @author 白未
    20.  * @site 3185579318
    21.  * @company xxx公司
    22.  * @create  2022-08-26 13:00
    23.  */
    24.  
    25. public class MyRealm extends AuthorizingRealm {
    26.     public UserBiz userBiz;
    27.  
    28.     public UserBiz getUserBiz() {
    29.         return userBiz;
    30.     }
    31.  
    32.     public void setUserBiz(UserBiz userBiz) {
    33.         this.userBiz = userBiz;
    34.     }
    35.  
    36.  
    37.     /**
    38.      * 授权
    39.      * @param principalCollection
    40.      * @return
    41.      */
    42.     @Override
    43.     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    44.         String userName = principalCollection.getPrimaryPrincipal().toString();//获取当前用户名
    45.         Set roleIds = userBiz.selectRoleIdsByUserName(userName);
    46.         Set perIds = userBiz.selectPerIdsByUserName(userName);
    47.         SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
    48. //      将当前登录的 权限 交给 shiro的授权器
    49.         info.setStringPermissions(perIds);
    50. //      将当前登录的 角色 交给 shiro的授权器
    51.         info.setRoles(roleIds);
    52.         return info;
    53.     }
    54.  
    55.     /**
    56.      * 认证
    57.      * @param authenticationToken
    58.      * @return
    59.      * @throws AuthenticationException
    60.      */
    61.     @Override
    62.     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    63.         String userName = authenticationToken.getPrincipal().toString();
    64.         User user = userBiz.queryByName(userName);
    65.         AuthenticationInfo info = new SimpleAuthenticationInfo(
    66.                 user.getUsername(),
    67.                 user.getPassword(),
    68.                 ByteSource.Util.bytes(user.getSalt()),
    69.                 this.getName()//realm的名字
    70.         );
    71.         return info;
    72.     }
    73. }

    角色与权限的结果要与applicationContext-shiro.xml的配置保持一致 

    角色:4
    权限:2

    运行:

    登录zs

     点击用户新增,没有权限

     zdm登录点击用户新增

     zs登录点击老师简介

    ls登录点击老师简介

     

     二、Shiro的注解式开发

    1、常用注解介绍

     @RequiresAuthenthentication:表示当前Subject已经通过login进行身份验证;即 Subject.isAuthenticated()返回 true

      @RequiresUser:表示当前Subject已经身份验证或者通过记住我登录的

      @RequiresGuest:表示当前Subject没有身份验证或者通过记住我登录过,即是游客身份

      @RequiresRoles(value = {"admin","user"},logical = Logical.AND):表示当前Subject需要角色admin和user

      @RequiresPermissions(value = {"user:delete","user:b"},logical = Logical.OR):表示当前Subject需要权限user:delete或者user:b

    2、测试

     在springmvc-servlet.xml中添加拦截器相关配置

    1. <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
    2.       depends-on="lifecycleBeanPostProcessor">
    3.     <property name="proxyTargetClass" value="true">property>
    4. bean>
    5. <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
    6.     <property name="securityManager" ref="securityManager"/>
    7. bean>
    8.  
    9. <bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
    10.     <property name="exceptionMappings">
    11.         <props>
    12.             <prop key="org.apache.shiro.authz.UnauthorizedException">
    13.                 unauthorized
    14.             prop>
    15.         props>
    16.     property>
    17.     <property name="defaultErrorView" value="unauthorized"/>
    18. bean>

    controller层

    Shirocontroller.java

    1. package com.zking.ssm.controller;
    2.  
    3. import org.apache.shiro.authz.annotation.Logical;
    4. import org.apache.shiro.authz.annotation.RequiresPermissions;
    5. import org.apache.shiro.authz.annotation.RequiresRoles;
    6. import org.apache.shiro.authz.annotation.RequiresUser;
    7. import org.springframework.stereotype.Controller;
    8. import org.springframework.web.bind.annotation.RequestMapping;
    9.  
    10. /**
    11.  * @author 白未
    12.  * @site 3185579318
    13.  * @company xxx公司
    14.  * @create  2022-08-29 10:11
    15.  */
    16. @RequestMapping("/shiro")
    17. @Controller
    18. public class ShiroController {
    19.     //RequiresUser代表当前方法只有登录后才能访问
    20.     //RequiresUser等价于Spring-shiro.xml中的/user/updatePwd.jsp=authc配置
    21.     @RequiresUser
    22.     @RequestMapping("/passUser")
    23.     public String passUser(){
    24.         System.out.println("身份认认证通过");
    25.         return "admin/addUser";
    26.     }
    27.  
    28.     //RequiresRoles代表当前方法只有具备指定的角色才能访问
    29.     //RequiresRoles等价于Spring-shiro.xml中的/admin/*.jsp=roles[4]配置
    30.     @RequiresRoles(value = {"1","4"},logical = Logical.AND)
    31.     @RequestMapping("/passRole")
    32.     public String passRole(){
    33.         System.out.println("角色认认证通过");
    34.         return "admin/addUser";
    35.     }
    36.  
    37.     //RequiresPermissions代表当前方法只有具备指定的权限才能访问
    38.     //RequiresPermissions等价于Spring-shiro.xml中的/user/teacher.jsp=perms[2]配置
    39.     @RequiresPermissions(value = {"2"},logical = Logical.AND)
    40.     @RequestMapping("/passPermissions")
    41.     public String passPermissions(){
    42.         System.out.println("权限认认证通过");
    43.         return "admin/addUser";
    44.     }
    45. }

     OR代表只要满足value中的一个条件即可

  • 相关阅读:
    儿童智能口算数学宝/数学计算机开发方案:VK0256B LQFP64 LCD液晶段码屏驱动芯片工程技术支持
    【收藏系列】多线程的代码案例(单例模式 + 阻塞队列 + 定时器 + 线程池)
    让.NET 8 支持 Windows Vista RTM
    文字处理控件TX Text Control迎来2022年第一版重大更新x30版本,一起来看看都有哪些特色功能吧
    Java:Java 反射API简介
    css:详解BFC块级格式化上下文
    2022-9-20-C++11新特性
    新手学习:ArcGIS对shp文件裁剪
    Quartz核心原理之架构及基本元素介绍
    利用python连接linux虚机并执行命令
  • 原文地址:https://blog.csdn.net/yzq102873/article/details/126578159