shiro+mybatis+springmvc实例记录(二)——shiro支持ajax请求
来源:互联网 发布:linux cat和more 编辑:程序博客网 时间:2024/06/04 01:36
接上文,页面跳转显然不适合动静分离ajax交互的架构模式,因此就需要对框架进行改造优化,使得后台能够返回json数据给前端请求。
自定义拦截器
shiro对权限、用户信息的校验实在默认的拦截器中进行的,要改写数据返回方式,则需要重写拦截器。这里我们分别对authc,perms进行重写。
分别定义两个拦截器,并使用printWriter将json字符串写入response中。
LoginFilter
package com.testshiro.filter;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.log4j.Logger;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.subject.Subject;import org.apache.shiro.web.filter.authc.FormAuthenticationFilter; //用户登录校验失败回调方法,也可以自己重写校验方法isAccessAllowed @Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; //设置编码格式,header的content-type也要设置,否则浏览器不会以utf8解析,还是乱码。设置application/json可以让js不需要eval即可使用对象 httpServletResponse.setCharacterEncoding("UTF-8"); httpServletResponse.setHeader("Content-type", "application/json;charset=UTF-8"); PrintWriter out; try { out = httpServletResponse.getWriter(); out.println("{\"code\":-1,\"msg\":\"未登录用户!\"}"); out.flush(); out.close(); } catch (IOException e1) { log.info(e1.getMessage()); } return false; } @Override protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setCharacterEncoding("UTF-8"); httpServletResponse.setHeader("Content-type", "application/json;charset=UTF-8"); PrintWriter out; try { out = httpServletResponse.getWriter(); out.println("{\"code\":-1,\"msg\":\"系统错误\"}"); out.flush(); out.close(); } catch (IOException e1) { log.info(e1.getMessage()); } return false; } @Override protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception { return super.onLoginSuccess(token, subject, request, response); } private final static Logger log = Logger.getLogger(LoginFilter.class);}
PermsFilter
package com.testshiro.filter;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.log4j.Logger;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.subject.Subject;import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;public class PermsFilter extends PermissionsAuthorizationFilter { private final static Logger log = Logger.getLogger(PermsFilter.class); @Override protected boolean onAccessDenied(ServletRequest arg0, ServletResponse arg1) throws IOException { HttpServletRequest httpServletRequest = (HttpServletRequest) arg0; HttpServletResponse httpServletResponse = (HttpServletResponse) arg1; httpServletResponse.setCharacterEncoding("UTF-8"); httpServletResponse.setHeader("Content-type", "application/json;charset=UTF-8"); PrintWriter out; try { out = httpServletResponse.getWriter(); out.println("{\"code\":-1,\"msg\":\"登录用户无权执行该操作!\"}"); out.flush(); out.close(); } catch (IOException e1) { log.info(e1.getMessage()); } return false; }}
接下来在配置文件中配置自定义拦截器
spring-shiro.xml
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.0.xsd" > <!-- Shiro Filter 拦截器相关配置 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <!-- securityManager --> <property name="securityManager" ref="securityManager" /> <property name="loginUrl" value="/login.jsp" /> <property name="unauthorizedUrl" value="/403.jsp" /> <property name="filters"> <util:map> <entry key="authc" value-ref="loginFilter"/> <entry key="perms" value-ref="authoFilter"/> </util:map> </property> <!-- 过滤链定义 --> <property name="filterChainDefinitions"> <value> /data/sysaccount/login*=anon /data/sysaccount/**=authc,perms[sysAccount] /data/sysautho/**=authc,perms[sysAutho] /data/sysrole/**=authc,perms[sysRole] </value> </property> </bean> <bean id="loginFilter" class="com.testshiro.filter.LoginFilter"/> <bean id="authoFilter" class="com.testshiro.filter.PermsFilter"/> <!-- securityManager --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="myRealm" /> </bean> <!-- 自定义Realm实现 --> <bean id="myRealm" class="com.testshiro.realm.CustomRealm" /> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /></beans>
启动服务器即可。
js页面部分代码
.ajax({ url : xxxx, type : "GET", success : function(data) { if("code" in data&&data.code==-1){ alert(data.msg); return; } } }) ......
运行效果
未登录情况:
未授权,post请求情况
正常情况
阅读全文
0 0
- shiro+mybatis+springmvc实例记录(二)——shiro支持ajax请求
- shiro+mybatis+springmvc实例记录(一)
- shiro+springmvc+mybatis(2)
- shiro+springmvc+mybatis
- Shiro+SpringMVC+MyBatis整合
- springMVC+shiro+mybatis
- SpringMVC+Mybatis+Mysql+Shiro
- 第一章 Shiro简介——跟我学习springmvc shiro mybatis
- 第一章 Shiro简介——跟我学习springmvc shiro mybatis
- 第一章 Shiro简介——跟我学习springmvc shiro mybatis
- shiro基础学习(二)—shiro认证
- Shiro在springmvc中的使用(实例)
- druid springmvc mybatis bootstrap shiro
- springmvc+mybatis+shiro+maven开篇
- sping+springmvc+mybatis+shiro,配置文件
- Spring+SpringMVC+Mybatis+Shiro+Msql
- springmvc + shiro 配置(二、其他配置文件)
- shiro(二)shiro详解
- 名称空间的使用
- ES6学习笔记
- 二叉树遍历算法实现
- @android:style/之Android系统自带样式
- SpringMVC 问题记录
- shiro+mybatis+springmvc实例记录(二)——shiro支持ajax请求
- 阿里云CentOS-7.2安装mysql
- iOS 面试题~RunLoop和线程的关系?runloop的mode作用是什么?
- 变形
- 牛客网前端编程题库及答案汇总(中)
- listview
- MVP
- 13. Roman to Integer
- view 画出一个形状,并在里面添加内容+文本居中