• Shiro学习2----spring boot整合(JdbcRealm)

    1.JdbcRealm介绍

    认证流程(JdbcRealm)

    • subject调用login方法,将包含用户名密码的token传递给SecurityManager
    • SecurityManager就会调用认证器(Authenticator)进行认证
    • Authenticator就将token传递给绑定的Realm,在Realm中进行用户的认证检查;如果认证通过则正常执行,不通过则抛出认证异常

    2.JdbcRealm规定的表结构

    • 用户信息表:users
      1. create table users(
      2. 	id int primary key auto_increment,
      3. 	username varchar(60) not null unique,
      4. 	password varchar(20) not null,
      5. 	password_salt varchar(20)
      6. );
      7. insert into users(username,password) values("zhagnsan","123456");
      8. insert into users(username,password) values("lisi","123456");
      9. insert into users(username,password) values("wangwu","123456");
      10. insert into users(username,password) values("zhaoliu","123456");
      11. insert into users(username,password) values("chenqi","123456");
    • 角色信息表:user_roles
      1. create table user_roles(
      2. 	id int primary key auto_increment,
      3. 	username varchar(60) not null,
      4. 	role_name varchar(100) not null
      5. );
      6. --admin系统管理员
      7. --cmanager库管人员
      8. --xmanager销售人员
      9. --kmanager客服人员
      10. --zmanager行政人员
      11. insert into user_roles(username,role_name) values("zhagnsan",'admin');
      12. insert into user_roles(username,role_name) values("lisi",'cmanager');
      13. insert into user_roles(username,role_name) values("wangwu",'xmanager');
      14. insert into user_roles(username,role_name) values("zhaoliu",'kmanager');
      15. insert into user_roles(username,role_name) values("chenqi",'zmanager');
    •  权限信息表:roles_permissions
    1. create table roles_permissions(
    2. 	id int primary key auto_increment,
    3. 	role_name varchar(100) not null,
    4. 	permission varchar(100) not null
    5. );
    6. insert into roles_permissions(role_name,permission) values('admin','*');
    7. insert into roles_permissions(role_name,permission) values("cmanager","sys:c:save");
    8. insert into roles_permissions(role_name,permission) values("cmanager","sys:c:delete");
    9. insert into roles_permissions(role_name,permission) values("cmanager","sys:c:update");
    10. insert into roles_permissions(role_name,permission) values("cmanager","sys:c:find");
    11. insert into roles_permissions(role_name,permission) values("xmanager","sys:c:find");
    12. insert into roles_permissions(role_name,permission) values("xmanager","sys:x:save");
    13. insert into roles_permissions(role_name,permission) values("xmanager","sys:x:delete");
    14. insert into roles_permissions(role_name,permission) values("xmanager","sys:x:update");
    15. insert into roles_permissions(role_name,permission) values("xmanager","sys:x:find");
    16. insert into roles_permissions(role_name,permission) values("xmanager","sys:k:save");
    17. insert into roles_permissions(role_name,permission) values("xmanager","sys:k:delete");
    18. insert into roles_permissions(role_name,permission) values("xmanager","sys:k:update");
    19. insert into roles_permissions(role_name,permission) values("xmanager","sys:k:find");
    20. insert into roles_permissions(role_name,permission) values("kmanager","sys:k:find");
    21. insert into roles_permissions(role_name,permission) values("kmanager","sys:k:update");
    22. insert into roles_permissions(role_name,permission) values("zmanager","sys:*:find");

    3.SpringBoot整合Shiro

    创建spring boot应用添加依赖(同1)

    配置shiro

    1. package com.qfedu.shiro3.config;
    2. import org.apache.shiro.realm.jdbc.JdbcRealm;
    3. import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
    4. import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
    5. import org.springframework.context.annotation.Bean;
    6. import org.springframework.context.annotation.Configuration;
    7.  
    8. import javax.sql.DataSource;
    9. import java.util.HashMap;
    10. import java.util.Map;
    11.  
    12. @Configuration
    13. public class ShiroConfig {
    14.     //shiro方言
    15.     @Bean
    16.     public ShiroDialect getShiroDialect(){
    17.         return new ShiroDialect();
    18.     }
    19.     @Bean
    20.     public JdbcRealm getJdbcReam(DataSource dataSource){
    21.         JdbcRealm jdbcRealm = new JdbcRealm();
    22.         //JdbcRealm会自动从数据库查询用户及权限数据(数据库的表结构要符合JdbcRealm的规范)
    23.         jdbcRealm.setDataSource(dataSource);
    24.         //JdbcRealm默认开启认证功能,需要手动开启授权功能
    25.         jdbcRealm.setPermissionsLookupEnabled(true);
    26.         return jdbcRealm;
    27.     }
    28.     @Bean
    29.     public DefaultWebSecurityManager getDefaultWebSecurityManager(JdbcRealm jdbcRealm){
    30.         DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    31.         securityManager.setRealm(jdbcRealm);
    32.         return securityManager;
    33.     }
    34.     @Bean
    35.     public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager){
    36.         ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean();
    37.         //过滤器就是shiro进行权限校验的核心,进行认证和授权是需要SecurityManager的
    38.         filter.setSecurityManager(securityManager);
    39.  
    40.         /*设置shiro的拦截规则
    41.         anon    匿名用户可访问
    42.         authc   认证用户可访问
    43.         user    使用RemeberMe的用户可访问
    44.         perms   对应权限可访问
    45.         role    对应角色可访问
    46.          */
    47.         Map filterMap=new HashMap<>();
    48.         filterMap.put("/", "anon");
    49.         filterMap.put("/login.html", "anon");
    50.         filterMap.put("/regist.html", "anon");
    51.         filterMap.put("/user/login", "anon");
    52.         filterMap.put("user/regist", "anon");
    53.         filterMap.put("/static/**", "anon");
    54.         filterMap.put("/**", "authc");
    55.  
    56.         filter.setFilterChainDefinitionMap(filterMap);
    57.         filter.setLoginUrl("/login.html");
    58.         //设置未授权访问的页面路径
    59.         filter.setUnauthorizedUrl("/login.html");
    60.         return filter;
    61.     }
    62. }

    4.认证页面同1

    5.Shiro标签的使用

    当用户认证进入到主页面后,需要显示用户信息和当前用户的权限信息,shiro就提供了一套标签用在页面来进行权限数据的呈现

    shiro提供了可供jsp使用的标签以及Thymeleaf中标签

    jsp页面引用

    <%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags"%>

    Thymeleaf模板中引用

    pom文件中导入thymeleaf模板对shiro标签支持的依赖

    1.         <dependency>
    2.             <groupId>com.github.theborakompanioni</groupId>
    3.             <artifactId>thymeleaf-extras-shiro</artifactId>
    4.             <version>2.1.0</version>
    5.         </dependency>

    在shiroconfig中配置shiro的方言支持

    1. @Configuration
    2. public class ShiroConfig {
    3.     @Bean
    4.     public ShiroDialect getShiroDialect(){
    5.         return new ShiroDialect();
    6.     }

    Thymeleaf模板中引入shiro的命名空间

    1. <html xmlns:th="http://www.thymeleaf.org"
    2.       xmlns:shiro="http://www.pollix.at/thymeleaf/shiro">
    3. ...
    4. </html>

    常用标签

    1. html>
    2. <html xmlns:th="http://www.thymeleaf.org"
    3.       xmlns:shiro="http://www.pollix.at/thymeleaf/shiro">
    4. <head>
    5.     <meta charset="UTF-8">
    6.     <title>Titletitle>
    7. head>
    8. <body>
    9. index
    10. <hr/>
    12. <shiro:guest>
    13.     游客:<a href="login.html">登录a>
    14. shiro:guest>
    16. <shiro:user>
    18.     用户【<shiro:principal/>】欢迎您
    20.     当前用户为<shiro:hasRole name="admin">超级管理员shiro:hasRole>
    21.     订单管理
    23.     <shiro:hasPermission name="sys:x:save"><a href="#">添加订单a>shiro:hasPermission>
    24. shiro:user>
    25. body>
    26. html>

  • 相关阅读:
    Spring-RabbitMQ 消费者消息确认案例实践
    docker系列(2) - 常用命令篇
    [激光器原理与应用-14]:激光器企业组织内部结构解剖
    基于Unet的环路滤波
    关于 Rancher 与防火墙 firewalld 的一些注意事项
    SparkCore系列-5、RDD 函数练习
    计算机视觉全系列实战教程:(八)图像变换-点运算、灰度变换、直方图变换
    Java进阶(九)日志框架
    【8】Docker中部署Redis
    CICD—Linux下Jenkins+Gitlab 自动化打包安卓-APK
  • 原文地址:https://blog.csdn.net/m0_61107050/article/details/126849356