1.项目的包结构:
2.jar包,配置文件及工具类
2.1pom.xml的配置
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.zy</groupId>
<artifactId>ssm-shiro</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>ssm-shiro Maven Webapp</name>
<!-- FIXME change it to the project‘s website -->
<url>http://www.example.com</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
<shiro.version>1.2.3</shiro.version>
<commons-logging.version>1.2</commons-logging.version>
<!--spring家族版本号-->
<spring.version>4.2.4.RELEASE</spring.version>
<!--aop版本-->
<org.aspectj.version>1.6.11</org.aspectj.version>
<aopalliance.version>1.0</aopalliance.version>
<!--数据源,mybatis,分页相关配置-->
<druid.version>1.0.21</druid.version>
<mybatis.version>3.2.6</mybatis.version>
<mybatis.spring.version>1.3.1</mybatis.spring.version>
<pageHelper.version>5.1.2</pageHelper.version>
<mybatis-paginator.version>1.2.15</mybatis-paginator.version>
<mysql.version>5.1.45</mysql.version>
<!--jsp-->
<jstl.version>1.2</jstl.version>
<servlet.api>2.5</servlet.api>
<jsp.api.version>2.0</jsp.api.version>
<!--动态代理-->
<cglib.version>2.1_3</cglib.version>
<!--日志-->
<org.slf4j.version>1.6.1</org.slf4j.version>
<!--配置junit-->
<junit.version>4.11</junit.version>
<!--配置jackson的包-->
<jackson.version>2.4.2</jackson.version>
</properties>
<dependencies>
<!--配置jackson的包-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
</dependency>
<!--配置shiro的依赖-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-quartz</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons-logging.version}</version>
</dependency>
<!--配置spring核心包-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
<version>${spring.version}</version>
</dependency>
<!--配置springMVC-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<!--配置aop-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>${org.aspectj.version}</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>${org.aspectj.version}</version>
</dependency>
<dependency>
<groupId>aopalliance</groupId>
<artifactId>aopalliance</artifactId>
<version>${aopalliance.version}</version>
</dependency>
<!--配置数据源,连接池,Mybatis,分页插件-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>${druid.version}</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>${mybatis.spring.version}</version>
</dependency>
<dependency>
<groupId>com.github.pagehelper</groupId>
<artifactId>pagehelper</artifactId>
<version>${pageHelper.version}</version>
</dependency>
<dependency>
<groupId>com.github.miemiedev</groupId>
<artifactId>mybatis-paginator</artifactId>
<version>${mybatis-paginator.version}</version>
</dependency>
<!--jsp相关-->
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>${jstl.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>${servlet.api}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>${jsp.api.version}</version>
<scope>provided</scope>
</dependency>
<!--动态代理-->
<dependency>
<groupId>cglib</groupId>
<artifactId>cglib</artifactId>
<version>${cglib.version}</version>
</dependency>
<!--配置日志-->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${org.slf4j.version}</version>
</dependency>
</dependencies>
<build>
<finalName>ssm-shiro</finalName>
<!--配置静态资源不发布-->
<resources>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.xml</include>
<include>**/*.properties</include>
</includes>
</resource>
</resources>
<!--配置tomcat-->
<plugins>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<configuration>
<path>/</path>
<port>8081</port>
</configuration>
</plugin>
</plugins>
</build>
</project>
2.2配置springmvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">
<!--开启自动扫包:注意这里只扫描controller层的包,防止重复扫描-->
<context:component-scan base-package="com.zy.controller"/>
<!--开启注解驱动:用来替换处理器适配器和处理器映射器-->
<mvc:annotation-driven/>
<!--视图解析器:配置返回的前缀及后缀-->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/"/>
<property name="suffix" value=".jsp"/>
</bean>
<!--拦截静态资源并放行-->
<mvc:default-servlet-handler />
<!--此处的mapping指代前台引用的地址,location指代资源实际地址-->
<mvc:resources mapping="/js/**" location="/WEB-INF/js/"></mvc:resources>
<mvc:resources mapping="/css/**" location="/WEB-INF/css/"></mvc:resources>
<mvc:resources mapping="/fonts/**" location="/WEB-INF/fonts/"></mvc:resources>
<mvc:resources mapping="/images/**" location="/WEB-INF/images/"></mvc:resources>
<mvc:resources mapping="/layui/**" location="/WEB-INF/layui/"></mvc:resources>
<!--开启aop注解支持-->
<aop:config proxy-target-class="true"/>
<!--开启全局异常处理-->
<bean class="com.zy.common.MyExceptionHandler"/>
</beans>
2.3配置spring相关内容
2.3.1配置applicationContext-dao.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mybatis-spring="http://mybatis.org/schema/mybatis-spring"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://mybatis.org/schema/mybatis-spring http://mybatis.org/schema/mybatis-spring.xsd">
<!--1.配置自动扫描:注意这里只扫描dao层和service层的包,不扫描controller,防止与springmvc重复扫描-->
<context:component-scan base-package="com.zy.mapper"/>
<!--2.读取配置文件-->
<context:property-placeholder location="classpath:db.properties"/>
<!--3.配置数据库连接的基本情况-->
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
<!--3.1数据库连接的基本属性的设置-->
<property name="url" value="${jdbc.url}"/>
<property name="username" value="${jdbc.username}"/>
<property name="password" value="${jdbc.password}"/>
<property name="driverClassName" value="${jdbc.driver}"/>
<!--3.2配置最大最小值以及初始化的值-->
<property name="initialSize" value="1"/>
<property name="minIdle" value="1"/>
<property name="maxActive" value="10"/>
</bean>
<!--4.配置dao层,整合Mybatis-->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource"/>
<!--配置Mybatis的全局配置文件-->
<property name="configLocation" value="classpath:mybatis/sqlMappingConfig.xml"/>
<!--mapperLocations: 指定mapper文件的位置-->
<property name="mapperLocations" value="classpath:mybatis/mapper/*.xml"/>
</bean>
<!--4.1也可以扫描与mapper层同级目录的文件配置
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.zy.mapper"/>
</bean>
-->
<!-- 扫描所有的mapper接口的实现,让这些mapper能够自动注入;
base-package:指定mapper接口的包名
-->
<mybatis-spring:scan base-package="com.zy.mapper"/>
</beans>
2.3.2配置applicationContext-service.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<context:component-scan base-package="com.zy.service"/>
</beans>
2.3.3配置applicationContext-tx.xml(事务)
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">
<!--5.添加事务-->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"/>
</bean>
<!--6.基于XML的事务-->
<tx:advice transaction-manager="transactionManager" id="transactionInterceptor">
<tx:attributes>
<tx:method name="save*" propagation="REQUIRED"/>
<tx:method name="add*" propagation="REQUIRED"/>
<tx:method name="modify*" propagation="REQUIRED"/>
<tx:method name="update*" propagation="REQUIRED"/>
<tx:method name="delete*" propagation="REQUIRED"/>
<tx:method name="query*" propagation="SUPPORTS"/>
<tx:method name="get*" propagation="SUPPORTS"/>
<tx:method name="find*" propagation="SUPPORTS"/>
<tx:method name="select*" propagation="SUPPORTS"/>
</tx:attributes>
</tx:advice>
<!--配置切入点-->
<aop:config>
<aop:pointcut id="serviceAdvice" expression="execution(* com.zy.service..* .*(..))"></aop:pointcut>
<!--将事务织入切入对象中-->
<aop:advisor advice-ref="transactionInterceptor" pointcut-ref="serviceAdvice"/>
</aop:config>
</beans>
2.3.4配置applicationContext-shiro.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<!--申明缓存管理器-->
<!--本地缓存,不推荐-->
<!--<bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager"/>-->
<!-- 缓存管理器使用Ehcache实现 -->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:ehcache.xml" />
</bean>
<!--密码凭证管理器-->
<bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="md5"/>
<!--次数-->
<property name="hashIterations" value="1"/>
</bean>
<!--================================配置自定义的realm====================================-->
<bean id="tbUserRealm" class="com.zy.shiro.TbUserRealm">
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<!--配置缓存时,改为true-->
<property name="cachingEnabled" value="true"/>
</bean>
<!--记住我的cookie-->
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="rememberMe"/>
<!--设置cookie有效期-->
<property name="maxAge" value="604800"/>
</bean>
<!--记住我管理器-->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<property name="cookie" ref="rememberMeCookie"/>
</bean>
<!--安全管理器-->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="tbUserRealm"/>
<!--注入记住我-->
<property name="rememberMeManager" ref="rememberMeManager"/>
<!--缓存管理器-->
<property name="cacheManager" ref="cacheManager"/>
</bean>
<!--=====================开启切面支持,spring拦截支持=====================-->
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!--调用securityManagerUtils.setSecurityManager-->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<!--==============================shiro的web过滤器====================================-->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login/login"/>
<property name="successUrl" value="/login/loginCheck"/>
<property name="filterChainDefinitions">
<value>
<!--
anon:匿名使用,用户不登录也可以访问,如 /item/** = anon
authc:认证后才能使用 /order/** = authc
roles:需要特定角色才能访问 /admin/** = roles["admin,test"]
perms:需要特定权限才能访问 /admin/user/** = perms["user:add,user:delete"]
user:必须存在用户,登录而不限制检查 /** = user
rest: restFul风格 /adimn/** = rest[user]
port: 限制访问端口 /admin/** = port[8088]
authcBasic: 限制协议请求是https
ssl: 安全的url请求,请求协议是http
-->
<!--切记此处路径名与前台传.递的路径名是一致的,除了在此处配置以外,还需要在spring.xml中进行配置-->
/css/** = anon<!--设置静态资源文件为游客可访问-->
/js/** = anon<!--设置静态资源文件为游客可访问-->
/fonts/** = anon<!--设置静态资源文件为游客可访问-->
/images/** = anon<!--设置静态资源文件为游客可访问-->
/layui/** = anon<!--设置静态资源文件为游客可访问-->
<!--配置用户退出
不用我们去实现退出,只要去访问一个退出的url(该 url是可以不存在),由LogoutFilter拦截住,清除session。
在applicationContext-shiro.xml配置LogoutFilter
-->
/login/logout = logout
<!--不拦截-->
/login/** = anon
/** = user
</value>
</property>
</bean>
<!--生命周期的配置-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
</beans>
2.4配置mybatis相关内容
2.4.1配置sqlMappingConfig.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE configuration
PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<!--设置全局配置环境-->
<settings>
<!--开启全局缓存-->
<setting name="cacheEnabled" value="true"/>
<!--开启懒加载-->
<setting name="lazyLoadingEnabled" value="true"/>
<!--关闭延迟加载-->
<setting name="aggressiveLazyLoading" value="false"/>
</settings>
<!--配置分页插件pageHelper的拦截器:5.0版本之后的配置-->
<plugins>
<plugin interceptor="com.github.pagehelper.PageInterceptor"></plugin>
</plugins>
</configuration>
2.4.2配置其他***Mappper.xml文件(以TbUserMapper.xml为例)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.zy.mapper.TbUserMapper">
<!--封装结果集-->
<resultMap id="tbUserResultMap" type="com.zy.model.TbUser">
<id column="id" property="id" jdbcType="INTEGER"/>
<result column="username" property="username" jdbcType="VARCHAR"/>
<result column="password" property="password" jdbcType="VARCHAR"/>
<result column="salt" property="salt" jdbcType="VARCHAR"/>
<result column="status" property="status" jdbcType="VARCHAR"/>
</resultMap>
<!--
根据用户名查询用户信息
TbUser getTbUserByUserName(String username);
-->
<select id="getTbUserByUserName" resultMap="tbUserResultMap">
select id,username,password,salt,status
from tb_user
where username = #{username}
</select>
<!--
// 注册用户
int addTbUser(TbUser tbUser);
-->
<insert id="addTbUser">
<selectKey keyProperty="id" order="AFTER" resultType="int">
select last_insert_id()
</selectKey>
insert into tb_user values(null,#{username},#{password},#{salt},#{status})
</insert>
<!--
// 查询所有用户信息
List<TbUser> getAllUser();
-->
<select id="getAllUser" resultMap="tbUserResultMap">
select id,username,password,salt,status
from tb_user
</select>
<!--
// 删除用户信息及其关联角色信息,还需要去关联表中删除该信息
void deleteUser(Integer id);
-->
<delete id="deleteUser">
delete from tb_user where id = #{id}
</delete>
<delete id="deleteUserRole">
delete from tb_user_role where user_id = #{id}
</delete>
</mapper>
2.5配置db.properties
####配置mysql的连接 jdbc.driver=com.mysql.jdbc.Driver jdbc.url=jdbc:mysql://localhost:3306/shiro jdbc.username=root jdbc.password=123456 ####配置oracle的连接 orcl.driver=oracle.jdbc.OracleDriver orcl.url=jdbc:oracle:thin:@localhost:1521:orcl orcl.username=tom orcl.password=123456
2.6配置ehcache.xml
<?xml version="1.1" encoding="UTF-8"?>
<ehcache updateCheck="false" name="shirocache">
<diskStore path="D:\develop\ehcache" />
<defaultCache
maxElementsInMemory="1000"
maxElementsOnDisk="10000000"
eternal="false"
overflowToDisk="false"
diskPersistent="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
diskExpiryThreadIntervalSeconds="120"
memoryStoreEvictionPolicy="LRU">
</defaultCache>
</ehcache>
2.7配置log4j.properties
### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n
### direct messages to file log ###
log4j.appender.file=org.apache.log4j.FileAppender
log4j.appender.file.File=/scheduler.log
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n
### set log levels - for more verbose logging change ‘info‘ to ‘debug‘ ###
log4j.rootLogger=debug,stdout,file
2.8mapper层,以TbUserMapper为例
package com.zy.mapper;
import com.zy.model.TbUser;
import org.springframework.stereotype.Repository;
/**
* 用户信息的Mapper
*/
import java.util.List;
/**
* Created by Administrator on 2018/7/3.
*
* 用户登录的mapper
*/
@Repository
public interface TbUserMapper {
// 根据用户名查询用户信息
TbUser getTbUserByUserName(String username);
// 注册用户
int addTbUser(TbUser tbUser);
// 查询所有用户信息
List<TbUser> getAllUser();
// 删除用户信息及其关联角色信息
void deleteUser(Integer id);
void deleteUserRole(Integer id);
}
2.9service层(以TbUserServiceI和TbUserServiceImpl为例)
package com.zy.service;
import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.util.PageUtils;
import java.util.List;
import java.util.Map;
/**
* Created by Administrator on 2018/7/3.
*/
public interface TbUserServiceI {
// 登录验证:根据用户名查询用户信息
TbUser getTbUserByUserName(String username);
// 授权验证第一步:根据用户id查询用户角色
List<TbRole> getTbRoleByUserId(Integer id);
// 授权验证:根据用户id查询用户权限信息
List<TbPermission> getTbPermissionByUserId(Integer userId);
// 查询菜单信息
Map<TbPermission, List<TbPermission>> getMenuByUserId(Integer userId);
// 注册用户
int addTbUser(TbUser tbUser);
// 查询所有用户信息
PageUtils getAllUser(Integer pageNo);
// 删除用户信息及其关联角色信息
void deleteUser(Integer id);
}
package com.zy.service.impl;
import com.github.pagehelper.PageHelper;
import com.github.pagehelper.PageInfo;
import com.zy.common.ConstantValue;
import com.zy.mapper.TbPermissionMapper;
import com.zy.mapper.TbRoleMapper;
import com.zy.mapper.TbUserMapper;
import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import com.zy.util.MD5;
import com.zy.util.PageUtils;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* Created by Administrator on 2018/7/3.
*
* 登录的业务层
*/
@Service("tbUserService")
public class TbUserServiceImpl implements TbUserServiceI {
@Autowired
private TbUserMapper tbUserMapper;
@Autowired
private TbRoleMapper tbRoleMapper;
@Autowired
private TbPermissionMapper tbPermissionMapper;
// 登录验证:根据用户名查询用户信息
@Override
public TbUser getTbUserByUserName(String username) {
TbUser tbUser = tbUserMapper.getTbUserByUserName(username);
return tbUser;
}
// 授权验证第一步:根据用户id查询用户角色
@Override
public List<TbRole> getTbRoleByUserId(Integer id) {
List<TbRole> tbRoleList = tbRoleMapper.getTbRoleByUserId(id);
return tbRoleList;
}
// 授权验证:根据用户id查询用户权限信息
@Override
public List<TbPermission> getTbPermissionByUserId(Integer userId) {
List<TbPermission> permissionList = tbPermissionMapper.getTbPermissionByUserId(userId);
return permissionList;
}
// 查询菜单信息
@Override
public Map<TbPermission, List<TbPermission>> getMenuByUserId(Integer userId){
List<TbPermission> permissionList = tbPermissionMapper.getTopTbPermissionByUserId(userId);
Map<TbPermission, List<TbPermission>> map = new HashMap<TbPermission, List<TbPermission>>();
for(TbPermission tbPermission : permissionList){
if(tbPermission.getParentId() == null){
// 当用户id是确定的时候,根据父菜单id查询子菜单id
List<TbPermission> list = tbPermissionMapper.getTbPermissionByParentIdAndUserId(tbPermission.getId(),userId);
if(list != null){
map.put(tbPermission,list);
}
}
}
return map;
}
// 注册用户
@Override
public int addTbUser(TbUser tbUser) {
// 获取salt
String salt=new SecureRandomNumberGenerator().nextBytes().toHex();
tbUser.setSalt(salt);
// 进行加密
String md5Pwd = MD5.getMD5(tbUser.getPassword(), salt);
tbUser.setPassword(md5Pwd);
// 设置状态
tbUser.setStatus(ConstantValue.USER_STATUS_UNLOCKED);
tbUserMapper.addTbUser(tbUser);
/*返回主键*/
Integer id = tbUser.getId();
return id;
}
// 查询所有用户信息
@Override
public PageUtils getAllUser(Integer pageNo) {
PageHelper.startPage(pageNo, ConstantValue.PAGE_SIZE);
List<TbUser> userList = tbUserMapper.getAllUser();
PageUtils pageInfo = new PageUtils();
pageInfo.setRows(userList);
PageInfo<TbUser> pageInfoList = new PageInfo<TbUser>(userList);
pageInfo.setTotalPages(pageInfoList.getPages());
pageInfo.setCurrentPage(pageNo);
pageInfo.setPageSize(pageInfoList.getPageSize());
return pageInfo;
}
// 删除用户信息及其关联角色信息
@Override
public void deleteUser(Integer id) {
tbUserMapper.deleteUser(id);
tbUserMapper.deleteUserRole(id);
}
}
2.10权限Realm(以TbUserRealm 为例)
package com.zy.shiro;
import com.zy.common.ConstantValue;
import com.zy.model.TbPermission;
import com.zy.model.TbRole;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import com.zy.util.MD5;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* Created by Administrator on 2018/7/2.
*
* 认证及授权的realm
*/
public class TbUserRealm extends AuthorizingRealm {
@Autowired
private TbUserServiceI tbUserService;
/*
*
* 认证
* */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
/*获取输入的用户名及密码*/
String username = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
/*调用service层方法返回用户信息*/
TbUser tbUser = tbUserService.getTbUserByUserName(username);
/*如果用户信息为Null,则抛出用户不存在异常*/
if(tbUser == null){
throw new UnknownAccountException("用户名为空-----------------");
}
/*如果用户状态为1,则抛出账户锁定异常*/
if(tbUser.getStatus().equals(ConstantValue.USER_STATUS_LOCKED)){
throw new LockedAccountException("账号被锁定-----------------------");
}
/*比较密码是否一致,如果不一致,则抛出密码错误异常*/
final String md5Password = MD5.getMD5(password, tbUser.getSalt());
if(!md5Password.equals(tbUser.getPassword())){
throw new IncorrectCredentialsException("密码错误---------------------");
}
/*如果一切顺利,则返回该信息*/
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
tbUser,
md5Password,
ByteSource.Util.bytes(tbUser.getSalt()),
this.getName());
return info;
}
/*
*
* 授权
*
* */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//从principals获取主身份信息
//将getPrimaryPrincipal方法返回值转为真实身份类型
//在上边的doGetAuthenticationInfo认证通过填充到SimpleAuthenticationInfo中身份类型
TbUser tbUser = (TbUser) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
if(tbUser != null){
//根据身份信息获取角色信息并且设置到PrincipalCollection中
List<TbRole> roleList = tbUserService.getTbRoleByUserId(tbUser.getId());
Set<String> roles = new HashSet<String>();
if(roleList != null){
for(TbRole tbRole : roleList){
if(tbRole.getRoleName() != null && !tbRole.getRoleName().equals("")){
roles.add(tbRole.getRoleName());
}
}
info.setRoles(roles);
}
//根据身份信息获取权限信息并且设置到PrincipalCollection中
List<TbPermission> permissionList = tbUserService.getTbPermissionByUserId(tbUser.getId());
if(permissionList != null){
Set<String> permissions = new HashSet<String>();
for(TbPermission tbPermission : permissionList){
if(tbPermission.getPerCode() != null && !tbPermission.getPerCode().trim().equals("")){
permissions.add(tbPermission.getPerCode());
}
}
info.setStringPermissions(permissions);
}
else{
throw new UnauthorizedException();
}
}
return info;
}
}
2.11controller层(以LoginController 为例)
package com.zy.controller;
import com.zy.common.ConstantValue;
import com.zy.model.TbPermission;
import com.zy.model.TbUser;
import com.zy.service.TbUserServiceI;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
import java.util.List;
import java.util.Map;
/**
* Created by Administrator on 2018/7/3.
* <p>
* 登录注册相关的controller
*/
@Controller
@RequestMapping("login")
public class LoginController {
@Autowired
private TbUserServiceI tbUserService;
// 登录界面
@RequestMapping("login")
public String login() {
return "login/login";
}
// 登录验证
@RequestMapping("loginCheck")
public String loginCheck(TbUser tbUser, String rememberMe,Map map) {
UsernamePasswordToken token = new UsernamePasswordToken(tbUser.getUsername(), tbUser.getPassword());
Subject subject = SecurityUtils.getSubject();
if (rememberMe == null) {
token.setRememberMe(false);
} else {
token.setRememberMe(true);
}
try {
subject.login(token);
return "forward:toIndex";
} catch (Exception e) {
map.put("msg","用户名或密码错误");
return "login/login";
}
}
// 如果登录成功,则跳转到此处,由此处获取信息,并发送至前台页面
@RequestMapping("toIndex")
public String toIndex(Map map){
/*获取TbUserRealm中的Subject*/
final Subject subject = SecurityUtils.getSubject();
TbUser tbUser = (TbUser) subject.getPrincipal();
if(tbUser == null){
return "redirect:/login/login";
}
/*将用户信息放到map中*/
map.put("tbUser", tbUser);
/*查询菜单信息,并将菜单信息放置到map中*/
Map<TbPermission, List<TbPermission>> menu = tbUserService.getMenuByUserId(tbUser.getId());
map.put("menu",menu);
return "index";
}
/*注册*/
/*注册前用户名查重*/
@RequestMapping("isUserExist")
@ResponseBody
public String isUserExist(String username) {
TbUser tbUser = tbUserService.getTbUserByUserName(username);
if (tbUser == null) {
return ConstantValue.USER_IS_NOT_EXIST;
}
return ConstantValue.USER_IS_EXIST;
}
@RequestMapping("register")
public String register(String username, String password) {
/*用户注册*/
TbUser tbUser = new TbUser();
tbUser.setUsername(username);
tbUser.setPassword(password);
tbUserService.addTbUser(tbUser);
/*用户注册后,登录到首页展示页面*/
return "forward:loginCheck";
}
/*用户退出登录*/
@RequestMapping("logout")
public String logout(HttpSession session){
/*清除缓存*/
session.invalidate();
return "redirect:/login/login";
}
}
2.12model层(以TBUser为例)
package com.zy.model;
import java.io.Serializable;
/**
*
* 定义用户登录表中的实体类
* Created by Administrator on 2018/7/3.
*/
public class TbUser implements Serializable {
private Integer id;
private String username;
private String password;
private String salt;
private String status;
@Override
public String toString() {
return "TbUser{" +
"id=" + id +
", username=‘" + username + ‘\‘‘ +
", password=‘" + password + ‘\‘‘ +
", salt=‘" + salt + ‘\‘‘ +
", status=‘" + status + ‘\‘‘ +
‘}‘;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSalt() {
return salt;
}
public void setSalt(String salt) {
this.salt = salt;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public TbUser() {
}
public TbUser(Integer id, String username, String password, String salt, String status) {
this.id = id;
this.username = username;
this.password = password;
this.salt = salt;
this.status = status;
}
}
2.13webapp下的web.xml配置
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>ssmshiro</display-name>
<!--配置spring-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/applicationContext-*.xml</param-value>
</context-param>
<!--配置乱码过滤器-->
<filter>
<filter-name>CharacterFilter</filter-name>
<filter-class>com.zy.util.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<!--配置shiro拦截-->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--配置spring-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--配置springmvc-->
<servlet>
<servlet-name>Dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:springmvc/springmvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!--配置欢迎界面-->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!--配置404和500-->
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/error/404.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/error/500.jsp</location>
</error-page>
</web-app>
原文地址:https://www.cnblogs.com/psy-code/p/9457947.html
时间: 2024-10-10 06:00:52