跳至内容
wiki
用户工具
登录
站点工具
工具
显示页面
修订记录
反向链接
最近更改
媒体管理器
网站地图
登录
最近更改
媒体管理器
网站地图
您的足迹:
分享:技术:shiro:spring整合shiro实现权限管理
本页面只读。您可以查看源文件,但不能更改它。如果您觉得这是系统错误,请联系管理员。
====== spring整合shiro实现权限管理 ====== ===== 加入pom依赖 ===== <code xml pom.xml> <dependencies> <!-- apache shiro security depandences --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-web</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.2.3</version> </dependency> </dependencies> </code> ===== web.xml ===== <code xml web.xml> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd" > <web-app> <display-name>Archetype Created Web Application</display-name> <!-- Context Configuration locations for Spring XML files --> <context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath*:/application-*.xml, classpath*:/hessian-servlet.xml </param-value> </context-param> <filter> <filter-name>encodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- shiro --> <!-- 配置Shiro过滤器,先让Shiro过滤系统接收到的请求 --> <!-- 这里filter-name必须对应applicationContext.xml中定义的<bean id="shiroFilter"/> --> <!-- 使用[/*]匹配所有请求,保证所有的可控请求都经过Shiro的过滤 --> <!-- 通常会将此filter-mapping放置到最前面(即其他filter-mapping前面),以保证它是过滤器链中第一个起作用的 --> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <!-- 该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理 --> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>*.htm</url-pattern> </filter-mapping> <!-- serlvet listeners --> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <listener> <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class> </listener> <!-- spring MVC --> <servlet> <servlet-name>dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>classpath*:/spring-mvc.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>*.htm</url-pattern> </servlet-mapping> <!-- hessian --> <servlet> <servlet-name>hessian</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>4</load-on-startup> </servlet> <servlet-mapping> <servlet-name>hessian</servlet-name> <url-pattern>/hessian/*</url-pattern> </servlet-mapping> <!-- welcome file list config --> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <jsp-config> <jsp-property-group> <display-name>JSPConfiguration</display-name> <url-pattern>*.jsp</url-pattern> <page-encoding>UTF-8</page-encoding> </jsp-property-group> </jsp-config> </web-app> </code> ===== application-shiro.xml ===== <code xml application-shiro.xml> <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jpa="http://www.springframework.org/schema/data/jpa" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd"> <!-- 继承自AuthorizingRealm的自定义Realm,即指定Shiro验证用户登录的类为自定义的ManageAuthorizingRealm.java --> <bean id="manageAuthorizingRealm" class="com.gxx.manage.shiro.ManageAuthorizingRealm" /> <!-- Shiro默认会使用Servlet容器的Session,可通过sessionMode属性来指定使用Shiro原生Session --> <!-- 即<property name="sessionMode" value="native"/>,详细说明见官方文档 --> <!-- 这里主要是设置自定义的单Realm应用,若有多个Realm,可使用'realms'属性代替 --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="manageAuthorizingRealm" /> </bean> <!-- Shiro主过滤器本身功能十分强大,其强大之处就在于它支持任何基于URL路径表达式的、自定义的过滤器的执行 --> <!-- Web应用中,Shiro可控制的Web请求必须经过Shiro主过滤器的拦截,Shiro对基于Spring的Web应用提供了完美的支持 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <!-- Shiro的核心安全接口,这个属性是必须的 --> <property name="securityManager" ref="securityManager" /> <!-- 要求登录时的链接(可根据项目的URL进行替换),非必须的属性,默认会自动寻找Web工程根目录下的"/login.jsp"页面 --> <property name="loginUrl" value="/login.htm" /> <!-- 登录成功后要跳转的连接(本例中此属性用不到,因为登录成功后的处理逻辑在LoginController里硬编码为main.jsp了) --> <!-- <property name="successUrl" value="/system/main"/> --> <!-- 用户访问未对其授权的资源时,所显示的连接 --> <!-- 若想更明显的测试此属性可以修改它的值,如unauthor.jsp,然后用[玄玉]登录后访问/admin/listUser.jsp就看见浏览器会显示unauthor.jsp --> <property name="unauthorizedUrl" value="/unauthorized.htm" /> <!-- 过滤器定义 --> <property name="filters"> <map> <entry key="perms" value-ref="urlPermissionsFilter" /> </map> </property> <!-- Shiro连接约束配置,即过滤链的定义 --> <!-- 此处可配合我的这篇文章来理解各个过滤连的作用http://blog.csdn.net/jadyer/article/details/12172839 --> <!-- 下面value值的第一个'/'代表的路径是相对于HttpServletRequest.getContextPath()的值来的 --> <!-- anon:它对应的过滤器里面是空的,什么都没做,这里.do和.jsp后面的*表示参数,比方说login.jsp?main这种 --> <!-- authc:该过滤器下的页面必须验证后才能访问,它是Shiro内置的一个拦截器org.apache.shiro.web.filter.authc.FormAuthenticationFilter --> <property name="filterChainDefinitions"> <value> /login.htm=anon /logout.htm=logout /unauthorized.htm=anon /** = authc,perms </value> </property> </bean> <!-- 自定义鉴权拦截器 --> <!-- 基于URL的权限判断过滤器 我们自动根据URL产生所谓的权限字符串,这一项在Shiro示例中是写在配置文件里面的,默认认为权限不可动态配置 --> <bean id="urlPermissionsFilter" class="com.gxx.manage.shiro.UrlPermissionsFilter" /> <!-- 保证实现了Shiro内部lifecycle函数的bean执行 --> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> <!-- 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证 --> <!-- 配置以下两个bean即可实现此功能 --> <!-- Enable Shiro Annotations for Spring-configured beans. Only run after the lifecycleBeanProcessor has run --> <!-- 由于本例中并未使用Shiro注解,故注释掉这两个bean(个人觉得将权限通过注解的方式硬编码在程序中,查看起来不是很方便,没必要使用) --> <!-- <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> <property name="securityManager" ref="securityManager"/> </bean> --> </beans> </code> ===== UrlPermissionsFilter.java ===== <code java UrlPermissionsFilter.java> package com.gxx.manage.shiro; import java.io.IOException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter; /** * <dl> * <dt><b>Title:</b></dt> * <dd> * 基于URL的权限判断过滤器 我们自动根据URL产生所谓的权限字符串,这一项在Shiro示例中是写在配置文件里面的,默认认为权限不可动态配置 * URL举例:/User/create.do?***=*** -->权限字符串:/User/create.do</dd> * <dt><b>Description:</b></dt> * <dd> * <p> * none</dd> * </dl> * * @author Administrator * @version 1.0, 2015年9月20日 * @since manage * */ public class UrlPermissionsFilter extends PermissionsAuthorizationFilter { /** * 日志处理器 */ Logger logger = Logger.getLogger(UrlPermissionsFilter.class); /** * 指的是在声明url时指定的权限字符串,如/User/create.do=perms[User:create]. * 我们要动态产生这个权限字符串,所以这个配置对我们没用 */ public boolean isAccessAllowed (ServletRequest request, ServletResponse response, Object mappedValue) throws IOException { return super.isAccessAllowed(request, response, buildPermissions(request)); } /** * 根据请求URL产生权限字符串,这里只产生,而比对的事交给Realm * @param request * @return */ protected String[] buildPermissions(ServletRequest request) { String path = ((HttpServletRequest) request).getServletPath(); logger.info("请求地址对应的Url权限:" + path); return new String[]{path}; } } </code> ===== ManageAuthorizingRealm.java ===== <code java ManageAuthorizingRealm.java> package com.gxx.manage.shiro; import java.util.List; import org.apache.commons.lang3.builder.ReflectionToStringBuilder; import org.apache.commons.lang3.builder.ToStringStyle; import org.apache.log4j.Logger; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.springframework.beans.factory.annotation.Autowired; import com.gxx.manage.base.vo.Permission; import com.gxx.manage.base.vo.Role; import com.gxx.manage.base.vo.User; import com.gxx.manage.service.UserService; /** * <dl> * <dt><b>Title:</b></dt> * <dd> * 自定义授权领域类 * </dd> * <dt><b>Description:</b></dt> * <dd> * <p>none * </dd> * </dl> * * @author Administrator * @version 1.0, 2015年9月19日 * @since manage * */ public class ManageAuthorizingRealm extends AuthorizingRealm { /** * 日志处理器 */ Logger logger = Logger.getLogger(ManageAuthorizingRealm.class); @Autowired UserService userService; /** * 为当前登录的Subject授予角色和权限 * @see 经测试:本例中该方法的调用时机为需授权资源被访问时 * @see 经测试:并且每次访问需授权资源时都会执行该方法中的逻辑,这表明本例中默认并未启用AuthorizationCache * @see 个人感觉若使用了Spring3.1开始提供的ConcurrentMapCache支持,则可灵活决定是否启用AuthorizationCache * @see 比如说这里从数据库获取权限信息时,先去访问Spring3.1提供的缓存,而不使用Shior提供的AuthorizationCache */ @Override protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals) { /** * 获取当前登录的用户名,等价于(String)principals.fromRealm(this.getName()).iterator().next() */ String currentUsername = (String)super.getAvailablePrincipal(principals); logger.info("为当前登录的Subject授予角色和权限,用户名:" + currentUsername); User user = userService.getUserByName(currentUsername); if(null == user){ /** * 不存在用户则返回null */ logger.error("不存在用户"); return null; } /** * 为当前用户查询角色和权限 */ SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo(); List<Role> roles = userService.queryRolesByUserId(user.getId()); for(Role role : roles){ logger.info("拥有角色:" + role.getRole()); simpleAuthorInfo.addRole(role.getRole()); List<Permission> permissions = userService.queryPermissionsByRoleId(role.getId()); for(Permission permission : permissions){ logger.info("拥有权限:" + permission.getPermission()); simpleAuthorInfo.addStringPermission(permission.getPermission()); } } return simpleAuthorInfo; } /** * 验证当前登录的Subject */ @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token) throws AuthenticationException { /** * 获取基于用户名和密码的令牌 * 实际上这个token是从LoginController里面currentUser.login(token)传过来的 * 两个token的引用都是一样的 */ logger.info("验证当前Subject时获取到token为" + ReflectionToStringBuilder. toString(((UsernamePasswordToken)token), ToStringStyle.MULTI_LINE_STYLE)); User user = userService.getUserByName(((UsernamePasswordToken)token).getUsername()); if(null == user){ /** * 不存在用户则返回null */ return null; } /** * 这里不用比较,直接返回就好,shiro会自动比较 */ AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo (user.getName(), user.getPassword(), this.getName()); return authenticationInfo; } } </code> ===== LoginController.java ===== <code java LoginController.java> package com.gxx.manage.web.account; import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.LockedAccountException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; /** * UserController * * @author gxx */ @Controller public class LoginController { /** * 日志处理器 */ private final Logger logger = Logger.getLogger(LoginController.class); /** * 访问登录页 * @return */ @RequestMapping(value = "/login", method = RequestMethod.GET) public String loginGet() { logger.info("访问/login"); /** * 如果已登录,直接跳到登录后页面 */ Subject currentUser = SecurityUtils.getSubject(); if( currentUser!=null && currentUser.getPrincipal()!=null ){ return "/index"; } return "account/login"; } /** * 访问无权限页 * @return */ @RequestMapping(value = "/unauthorized") public String unauthorized() { logger.info("访问/unauthorized"); return "unauthorized"; } /** * 登录提交 * @param request * @return */ @RequestMapping(value = "/login", method = RequestMethod.POST) public String loginPost(HttpServletRequest request) { logger.info("登录提交,用户名:[" + request.getParameter("username") + "],密码:[" + request.getParameter("password") + "]"); /** * 自定义授权领域 验证用户 */ Subject currentUser = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(request.getParameter("username"), request.getParameter("password")); try{ currentUser.login(token); } catch (UnknownAccountException uae){ logger.error("未知账户!"); } catch (IncorrectCredentialsException ice){ logger.error("密码错误!"); } catch (LockedAccountException lae){ logger.error("账户锁定!"); }//以及其他异常 /** * 判断是否校验通过 */ if(currentUser.isAuthenticated()){ logger.info("用户验证通过!"); return "/index"; } else { token.clear(); return "account/login"; } } /** * 登出,可以不写,因为配置文件中已配置:/logout.htm=logout * @return @RequestMapping(value = "/logout") public String logout() { logger.info("访问/logout"); /** * shiro登出 Subject subject = SecurityUtils.getSubject(); subject.logout(); return "account/login"; } */ } </code> ===== UserService.java ===== <code java UserService.java> package com.gxx.manage.service; import java.util.List; import com.gxx.manage.base.vo.Permission; import com.gxx.manage.base.vo.Role; import com.gxx.manage.base.vo.User; /** * <dl> * <dt><b>Title:</b></dt> * <dd> * 用户服务接口 * </dd> * <dt><b>Description:</b></dt> * <dd> * <p>none * </dd> * </dl> * * @author Administrator * @version 1.0, 2015年6月18日 * @since manage * */ public interface UserService { /** * 新增用户 * @param user */ public void doSaveUser(User user); /** * 根据姓名查用户 * @param name * @return */ public User getUserByName(String name); /** * 根据用户ID查询角色集合 * @param userId * @return */ public List<Role> queryRolesByUserId(int userId); /** * 根据角色ID查询权限集合 * @param roleId * @return */ public List<Permission> queryPermissionsByRoleId(int roleId); } </code> ===== UserServiceImpl.java ===== <code java UserServiceImpl.java> package com.gxx.manage.service.impl; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.gxx.manage.base.dao.UserMapper; import com.gxx.manage.base.vo.Permission; import com.gxx.manage.base.vo.Role; import com.gxx.manage.base.vo.User; import com.gxx.manage.service.UserService; /** * <dl> * <dt><b>Title:</b></dt> * <dd> * 用户服务实现类 * </dd> * <dt><b>Description:</b></dt> * <dd> * <p>none * </dd> * </dl> * * @author Administrator * @version 1.0, 2015年6月18日 * @since manage * */ @Service("userService") public class UserServiceImpl implements UserService { @Autowired private UserMapper userDao; /** * 新增用户 * @param user */ public void doSaveUser(User user) { userDao.insert(user); } /** * 根据姓名查用户 * @param name * @return */ public User getUserByName(String name) { return userDao.getUserByName(name); } /** * 根据用户ID查询角色集合 * @param userId * @return */ public List<Role> queryRolesByUserId(int userId){ return userDao.queryRolesByUserId(userId); } /** * 根据角色ID查询权限集合 * @param roleId * @return */ public List<Permission> queryPermissionsByRoleId(int roleId){ return userDao.queryPermissionsByRoleId(roleId); } } </code> ===== User.java ===== <code java User.java> package com.gxx.manage.base.vo; public class User { private Integer id; private String name; private String password; private String createDate; private String createTime; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name == null ? null : name.trim(); } public String getPassword() { return password; } public void setPassword(String password) { this.password = password == null ? null : password.trim(); } public String getCreateDate() { return createDate; } public void setCreateDate(String createDate) { this.createDate = createDate == null ? null : createDate.trim(); } public String getCreateTime() { return createTime; } public void setCreateTime(String createTime) { this.createTime = createTime == null ? null : createTime.trim(); } } </code> ===== Role.java ===== <code java Role.java> package com.gxx.manage.base.vo; public class Role { private Integer id; private String role; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getRole() { return role; } public void setRole(String role) { this.role = role == null ? null : role.trim(); } } </code> ===== UserRole.java ===== <code java UserRole.java> package com.gxx.manage.base.vo; public class UserRole { private Integer id; private Integer userId; private Integer roleId; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public Integer getUserId() { return userId; } public void setUserId(Integer userId) { this.userId = userId; } public Integer getRoleId() { return roleId; } public void setRoleId(Integer roleId) { this.roleId = roleId; } } </code> ===== Permission.java ===== <code java Permission.java> package com.gxx.manage.base.vo; public class Permission { private Integer id; private String permission; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getPermission() { return permission; } public void setPermission(String permission) { this.permission = permission == null ? null : permission.trim(); } } </code> ===== RolePermission.java ===== <code java RolePermission.java> package com.gxx.manage.base.vo; public class RolePermission { private Integer id; private Integer roleId; private Integer permissionId; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public Integer getRoleId() { return roleId; } public void setRoleId(Integer roleId) { this.roleId = roleId; } public Integer getPermissionId() { return permissionId; } public void setPermissionId(Integer permissionId) { this.permissionId = permissionId; } } </code> ===== UserMapper.java ===== <code java UserMapper.java> package com.gxx.manage.base.dao; import java.util.List; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select; import org.springframework.stereotype.Repository; import com.gxx.manage.base.vo.Permission; import com.gxx.manage.base.vo.Role; import com.gxx.manage.base.vo.User; @Repository public interface UserMapper { int deleteByPrimaryKey(Integer id); int insert(User record); int insertSelective(User record); User selectByPrimaryKey(Integer id); int updateByPrimaryKeySelective(User record); int updateByPrimaryKey(User record); /** * 根据姓名查用户 * @param name * @return */ User getUserByName(String name); /** * 根据用户ID查询角色集合 * @param userId * @return */ @Select("SELECT * FROM ROLE WHERE ID IN(SELECT ROLE_ID FROM USER_ROLE WHERE USER_ID=#{userId})") List<Role> queryRolesByUserId(@Param("userId")int userId); /** * 根据角色ID查询权限集合 * @param roleId * @return */ @Select("SELECT * FROM PERMISSION WHERE ID IN(SELECT PERMISSION_ID FROM ROLE_PERMISSION WHERE ROLE_ID=#{roleId})") List<Permission> queryPermissionsByRoleId(@Param("roleId")int roleId); } </code> ===== RoleMapper.java ===== <code java RoleMapper.java> package com.gxx.manage.base.dao; import org.springframework.stereotype.Repository; import com.gxx.manage.base.vo.Role; @Repository public interface RoleMapper { int deleteByPrimaryKey(Integer id); int insert(Role record); int insertSelective(Role record); Role selectByPrimaryKey(Integer id); int updateByPrimaryKeySelective(Role record); int updateByPrimaryKey(Role record); } </code> ===== UserRoleMapper.java ===== <code java UserRoleMapper.java> package com.gxx.manage.base.dao; import org.springframework.stereotype.Repository; import com.gxx.manage.base.vo.UserRole; @Repository public interface UserRoleMapper { int deleteByPrimaryKey(Integer id); int insert(UserRole record); int insertSelective(UserRole record); UserRole selectByPrimaryKey(Integer id); int updateByPrimaryKeySelective(UserRole record); int updateByPrimaryKey(UserRole record); } </code> ===== PermissionMapper.java ===== <code java PermissionMapper.java> package com.gxx.manage.base.dao; import org.springframework.stereotype.Repository; import com.gxx.manage.base.vo.Permission; @Repository public interface PermissionMapper { int deleteByPrimaryKey(Integer id); int insert(Permission record); int insertSelective(Permission record); Permission selectByPrimaryKey(Integer id); int updateByPrimaryKeySelective(Permission record); int updateByPrimaryKey(Permission record); } </code> ===== RolePermissionMapper.java ===== <code java RolePermissionMapper.java> package com.gxx.manage.base.dao; import org.springframework.stereotype.Repository; import com.gxx.manage.base.vo.RolePermission; @Repository public interface RolePermissionMapper { int deleteByPrimaryKey(Integer id); int insert(RolePermission record); int insertSelective(RolePermission record); RolePermission selectByPrimaryKey(Integer id); int updateByPrimaryKeySelective(RolePermission record); int updateByPrimaryKey(RolePermission record); } </code> ===== UserMapper.xml ===== <code xml UserMapper.xml> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.gxx.manage.base.dao.UserMapper"> <resultMap id="BaseResultMap" type="com.gxx.manage.base.vo.User"> <id column="ID" jdbcType="INTEGER" property="id" /> <result column="NAME" jdbcType="VARCHAR" property="name" /> <result column="PASSWORD" jdbcType="VARCHAR" property="password" /> <result column="CREATE_DATE" jdbcType="VARCHAR" property="createDate" /> <result column="CREATE_TIME" jdbcType="VARCHAR" property="createTime" /> </resultMap> <sql id="Base_Column_List"> ID, NAME, PASSWORD, CREATE_DATE, CREATE_TIME </sql> <select id="selectByPrimaryKey" parameterType="java.lang.Integer" resultMap="BaseResultMap"> select <include refid="Base_Column_List" /> from user where ID = #{id,jdbcType=INTEGER} </select> <delete id="deleteByPrimaryKey" parameterType="java.lang.Integer"> delete from user where ID = #{id,jdbcType=INTEGER} </delete> <insert id="insert" parameterType="com.gxx.manage.base.vo.User"> insert into user (ID, NAME, PASSWORD, CREATE_DATE, CREATE_TIME) values (#{id,jdbcType=INTEGER}, #{name,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR}, #{createDate,jdbcType=VARCHAR}, #{createTime,jdbcType=VARCHAR}) </insert> <insert id="insertSelective" parameterType="com.gxx.manage.base.vo.User"> insert into user <trim prefix="(" suffix=")" suffixOverrides=","> <if test="id != null"> ID, </if> <if test="name != null"> NAME, </if> <if test="password != null"> PASSWORD, </if> <if test="createDate != null"> CREATE_DATE, </if> <if test="createTime != null"> CREATE_TIME, </if> </trim> <trim prefix="values (" suffix=")" suffixOverrides=","> <if test="id != null"> #{id,jdbcType=INTEGER}, </if> <if test="name != null"> #{name,jdbcType=VARCHAR}, </if> <if test="password != null"> #{password,jdbcType=VARCHAR}, </if> <if test="createDate != null"> #{createDate,jdbcType=VARCHAR}, </if> <if test="createTime != null"> #{createTime,jdbcType=VARCHAR}, </if> </trim> </insert> <update id="updateByPrimaryKeySelective" parameterType="com.gxx.manage.base.vo.User"> update user <set> <if test="name != null"> NAME = #{name,jdbcType=VARCHAR}, </if> <if test="password != null"> PASSWORD = #{password,jdbcType=VARCHAR}, </if> <if test="createDate != null"> CREATE_DATE = #{createDate,jdbcType=VARCHAR}, </if> <if test="createTime != null"> CREATE_TIME = #{createTime,jdbcType=VARCHAR}, </if> </set> where ID = #{id,jdbcType=INTEGER} </update> <update id="updateByPrimaryKey" parameterType="com.gxx.manage.base.vo.User"> update user set NAME = #{name,jdbcType=VARCHAR}, PASSWORD = #{password,jdbcType=VARCHAR}, CREATE_DATE = #{createDate,jdbcType=VARCHAR}, CREATE_TIME = #{createTime,jdbcType=VARCHAR} where ID = #{id,jdbcType=INTEGER} </update> <select id="getUserByName" parameterType="java.lang.String" resultMap="BaseResultMap"> select <include refid="Base_Column_List" /> from user where name = #{name,jdbcType=VARCHAR} </select> </mapper> </code> ===== RoleMapper.xml ===== <code xml RoleMapper.xml> <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.gxx.manage.base.dao.RoleMapper" > <resultMap id="BaseResultMap" type="com.gxx.manage.base.vo.Role" > <id column="ID" property="id" jdbcType="INTEGER" /> <result column="ROLE" property="role" jdbcType="VARCHAR" /> </resultMap> <sql id="Base_Column_List" > ID, ROLE </sql> <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.Integer" > select <include refid="Base_Column_List" /> from role where ID = #{id,jdbcType=INTEGER} </select> <delete id="deleteByPrimaryKey" parameterType="java.lang.Integer" > delete from role where ID = #{id,jdbcType=INTEGER} </delete> <insert id="insert" parameterType="com.gxx.manage.base.vo.Role" > insert into role (ID, ROLE) values (#{id,jdbcType=INTEGER}, #{role,jdbcType=VARCHAR}) </insert> <insert id="insertSelective" parameterType="com.gxx.manage.base.vo.Role" > insert into role <trim prefix="(" suffix=")" suffixOverrides="," > <if test="id != null" > ID, </if> <if test="role != null" > ROLE, </if> </trim> <trim prefix="values (" suffix=")" suffixOverrides="," > <if test="id != null" > #{id,jdbcType=INTEGER}, </if> <if test="role != null" > #{role,jdbcType=VARCHAR}, </if> </trim> </insert> <update id="updateByPrimaryKeySelective" parameterType="com.gxx.manage.base.vo.Role" > update role <set > <if test="role != null" > ROLE = #{role,jdbcType=VARCHAR}, </if> </set> where ID = #{id,jdbcType=INTEGER} </update> <update id="updateByPrimaryKey" parameterType="com.gxx.manage.base.vo.Role" > update role set ROLE = #{role,jdbcType=VARCHAR} where ID = #{id,jdbcType=INTEGER} </update> </mapper> </code> ===== UserRoleMapper.xml ===== <code xml UserRoleMapper.xml> <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.gxx.manage.base.dao.UserRoleMapper" > <resultMap id="BaseResultMap" type="com.gxx.manage.base.vo.UserRole" > <id column="ID" property="id" jdbcType="INTEGER" /> <result column="USER_ID" property="userId" jdbcType="INTEGER" /> <result column="ROLE_ID" property="roleId" jdbcType="INTEGER" /> </resultMap> <sql id="Base_Column_List" > ID, USER_ID, ROLE_ID </sql> <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.Integer" > select <include refid="Base_Column_List" /> from user_role where ID = #{id,jdbcType=INTEGER} </select> <delete id="deleteByPrimaryKey" parameterType="java.lang.Integer" > delete from user_role where ID = #{id,jdbcType=INTEGER} </delete> <insert id="insert" parameterType="com.gxx.manage.base.vo.UserRole" > insert into user_role (ID, USER_ID, ROLE_ID ) values (#{id,jdbcType=INTEGER}, #{userId,jdbcType=INTEGER}, #{roleId,jdbcType=INTEGER} ) </insert> <insert id="insertSelective" parameterType="com.gxx.manage.base.vo.UserRole" > insert into user_role <trim prefix="(" suffix=")" suffixOverrides="," > <if test="id != null" > ID, </if> <if test="userId != null" > USER_ID, </if> <if test="roleId != null" > ROLE_ID, </if> </trim> <trim prefix="values (" suffix=")" suffixOverrides="," > <if test="id != null" > #{id,jdbcType=INTEGER}, </if> <if test="userId != null" > #{userId,jdbcType=INTEGER}, </if> <if test="roleId != null" > #{roleId,jdbcType=INTEGER}, </if> </trim> </insert> <update id="updateByPrimaryKeySelective" parameterType="com.gxx.manage.base.vo.UserRole" > update user_role <set > <if test="userId != null" > USER_ID = #{userId,jdbcType=INTEGER}, </if> <if test="roleId != null" > ROLE_ID = #{roleId,jdbcType=INTEGER}, </if> </set> where ID = #{id,jdbcType=INTEGER} </update> <update id="updateByPrimaryKey" parameterType="com.gxx.manage.base.vo.UserRole" > update user_role set USER_ID = #{userId,jdbcType=INTEGER}, ROLE_ID = #{roleId,jdbcType=INTEGER} where ID = #{id,jdbcType=INTEGER} </update> </mapper> </code> ===== PermissionMapper.xml ===== <code xml PermissionMapper.xml> <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.gxx.manage.base.dao.PermissionMapper" > <resultMap id="BaseResultMap" type="com.gxx.manage.base.vo.Permission" > <id column="ID" property="id" jdbcType="INTEGER" /> <result column="PERMISSION" property="permission" jdbcType="VARCHAR" /> </resultMap> <sql id="Base_Column_List" > ID, PERMISSION </sql> <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.Integer" > select <include refid="Base_Column_List" /> from permission where ID = #{id,jdbcType=INTEGER} </select> <delete id="deleteByPrimaryKey" parameterType="java.lang.Integer" > delete from permission where ID = #{id,jdbcType=INTEGER} </delete> <insert id="insert" parameterType="com.gxx.manage.base.vo.Permission" > insert into permission (ID, PERMISSION) values (#{id,jdbcType=INTEGER}, #{permission,jdbcType=VARCHAR}) </insert> <insert id="insertSelective" parameterType="com.gxx.manage.base.vo.Permission" > insert into permission <trim prefix="(" suffix=")" suffixOverrides="," > <if test="id != null" > ID, </if> <if test="permission != null" > PERMISSION, </if> </trim> <trim prefix="values (" suffix=")" suffixOverrides="," > <if test="id != null" > #{id,jdbcType=INTEGER}, </if> <if test="permission != null" > #{permission,jdbcType=VARCHAR}, </if> </trim> </insert> <update id="updateByPrimaryKeySelective" parameterType="com.gxx.manage.base.vo.Permission" > update permission <set > <if test="permission != null" > PERMISSION = #{permission,jdbcType=VARCHAR}, </if> </set> where ID = #{id,jdbcType=INTEGER} </update> <update id="updateByPrimaryKey" parameterType="com.gxx.manage.base.vo.Permission" > update permission set PERMISSION = #{permission,jdbcType=VARCHAR} where ID = #{id,jdbcType=INTEGER} </update> </mapper> </code> ===== RolePermissionMapper.xml ===== <code xml RolePermissionMapper.xml> <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.gxx.manage.base.dao.RolePermissionMapper" > <resultMap id="BaseResultMap" type="com.gxx.manage.base.vo.RolePermission" > <id column="ID" property="id" jdbcType="INTEGER" /> <result column="ROLE_ID" property="roleId" jdbcType="INTEGER" /> <result column="PERMISSION_ID" property="permissionId" jdbcType="INTEGER" /> </resultMap> <sql id="Base_Column_List" > ID, ROLE_ID, PERMISSION_ID </sql> <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.Integer" > select <include refid="Base_Column_List" /> from role_permission where ID = #{id,jdbcType=INTEGER} </select> <delete id="deleteByPrimaryKey" parameterType="java.lang.Integer" > delete from role_permission where ID = #{id,jdbcType=INTEGER} </delete> <insert id="insert" parameterType="com.gxx.manage.base.vo.RolePermission" > insert into role_permission (ID, ROLE_ID, PERMISSION_ID ) values (#{id,jdbcType=INTEGER}, #{roleId,jdbcType=INTEGER}, #{permissionId,jdbcType=INTEGER} ) </insert> <insert id="insertSelective" parameterType="com.gxx.manage.base.vo.RolePermission" > insert into role_permission <trim prefix="(" suffix=")" suffixOverrides="," > <if test="id != null" > ID, </if> <if test="roleId != null" > ROLE_ID, </if> <if test="permissionId != null" > PERMISSION_ID, </if> </trim> <trim prefix="values (" suffix=")" suffixOverrides="," > <if test="id != null" > #{id,jdbcType=INTEGER}, </if> <if test="roleId != null" > #{roleId,jdbcType=INTEGER}, </if> <if test="permissionId != null" > #{permissionId,jdbcType=INTEGER}, </if> </trim> </insert> <update id="updateByPrimaryKeySelective" parameterType="com.gxx.manage.base.vo.RolePermission" > update role_permission <set > <if test="roleId != null" > ROLE_ID = #{roleId,jdbcType=INTEGER}, </if> <if test="permissionId != null" > PERMISSION_ID = #{permissionId,jdbcType=INTEGER}, </if> </set> where ID = #{id,jdbcType=INTEGER} </update> <update id="updateByPrimaryKey" parameterType="com.gxx.manage.base.vo.RolePermission" > update role_permission set ROLE_ID = #{roleId,jdbcType=INTEGER}, PERMISSION_ID = #{permissionId,jdbcType=INTEGER} where ID = #{id,jdbcType=INTEGER} </update> </mapper> </code> ===== login.ftl ===== <code html login.ftl> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>登录页面</title> </head> <body> <form action="/manage/login.htm" method="post"> <table border="1"> <tr><td>用户名:</td><td><input type="text" name="username" placeholder="请输入账号" /></td></tr> <tr><td>密码:</td><td><input type="password" name="password" placeholder="请输入密码" /></td></tr> <tr><td colspan="2" align="center"><input type="submit" value="提交"/></td></tr> </table> </form> </body> </html> </code> ===== index.ftl ===== <code html index.ftl> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>登录后首页</title> </head> <body> 登录成功! </body> </html> </code> ===== unauthorized.ftl ===== <code html unauthorized.ftl> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>无权限首页</title> </head> <body> 您无该权限! </body> </html> </code> ===== manage.sql ===== <code sql manage.sql> create database manage; use manage; CREATE TABLE `user` ( `ID` int(10) unsigned NOT NULL auto_increment, `NAME` varchar(45) NOT NULL, `PASSWORD` varchar(45) NOT NULL, `CREATE_DATE` varchar(8) NOT NULL, `CREATE_TIME` varchar(6) NOT NULL, PRIMARY KEY USING BTREE (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COMMENT='用户表'; CREATE TABLE `role` ( `ID` int(10) unsigned NOT NULL auto_increment, `ROLE` varchar(45) NOT NULL, PRIMARY KEY USING BTREE (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COMMENT='角色表'; CREATE TABLE `user_role` ( `ID` int(10) unsigned NOT NULL auto_increment, `USER_ID` int(10) unsigned NOT NULL, `ROLE_ID` int(10) unsigned NOT NULL, PRIMARY KEY USING BTREE (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COMMENT='用户角色表'; CREATE TABLE `permission` ( `ID` int(10) unsigned NOT NULL auto_increment, `PERMISSION` varchar(100) NOT NULL, PRIMARY KEY USING BTREE (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8 COMMENT='权限表'; CREATE TABLE `role_permission` ( `ID` int(10) unsigned NOT NULL auto_increment, `ROLE_ID` int(10) unsigned NOT NULL, `PERMISSION_ID` int(10) unsigned NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8 COMMENT='角色权限表'; </code> ===== 数据库数据截图 ===== {{:分享:技术:shiro:user.png?600|}} {{:分享:技术:shiro:role.png?300|}} {{:分享:技术:shiro:user_role.png?300|}} {{:分享:技术:shiro:permission.png?300|}} {{:分享:技术:shiro:role_permission.png?300|}}
分享/技术/shiro/spring整合shiro实现权限管理.txt
· 最后更改: 2015/09/21 14:11 由
gxx
页面工具
显示页面
修订记录
反向链接
回到顶部
