SSM整合Shiro实现基础开发

1、本次的操作将直接利用Spring MVC中的Action作为整体的登陆控制：建立一个Member.java的VO类：package com.gwolf.vo;import java.io.Serializable;public class Member implements Serializable{ private String mid; private String password; private String name; public String getMid() { return mid; } public void setMid(String mid) { this.mid = mid; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getName() { return name; } public void setName(String name) { this.name = name; } }

2、建立Member相应的映射文件，并且在里面编写好所需要的DAO实现代码：<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"><mapper namespace="com.gwolf.dao.IMemberMapper"> <!-- 根据身份信息取得密码进行认证 --> <select id="findById" parameterType="String" resultType="Member"> select mid,password,name from member where mid=#{mid} </select> <select id="finAllRoleByMember" parameterType="String" resultType="String"> select flag from role where rid in (select rid from member_role where mid=#{mid}) </select> <!-- 根据用户查询所有的权限认证信息 --> <select id="finAllActionByMember" parameterType="String" resultType="String"> select flag from action where actid in (select actid from role_action where rid in(select rid from member_role where mid=#{mid})) </select></mapper>

3、建立好 IMemberMapper接口，这个接口建立的时候注意包名称，以及方法名称要与配置文件中定义的操作的Id一样。package com.gwolf.dao;import java.util.Set;import com.gwolf.vo.Member;public interface IMemberMapper { public Member findById(String mid); public Set<String> finAllRoleByMember(String mid); public Set<String> finAllActionByMember(String mid);}

4、定义IMemberService业务层处理，这个里面需要提供两个操作方法：认证、授权。package com.gwolf.service;import java.util.Map;import com.gwolf.vo.Member;public interface IMemberService { /** * 此方法是留给Realm进行用户认证使用的 * @param mid * @return * @throws Exception */ public Member get(String mid) throws Exception; /** * 此方法是留给Realm实现授权处理，主要要根据用户Id查询出所有的角色以及对应的权限 * @param mid * @return 返回的数据包含有两个内容：<br> * <li>key=allRoles、value=所有的用户角色</li> * <li>key=allActions、value=所有的用户权限</li> * @throws Exception */ public Map<String,Object> listAuthByMember(String mid) throwsException;}package com.gwolf.service.impl;import java.util.HashMap;import java.util.Map;import javax.annotation.Resource;import org.springframework.stereotype.Service;import com.gwolf.dao.IMemberMapper;import com.gwolf.service.IMemberService;import com.gwolf.vo.Member;@Servicepublic class MemberServiceImpl implements IMemberService{ @Resource private IMemberMapper memberMapper; @Override public Member get(String mid) throws Exception { return this.memberMapper.findById(mid); } @Override public Map<String, Object> listAuthByMember(String mid) throws Exception { Map<String,Object> map = new HashMap<String,Object>(); map.put("allRoles", this.memberMapper.finAllRoleByMember(mid)); map.put("allActions", this.memberMapper.finAllActionByMember(mid)); return map; }}

5、修改自定义的Realm自定义程序类：MemberRealmpackage com.gwolf.shiro.realm;import java.util.Map;import java.util.Set;import javax.annotation.Resource;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.IncorrectCredentialsException;import org.apache.shiro.authc.SimpleAuthenticationInfo;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.authz.SimpleAuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.subject.PrincipalCollection;import org.springframework.stereotype.Component;import com.gwolf.service.IMemberService;import com.gwolf.vo.Member;@Componentpublic class MemberRealm extends AuthorizingRealm { @Resource private IMemberService memberService; @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { System.out.println("doGetAuthenticationInfo----------"); //登录认证的方法需要先执行，需要用他来判断登录的用户信息是否合法 String username = (String)token.getPrincipal(); Member vo = null; try { vo = memberService.get(username); } catch (Exception e) { e.printStackTrace(); } if(vo == null) { throw new AuthenticationException("改用户名称不存在"); }else { String password = new String((char[])token.getCredentials()); if(vo.getPassword().equals(password)) { AuthenticationInfo auth = new SimpleAuthenticationInfo(username, password,"memberRealm"); return auth; }else { throw new IncorrectCredentialsException("密码错误！"); } } } @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { System.out.println("------------doGetAuthorizationInfo----------"); String username = (String)principals.getPrimaryPrincipal(); SimpleAuthorizationInfo authenticationInfo = new SimpleAuthorizationInfo(); Map<String, Object> map; try { map = this.memberService.listAuthByMember(username); authenticationInfo.setRoles((Set<String>)map.get("allRoles")); authenticationInfo.setStringPermissions((Set<String>)map.get("allActions")); } catch (Exception e) { e.printStackTrace(); } return authenticationInfo; }}

6、在以后引用此Realm的时候名字为“memberRealm”。修改applicationContext.xml文件，在这个文件里面要对使用的程序的Realm进行配置。 <!-- 配置SecurityManager的管理 --> <bean id="securityManager" class="org.apache.shiro.mgt.DefaultSecurityManager"> <!-- 配置你需要使用的Realms --> <property name="realm" ref="memberRealm"></property> </bean>

7、将过滤的路径配置完整：<!-- 配置shiro过滤器 --> <bean id="shiroFilterFactoryBean" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"></property> <!-- 出现错误之后的跳转路径的配置 --> <property name="loginUrl" ref="/loginUrl"></property> <!-- 认证失败之后的跳转路径页面 --> <property name="unauthorizedUrl" value="/unauthUrl"></property> <property name="successUrl" value="/successUrl"></property> <!-- shiro里面需要针对于所有的路径进行配置 --> <property name="filterChainDefinitionMap"> <value> /*=anon /shiroLogin=anon /messages/**=authc /admin*=authc /welcome.jsp=authc,perms[member:add] </value> </property> </bean>

8、建立一个登陆的Action，这个Action要处理好各个页面的问题：package com.gwolf.action;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.subject.Subject;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.servlet.ModelAndView;@Controllerpublic class MemberLoginAction { @RequestMapping("/shiroLogin") public ModelAndView login(String mid,String password) { ModelAndView mav = new ModelAndView(); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(mid, password); try { subject.login(token); mav.setViewName("welcome"); } catch (AuthenticationException e) { e.printStackTrace(); mav.setViewName("login"); } return mav; } @RequestMapping("/loginUrl") public ModelAndView loginUrl() { ModelAndView mav = new ModelAndView(); mav.setViewName("login"); return mav; } @RequestMapping("/unauthUrl") public ModelAndView unauthUrl() { ModelAndView mav = new ModelAndView(); mav.setViewName("role"); return mav; } @RequestMapping("/successUrl") public ModelAndView successUrl() { ModelAndView mav = new ModelAndView(); mav.setViewName("welcome"); return mav; }}