shiro权限框架
来源:互联网 发布:开淘宝没货源怎么办 编辑:程序博客网 时间:2024/06/10 22:35
Shiro与SpringMVC整合
第一部分 什么是Apache Shiro
1、什么是 apache shiro :
Apache Shiro是一个功能强大且易于使用的Java安全框架,提供了认证,授权,加密,和会话管理
如同 Spring security 一样都是是一个权限安全框架,但是与Spring Security相比,在于他使用了和比较简洁易懂的认证和授权方式。
2、Apache Shiro 的三大核心组件:
1、Subject :当前用户的操作
2、SecurityManager:用于管理所有的Subject
3、Realms:用于进行权限信息的验证
Subject:即当前用户,在权限管理的应用程序里往往需要知道谁能够操作什么,谁拥 有操作该程序的权利,shiro中则需要通过Subject来提供基础的当前用户信息,Subject 不仅仅代表某个用户,也可以是第三方进程、后台帐户(Daemon Account)或其他类似事物。
SecurityManager:即所有Subject的管理者,这是Shiro框架的核心组件,可以把他看做是一个Shiro框架的全局管理组件,用于调度各种Shiro框架的服务。
Realms:Realms则是用户的信息认证器和用户的权限人证器,我们需要自己来实现Realms来自定义的管理我们自己系统内部的权限规则。
3、Authentication 和 Authorization
在shiro的用户权限认证过程中其通过两个方法来实现:
1、Authentication:是验证用户身份的过程。
2、Authorization:是授权访问控制,用于对用户进行的操作进行人证授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。
4、其他组件:
除了以上几个组件外,Shiro还有几个其他组件:
1、SessionManager :Shiro为任何应用提供了一个会话编程范式。
2、CacheManager :对Shiro的其他组件提供缓存支持。
5、Shiro 完整架构图:
图片转自:http://kdboy.iteye.com/blog/1154644
第二部分 Apache Shiro 整合Spring的Web程序构建
1、准备工具:
持久层框架:Hibernate4 这边我使用了Hibernate来对数据持久层进行操作
控制显示层框架:SpringMVC 这边我使用了SpringMVC实际开发中也可以是其他框架
数据库:MySql
准备好所需要的jar放到项目中。
2、创建数据库:
首先需要四张表,分别为 user(用户)、role(角色)、permission(权限)、userRole(用户角色关系表)
这边分别创建四张表的实体类,通过Hiberante的hibernate.hbm2ddl.auto属性的update 来自动生成数据表结构。
用户表:
1 package com.ssh.entity; 2 3 import java.util.Date; 4 import java.util.List; 5 6 import javax.persistence.CascadeType; 7 import javax.persistence.Entity; 8 import javax.persistence.GeneratedValue; 9 import javax.persistence.GenerationType;10 import javax.persistence.Id;11 import javax.persistence.OneToMany;12 import javax.persistence.Table;13 14 @Table(name="t_user")15 @Entity16 public class User {17 18 @Id19 @GeneratedValue(strategy=GenerationType.AUTO)20 Integer id;21 22 String username;23 String password;24 Integer isDelete;25 Date createDate;26 @OneToMany(mappedBy="user",cascade=CascadeType.ALL)27 List<UserRole> userRoles;28 public Integer getId() {29 return id;30 }31 public void setId(Integer id) {32 this.id = id;33 }34 public String getUsername() {35 return username;36 }37 public void setUsername(String username) {38 this.username = username;39 }40 public String getPassword() {41 return password;42 }43 public void setPassword(String password) {44 this.password = password;45 }46 public Integer getIsDelete() {47 return isDelete;48 }49 public void setIsDelete(Integer isDelete) {50 this.isDelete = isDelete;51 }52 public Date getCreateDate() {53 return createDate;54 }55 public void setCreateDate(Date createDate) {56 this.createDate = createDate;57 }58 public List<UserRole> getUserRoles() {59 return userRoles;60 }61 public void setUserRoles(List<UserRole> userRoles) {62 this.userRoles = userRoles;63 } 64 65 66 }
角色表:
1 package com.ssh.entity; 2 3 import javax.persistence.Entity; 4 import javax.persistence.GeneratedValue; 5 import javax.persistence.GenerationType; 6 import javax.persistence.Id; 7 import javax.persistence.Table; 8 9 @Entity 10 @Table(name = "t_role") 11 public class Role {12 13 @Id14 @GeneratedValue(strategy = GenerationType.AUTO)15 Integer id;16 String name;17 String description;18 public Integer getId() {19 return id;20 }21 public void setId(Integer id) {22 this.id = id;23 }24 public String getName() {25 return name;26 }27 public void setName(String name) {28 this.name = name;29 }30 public String getDescription() {31 return description;32 }33 public void setDescription(String description) {34 this.description = description;35 }36 37 }
权限表:
1 package com.ssh.entity; 2 3 import javax.persistence.Entity; 4 import javax.persistence.GeneratedValue; 5 import javax.persistence.GenerationType; 6 import javax.persistence.Id; 7 import javax.persistence.Table; 8 9 @Entity10 @Table(name = "t_permission")11 public class Permission {12 13 @Id14 @GeneratedValue(strategy = GenerationType.AUTO)15 Integer id;16 /** token **/17 String token;18 /** 资源url **/19 String url;20 /** 权限说明 **/21 String description;22 /** 所属角色编号 **/23 Integer roleId;24 public Integer getId() {25 return id;26 }27 public void setId(Integer id) {28 this.id = id;29 }30 public String getToken() {31 return token;32 }33 public void setToken(String token) {34 this.token = token;35 }36 public String getUrl() {37 return url;38 }39 public void setUrl(String url) {40 this.url = url;41 }42 public String getDescription() {43 return description;44 }45 public void setDescription(String description) {46 this.description = description;47 }48 public Integer getRoleId() {49 return roleId;50 }51 public void setRoleId(Integer roleId) {52 this.roleId = roleId;53 }54 55 56 57 }
用户角色表:
1 package com.ssh.entity; 2 3 import javax.persistence.CascadeType; 4 import javax.persistence.Entity; 5 import javax.persistence.GeneratedValue; 6 import javax.persistence.GenerationType; 7 import javax.persistence.Id; 8 import javax.persistence.JoinColumn; 9 import javax.persistence.ManyToOne;10 import javax.persistence.Table;11 12 @Entity13 @Table(name = "t_user_role")14 public class UserRole {15 @Id16 @GeneratedValue(strategy = GenerationType.AUTO)17 Integer id;18 19 @ManyToOne(cascade = CascadeType.ALL)20 @JoinColumn(name = "userId", unique = true)21 User user;22 @ManyToOne23 @JoinColumn(name = "roleId", unique = true)24 Role role;25 public Integer getId() {26 return id;27 }28 public void setId(Integer id) {29 this.id = id;30 }31 public User getUser() {32 return user;33 }34 public void setUser(User user) {35 this.user = user;36 }37 public Role getRole() {38 return role;39 }40 public void setRole(Role role) {41 this.role = role;42 }43 44 }
3、编写操作用户业务的Service:
1 package com.ssh.service; 2 3 import java.util.ArrayList; 4 import java.util.List; 5 6 import org.springframework.beans.factory.annotation.Autowired; 7 8 import com.ssh.dao.BaseDao; 9 import com.ssh.entity.Permission;10 import com.ssh.entity.Role;11 import com.ssh.entity.User;12 import com.ssh.entity.UserRole;13 14 public class AccountService {15 // 公共的数据库访问接口 16 // 这里省略BaseDao dao的编写 17 @Autowired 18 private BaseDao dao; 19 /**** 20 * 通过用户名获取用户对象 21 * 22 * @param username 23 * @return 24 */ 25 public User getUserByUserName(String username){26 User user = (User) dao.findObjectByHQL("from User where username=?",new Object[]{username});27 return user;28 }29 30 /***31 * 通过用户名获取权限资源32 * 33 * @param username34 * @return35 */36 public List<String> getPermissionsByUserName(String username) {37 System.out.println("调用");38 User user = getUserByUserName(username);39 if(user==null){40 return null;41 }42 List<String> list = new ArrayList<String>();43 for(UserRole userRole:user.getUserRoles()){44 Role role = userRole.getRole();45 List<Permission> permissions = dao.findAllByHQL("FROM Permission WHERE roleId = ?", new Object[] { role.getId() });46 for (Permission p : permissions) {47 list.add(p.getUrl());48 }49 }50 return list;51 }52 }
BaseDao
1 package com.ssh.dao; 2 3 import java.util.List; 4 5 public interface BaseDao { 6 7 /*** 8 * 添加 9 */10 public void addObject(Object object);11 12 /***13 * 查询满足条件 return list14 */15 public List findAllByHQL(String hql);16 17 /***18 * 查询满足条件的数据19 * 20 * @param hql21 * @param args22 * @return23 */24 public List findAllByHQL(String hql, Object[] args);25 26 /***27 * 查询满足条件的对象28 */29 public Object findObjectByHQL(String hql);30 31 public Object findObjectByHQL(String hql, Object[] args);32 33 /***34 * 查询满足条件的对象35 */36 public Object findObjectBySQL(String sql);37 38 /***39 * 分页查询 return list40 */41 public List findPage(String hql, int page, int size);42 43 /***44 * 分页查询 带占位符参数45 * 46 * @param hql47 * @param page48 * @param size49 * @param args50 * @return51 */52 public List findPage(String hql, int page, int size, Object[] args);53 54 /***55 * 删除对象56 */57 public void delObject(Object object);58 59 /***60 * 更新对象61 */62 public void updateObject(Object object);63 64 /***65 * 批量更新对象 return int66 */67 public void updateObjectByHQL(String hql);68 69 public void updateObjectByHQL(String hql, Object[] params);70 71 /***72 * 通过sql查询所有73 * 74 * @param sql75 * @return76 */77 public List findAllBySql(String sql);78 79 }
BaseDaoImpl
1 package com.ssh.dao; 2 3 import java.util.List; 4 5 import org.hibernate.Query; 6 import org.hibernate.SessionFactory; 7 import org.springframework.transaction.annotation.Transactional; 8 9 @Transactional 10 public class BaseDaoImpl implements BaseDao{ 11 // @Autowired 12 public SessionFactory sessionFactory; 13 14 public SessionFactory getSessionFactory() { 15 return sessionFactory; 16 } 17 18 public void setSessionFactory(SessionFactory sessionFactory) { 19 this.sessionFactory = sessionFactory; 20 } 21 22 23 public void addObject(Object object) { 24 sessionFactory.getCurrentSession().save(object); 25 } 26 27 public List findAllByHQL(String hql) { 28 Query query = sessionFactory.getCurrentSession().createQuery(hql); 29 return query.list(); 30 } 31 32 public List findAllByHQL(String hql, Object[] args) { 33 Query query = sessionFactory.getCurrentSession().createQuery(hql); 34 for (int i = 0; i < args.length; i++) { 35 System.out.println(args[i]); 36 query.setParameter(i, args[i]); 37 } 38 return query.list(); 39 } 40 41 42 public Object findObjectByHQL(String hql) { 43 Query query = sessionFactory.getCurrentSession().createQuery(hql); 44 List list = query.list(); 45 if (list.size() > 0) { 46 return list.get(0); 47 } 48 return null; 49 } 50 51 public Object findObjectByHQL(String hql, Object[] args) { 52 Query query = sessionFactory.getCurrentSession().createQuery(hql); 53 System.out.println(args[0]); 54 for (int i = 0; i < args.length; i++) { 55 System.out.println(args[i]); 56 query.setParameter(i, args[i]); 57 } 58 List list = query.list(); 59 if (list.size() > 0) { 60 return list.get(0); 61 } 62 return null; 63 } 64 65 public List findPage(final String hql,final int page,final int size,final Object[] args) { 66 Query query = sessionFactory.getCurrentSession().createQuery(hql); 67 for (int i = 0; i < args.length; i++) { 68 query.setParameter(i, args[i]); 69 } 70 query.setMaxResults(size); 71 query.setFirstResult(page); 72 List<Object> list = query.list(); 73 return list; 74 } 75 76 public List findPage(final String hql, final int page, final int size) { 77 Query query = sessionFactory.getCurrentSession().createQuery(hql); 78 query.setMaxResults(size); 79 query.setFirstResult(page); 80 List<Object> list = query.list(); 81 return list; 82 } 83 84 public void delObject(Object object) { 85 sessionFactory.getCurrentSession().delete(object); 86 } 87 88 89 public void updateObject(Object object) { 90 sessionFactory.getCurrentSession().update(object); 91 } 92 93 94 public void updateObjectByHQL(String hql) { 95 sessionFactory.getCurrentSession().createQuery(hql).executeUpdate(); 96 } 97 98 99 public Object findObjectBySQL(String sql) {100 Query query = sessionFactory.getCurrentSession().createSQLQuery(sql);101 102 List list = query.list();103 if (list.size() > 0) {104 return list.get(0);105 }106 return null;107 }108 109 public List findAllBySql(String sql) {110 Query query = sessionFactory.getCurrentSession().createSQLQuery(sql);111 return query.list();112 }113 114 public void updateObjectByHQL(String hql, Object[] params) {115 Query query = sessionFactory.getCurrentSession().createQuery(hql);116 for (int i = 0; i < params.length; i++) {117 query.setParameter(i, params[i]);118 }119 query.executeUpdate();120 }121 122 }
4、编写shiro组件自定义Realm:
1 package com.ssh.shiro; 2 3 import java.util.List; 4 5 import org.apache.axis.handlers.SimpleAuthorizationHandler; 6 import org.apache.shiro.authc.AuthenticationException; 7 import org.apache.shiro.authc.AuthenticationInfo; 8 import org.apache.shiro.authc.AuthenticationToken; 9 import org.apache.shiro.authc.SimpleAuthenticationInfo;10 import org.apache.shiro.authc.UsernamePasswordToken;11 import org.apache.shiro.authz.AuthorizationInfo;12 import org.apache.shiro.authz.SimpleAuthorizationInfo;13 import org.apache.shiro.realm.AuthorizingRealm;14 import org.apache.shiro.subject.PrincipalCollection;15 16 import com.ssh.entity.User;17 import com.ssh.service.AccountService;18 19 /**20 * 编写自定义Realm21 * @author dxyd22 *23 */24 public class MyShiroRealm extends AuthorizingRealm{25 26 /**用户的业务类**/ 27 private AccountService accountService; 28 29 public AccountService getAccountService() { 30 return accountService; 31 } 32 33 public void setAccountService(AccountService accountService) { 34 this.accountService = accountService; 35 } 36 /*** 37 * 获取授权信息 38 */ 39 //根据自己系统规则的需要编写获取授权信息,这里为了快速入门只获取了用户对应角色的资源url信息 40 @Override41 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {42 String username = (String)pc.fromRealm(getName()).iterator().next();43 if(username!=null){44 List<String> pers = accountService.getPermissionsByUserName(username); 45 if(pers!=null && !pers.isEmpty()){46 SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();47 for(String each:pers){48 //将权限资源添加到用户信息中 49 info.addStringPermission(each);50 }51 }52 }53 return null;54 }55 /*** 56 * 获取认证信息 57 */ 58 @Override59 protected AuthenticationInfo doGetAuthenticationInfo(60 AuthenticationToken at) throws AuthenticationException {61 62 63 UsernamePasswordToken token = (UsernamePasswordToken) at;64 // 通过表单接收的用户名 65 String username = token.getUsername();66 if(username!=null && !"".equals(username)){67 User user = accountService.getUserByUserName(username); 68 if (user != null) { 69 return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), getName()); 70 } 71 }72 return null;73 }74 75 }
上述类继承了Shiro的AuthorizingRealm类 实现了AuthorizationInfo和AuthenticationInfo两个方法,用于获取用户权限和认证用户登录信息
5、编写LoginController:
1 package com.ssh.controller; 2 3 import org.apache.shiro.SecurityUtils; 4 import org.apache.shiro.authc.UsernamePasswordToken; 5 import org.apache.shiro.subject.Subject; 6 import org.springframework.beans.factory.annotation.Autowired; 7 import org.springframework.stereotype.Controller; 8 import org.springframework.web.bind.annotation.RequestMapping; 9 import org.springframework.web.bind.annotation.RequestMethod;10 import org.springframework.web.portlet.ModelAndView;11 12 import com.ssh.entity.User;13 import com.ssh.service.AccountService;14 15 /****16 * 用户登录Controller17 * 18 * @author Swinglife19 * 20 */21 @Controller22 public class LoginController {23 // 处理用户业务类24 @Autowired25 private AccountService accountService;26 27 /***28 * 跳转到登录页面29 * 30 * @return31 */32 @RequestMapping(value = "/toLogin")33 public String toLogin() {34 // 跳转到/page/login.jsp页面35 return "login";36 }37 38 /***39 * 实现用户登录40 * 41 * @param username42 * @param password43 * @return44 */45 @RequestMapping(value = "/login",method = RequestMethod.POST)46 public ModelAndView Login(String username, String password) {47 ModelAndView mav = new ModelAndView();48 User user = accountService.getUserByUserName(username);49 if (user == null) {50 mav.setView("toLogin");51 mav.addObject("msg", "用户不存在");52 return mav;53 }54 if (!user.getPassword().equals(password)) {55 mav.setView("toLogin");56 mav.addObject("msg", "帐号密码错误");57 return mav;58 }59 SecurityUtils.getSecurityManager().logout(SecurityUtils.getSubject());60 // 登录后存放进shiro token61 UsernamePasswordToken token = new UsernamePasswordToken(62 user.getUsername(), user.getPassword());63 Subject subject = SecurityUtils.getSubject();64 subject.login(token);65 // 登录成功后会跳转到successUrl配置的链接,不用管下面返回的链接。 66 mav.setView("redirect:/home");67 return mav;68 }69 70 }
6、编写信息认证成功后的跳转页面:
1 package com.ssh.controller; 2 3 import org.springframework.stereotype.Controller; 4 import org.springframework.web.bind.annotation.RequestMapping; 5 6 @Controller 7 public class IndexController { 8 @RequestMapping("home") 9 public String index() {10 System.out.println("登录成功");11 return "home";12 }13 }
7、Shiro的配置文件.xml
spring-shiro.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" 5 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 6 http://www.springframework.org/schema/context 7 http://www.springframework.org/schema/context/spring-context-3.2.xsd 8 http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd 9 http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">10 11 <!-- shiro-all.jar 12 filterChainDefinitions:apache 13 shiro通过filterChainDefinitions参数来分配链接的过滤,14 资源过滤有常用的以下几个参数:15 authc 表示需要认证的链接16 perms[/url] 表示该链接需要拥有对应的资源/权限才能访问17 roles[admin] 表示需要对应的角色才能访问18 perms[admin:url] 表示需要对应角色的资源才能访问19 20 --> 21 <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">22 <property name="securityManager" ref="securityManager" />23 <property name="loginUrl" value="/toLogin" />24 <property name="successUrl" value="/home" />25 <property name="unauthorizedUrl" value="/403.do" />26 27 <property name="filterChainDefinitions">28 <value>29 /toLogin = authc <!-- authc 表示需要认证才能访问的页面 -->30 /home = authc, perms[/home] <!-- perms 表示需要该权限才能访问的页面 -->31 </value>32 </property>33 </bean>34 35 <bean id="myShiroRealm" class="com.ssh.shiro.MyShiroRealm">36 <!-- businessManager 用来实现用户名密码的查询 -->37 <property name="accountService" ref="accountService" />38 </bean> 39 <!-- shiro-all.jar -->40 <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">41 <property name="realm" ref="myShiroRealm"></property>42 </bean>43 44 <bean id="accountService" class="com.ssh.service.AccountService"></bean>45 46 <!-- <bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> 47 <property name="cacheManager" ref="cacheManager" /> </bean> -->48 </beans>
loginUrl 用于配置登陆页
successUrl 用于配置登录成功后返回的页面,不过该参数只会在当登录页面中并没有任何返回页面时才会生效,否则会跳转到登录Controller中的指定页面。
unauthorizedUrl 用于配置没有权限访问页面时跳转的页面
filterChainDefinitions:apache shiro通过filterChainDefinitions参数来分配链接的过滤,资源过滤有常用的以下几个参数:
1、authc 表示需要认证的链接
2、perms[/url] 表示该链接需要拥有对应的资源/权限才能访问
3、roles[admin] 表示需要对应的角色才能访问
4、perms[admin:url] 表示需要对应角色的资源才能访问
spring-common.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:aop="http://www.springframework.org/schema/aop" 4 xmlns:cache="http://www.springframework.org/schema/cache" 5 xmlns:context="http://www.springframework.org/schema/context" 6 xmlns:jdbc="http://www.springframework.org/schema/jdbc" 7 xmlns:jee="http://www.springframework.org/schema/jee" 8 xmlns:jms="http://www.springframework.org/schema/jms" 9 xmlns:lang="http://www.springframework.org/schema/lang" 10 xmlns:mvc="http://www.springframework.org/schema/mvc" 11 xmlns:oxm="http://www.springframework.org/schema/oxm" 12 xmlns:task="http://www.springframework.org/schema/task" 13 xmlns:tx="http://www.springframework.org/schema/tx" 14 xmlns:util="http://www.springframework.org/schema/util" 15 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 16 xsi:schemaLocation="http://www.springframework.org/schema/beans17 http://www.springframework.org/schema/beans/spring-beans.xsd18 http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd19 http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache-3.2.xsd20 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd21 http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.2.xsd22 http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.2.xsd23 http://www.springframework.org/schema/jms http://www.springframework.org/schema/jms/spring-jms-3.2.xsd24 http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang-3.2.xsd25 http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd26 http://www.springframework.org/schema/oxm http://www.springframework.org/schema/oxm/spring-oxm-3.2.xsd27 http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.2.xsd28 http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd29 http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.2.xsd">30 31 <!--扫描映射 -->32 <context:component-scan base-package="com.ssh"></context:component-scan>33 34 <!-- 引入property配置文件 -->35 <context:property-placeholder location="classpath:prop/jdbc.properties"></context:property-placeholder>36 <!-- 配置数据源 -->37 <bean class="org.springframework.jdbc.datasource.DriverManagerDataSource" id="dataSource">38 <property name="driverClassName" value="${jdbc.mysql.driverClassName}"></property>39 <property name="url" value="${jdbc.mysql.url}"></property>40 <property name="username" value="${jdbc.mysql.username}"></property>41 <property name="password" value="${jdbc.mysql.password}"></property>42 <!-- 初始化连接大小43 <property name="initialSize" value="${jdbc.initialSize}"></property> -->44 <!-- 连接池最大数量 45 <property name="maxActive" value="${jdbc.maxActive}"></property>-->46 <!-- 连接池最大空闲 -->47 <!-- <property name="maxIdle" value="${maxIdle}"></property> -->48 <!-- 连接池最小空闲 49 <property name="minIdle" value="${jdbc.minIdle}"></property>-->50 <!-- 获取连接最大等待时间 51 <property name="maxWait" value="${jdbc.maxWait}"></property>-->52 </bean>53 54 <!-- 配置SessionFactory -->55 <bean class="org.springframework.orm.hibernate4.LocalSessionFactoryBean" id="sessionFactory">56 <property name="dataSource" ref="dataSource"></property>57 <property name="hibernateProperties">58 <props>59 <prop key="hibernate.dialect">${jdbc.mysql.dialect}</prop>60 <prop key="hibernate.hbm2ddl.auto">update</prop>61 <!--是否显示sql语句 我在这里是显示的 -->62 <prop key="hibernate.show_sql">true</prop>63 <!--格式化显示sql语句 -->64 <prop key="hibernate.format_sql">true</prop>65 </props>66 </property>67 <!-- 自动扫描制定位置下的实体进行映射 --> 68 <property name="packagesToScan" value="com.ssh.entity"></property>69 </bean>70 71 <!-- 配置一个事务管理器 -->72 <bean class="org.springframework.orm.hibernate4.HibernateTransactionManager" id="transactionManager">73 <property name="sessionFactory" ref="sessionFactory">74 </property></bean>75 76 <!-- 应该是开启事物 -->77 <tx:annotation-driven transaction-manager="transactionManager"></tx:annotation-driven>78 79 <!-- baseDao -->80 <bean id="dao" class="com.ssh.dao.BaseDaoImpl">81 <property name="sessionFactory" ref="sessionFactory"></property>82 </bean>83 </beans>
spring-mvc.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans 3 http://www.springframework.org/schema/beans/spring-beans.xsd 4 http://www.springframework.org/schema/context 5 http://www.springframework.org/schema/context/spring-context-3.2.xsd 6 http://www.springframework.org/schema/mvc 7 http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd"> 8 9 <!-- 注解扫描包 -->10 <context:component-scan base-package="com.ssh"></context:component-scan>11 12 <!-- 开启注解 -->13 <mvc:annotation-driven></mvc:annotation-driven> 14 15 <!-- 定义视图解析器 --> 16 <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" id="viewResolver">17 <property name="prefix" value="/WEB-INF/page/"></property>18 <property name="suffix" value=".jsp"></property>19 </bean>20 <import resource="spring-common.xml"/>21 <import resource="spring-shiro.xml"/>22 </beans>
8、登陆页login.jsp
1 <body> 2 3 <h1>user login</h1> 4 <form action="login" method="post"> 5 username:<input type="text" name="username"><p> 6 password:<input type="password" name="password"> 7 <p> 8 ${msg } 9 <input type="submit" value="submit"> 10 </form> 11 </body>
9、运行程序
在数据库中添加一条用户、角色、以及权限数据,并且在关联表中添加一条关联数据:
在浏览器中访问: home页面 就会跳转到登录页面:
阅读全文
0 0
- 权限框架shiro
- Shiro权限框架
- Shiro权限框架简介
- 权限框架 Shiro
- Shiro权限框架文档
- shiro权限框架实战
- Shiro权限框架文档
- shiro权限框架实战
- Shiro权限框架
- Shiro权限框架
- Shiro权限框架简介
- 权限控制框架 shiro
- Shiro 权限控制框架
- Shiro权限框架文档
- shiro权限验证框架
- Shiro权限框架简介
- Apache Shiro 权限框架
- 权限管理框架Shiro
- JVM调优:选择合适的GC collector (二)
- 模板方法模式1
- 18 在VS下运行C语言程序
- 顺丰和百度外卖绯闻内幕披露
- git 的使用——基本的仓库创建,文件提交,上传操作命令,远程仓库关联
- shiro权限框架
- 初涉莫比乌斯反演(附带例题)
- 什么样的PPT能助你成为一个优秀的演讲者——程序员的演讲之道
- 决策树之ID3算法
- 未来将会有更多基于 Cortana 的设备
- 阿里云大学-虚拟化技术入门-听课笔记
- 03-树3 Tree Traversals Again (25分)
- Rider新预览版对F#的支持让人眼前一亮
- 19 在Linux下运行C语言程序
