Shiro集成Web
来源:互联网 发布:js时间戳转换为日期 编辑:程序博客网 时间:2024/05/17 01:26
废话不多说,Demo演示自己体会
创建一个Maven 项目,自己准备一个logj.properties放在source下
自己再创键一个动态web项目 把 maven web.xml替换 ,再把META-INF放在对应目录下,把创建的动态web项目删掉,maven创建的jsp干掉,自己新建
在pom.xml贴上相关依赖
<dependencies> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>3.8.1</version> <scope>test</scope> </dependency> <!-- 添加servlet支持 --> <dependency><groupId>javax.servlet</groupId><artifactId>javax.servlet-api</artifactId><version>3.1.0</version></dependency><dependency><groupId>javax.servlet.jsp</groupId><artifactId>javax.servlet.jsp-api</artifactId><version>2.3.1</version></dependency><!-- 添加jstl支持 --><dependency><groupId>javax.servlet</groupId><artifactId>jstl</artifactId><version>1.2</version></dependency><!-- 添加日志支持 --> <dependency><groupId>log4j</groupId><artifactId>log4j</artifactId><version>1.2.17</version></dependency> <dependency><groupId>commons-logging</groupId><artifactId>commons-logging</artifactId><version>1.2</version></dependency><!-- 添加shiro支持 --> <dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.2.4</version></dependency> <dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-web</artifactId><version>1.2.4</version></dependency> <dependency><groupId>org.slf4j</groupId><artifactId>slf4j-api</artifactId><version>1.7.12</version></dependency> </dependencies>
在WEB-INF下新建shiro.ini
在web.xml进行配置
<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>ShrioWeb</display-name> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <!-- 添加shiro支持 --><filter> <filter-name>ShiroFilter</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> <!-- 这里默认加载 WEB-INF/shiro.ini 所以不用写 --></filter><filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern></filter-mapping><servlet><servlet-name>loginServlet</servlet-name><servlet-class>com.gcx.servlet.LoginServlet</servlet-class></servlet><servlet-mapping><servlet-name>loginServlet</servlet-name><url-pattern>/login</url-pattern></servlet-mapping><servlet><servlet-name>adminServlet</servlet-name><servlet-class>com.gcx.servlet.AdminServlet</servlet-class></servlet><servlet-mapping><servlet-name>adminServlet</servlet-name><url-pattern>/admin</url-pattern></servlet-mapping></web-app>
admin Servlet
package com.gcx.servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.subject.Subject;public class AdminServlet extends HttpServlet{/** * */private static final long serialVersionUID = 1L;@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {System.out.println("admin do get");}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {System.out.println("admin do post");}}
LoginServlet doGet 是身份验证未登录会到这 doPost是form提交 到这里来 这里的Token指定的用户是shiro.ini [users]里面的
package com.gcx.servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.session.Session;import org.apache.shiro.subject.Subject;public class LoginServlet extends HttpServlet{/** * */private static final long serialVersionUID = 1L;@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {// TODO Auto-generated method stubSystem.out.println("login doget");req.getRequestDispatcher("login.jsp").forward(req, resp);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {System.out.println("login dopost");String userName=req.getParameter("userName");String password=req.getParameter("password");Subject subject=SecurityUtils.getSubject();UsernamePasswordToken token=new UsernamePasswordToken(userName, password);try{subject.login(token);//Session会话机制Session session=subject.getSession();System.out.println("sessionId:"+session.getId());System.out.println("sessionHost:"+session.getHost());System.out.println("sessionTimeout:"+session.getTimeout());session.setAttribute("info", "session的数据");resp.sendRedirect("success.jsp");}catch(Exception e){e.printStackTrace();req.setAttribute("errorInfo", "用户名或者密码错误");req.getRequestDispatcher("login.jsp").forward(req, resp);}}}
login.jsp 验证未登录会到这个页面来
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Insert title here</title></head><body><form action="login" method="post">userName:<input type="text" name="userName"/><br/>password:<input type="password" name="password"/><br/><input type="submit" value="登录"/></form></body></html>
认证登陆成功后进来的页面 shiro标签判断当前用户是否符合这个标签要求
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%><%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Insert title here</title></head><body>${info }欢迎你!<shiro:hasRole name="admin">欢迎有admin角色的用户!<shiro:principal/></shiro:hasRole><shiro:hasPermission name="student:create">欢迎有student:create权限的用户!<shiro:principal/></shiro:hasPermission></body></html>
身份认证失败或者权限不足 看到的页面
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Insert title here</title></head><body>认证未通过,或者权限不足</body></html>
URL的匹配方式:
具体情况自己弄好环境后,不同用户进行调试,查看对比结果,比较重要也是Shiro核心
阅读全文
0 0
- Shiro集成Web
- 【shiro】--- 集成web
- 【Shiro】Apache Shiro架构之集成web
- 【Shiro】Apache Shiro架构之集成web
- 【Shiro】Apache Shiro架构之集成web
- shiro 的web集成使用
- Shiro与web的集成
- 3 、shiro与Web集成
- 第七章 Shiro与Web集成
- 一头扎进Shiro-集成Web
- Shiro(4) 与Web的集成
- Shiro框架与Web集成(七)
- shiro学习之路(5)------集成Web
- shiro 框架之与WEB集成
- Shiro 学习笔记(7)—— Shiro 集成 Web
- Shiro学习笔记(5)——web集成
- Shiro学习(20)无状态Web应用集成
- shiro入门实战笔记(7)--Web集成
- 开启MySQL的binlog日志
- Java 8——Optional泛型类
- oracle新建管理员用户
- Python爬取3gpp R13协议
- Set和Map数据结构
- Shiro集成Web
- 7. Reverse Integer
- 一些图论、网络流入门题总结、汇总
- Rss Feed是什么?
- 如何使用Framework7的图标icons
- 考研英语真题 阅读理解翻译及笔记——1994/section 2/text3
- 80个自我提升的网站
- 详解单例模式
- JAVAWEB开发之redis学习(十三)——redis服务器的虚拟内存和内存优化