在WEB中使用Shiro实现基础验证配置
1、如果要使用Shiro那么关键的部分还是需要整合web的开发,所以针对于web的开发,shiro本身也是可以轻松进行的。修改pom.xml文件:<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-web</artifactId> <version>1.3.2</version> </dependency>
2、如果要想在WEB之中去应该Shiro就必须配置监听器:修改web.xml文件追加监听器:<listener> <listener-class> org.apache.shiro.web.env.EnvironmentLoaderListener </listener-class></listener>
3、在整个的web的开发过程之中用户的检测一定要存在有过滤器,所以需要配置过滤器。本次秃赈沙嚣建议继续使用普通的认证模式,利用shiro.ini文件实现认证,所以唁昼囫缍这个配置文件需要进行指派。<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee"xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1"><display-name>shirodemo</display-name> <listener> <listener-class> org.apache.shiro.web.env.EnvironmentLoaderListener </listener-class> </listener> <filter> <filter-name>ShiroFilter</filter-name> <filter-class> org.apache.shiro.web.servlet.ShiroFilter </filter-class> <init-param> <param-name>configPath</param-name> <param-value>classpath:shiro.ini</param-value> </init-param></filter> <filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern><dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping></web-app>
4、那么此时就标识web项目之中已经集成好了Shiro的开发程序。配置完成此时可以得到一些shiro的配置信息:
5、需要建立一个Servlet程序来进行具体的登陆操作:package com.gwolf.servlet;import static org.springframework.test.we芟鲠阻缒b.servlet.result.MockMvcResultMatchers.request;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.subject.Subject;@WebServlet("/shiroLogin")public class LoginServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req,HttpServletResponse resp) throws ServletException, IOException { this.doPost(req, resp); } @Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String mid = req.getParameter("mid"); String password = req.getParameter("password"); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(mid, password); subject.login(token); req.getSession().setAttribute("mid", mid); req.getRequestDispatcher("/welcome.jsp").forward(req, resp); }}
6、在根目录下创建一个login.jsp的文件。<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>shrio登录</title></head><body> <form action="shiroLogin" method="post"> 用户名:<input type="text" name="mid" /> 密码:<input type="password" name="password"/> <input type="submit" value="登录"/> </form></body></html>
7、这样shiro的一个基础的web验证就已经完成了。
