Shiro(四) 自定义Realm

pom.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">  <modelVersion>4.0.0</modelVersion>  <groupId>com.java1234.shiro</groupId>  <artifactId>ShiroWebTest</artifactId>  <packaging>war</packaging>  <version>0.0.1-SNAPSHOT</version>  <name>ShiroWebTest Maven Webapp</name>  <url>http://maven.apache.org</url>  <dependencies>    <dependency>      <groupId>junit</groupId>      <artifactId>junit</artifactId>      <version>3.8.1</version>      <scope>test</scope>    </dependency>             <dependency>    <groupId>org.slf4j</groupId>    <artifactId>slf4j-api</artifactId>    <version>1.7.12</version></dependency> <dependency>    <groupId>mysql</groupId>    <artifactId>mysql-connector-java</artifactId>    <version>5.1.37</version></dependency>    <dependency>    <groupId>javax.servlet</groupId>    <artifactId>javax.servlet-api</artifactId>    <version>3.1.0</version></dependency><dependency>    <groupId>javax.servlet.jsp</groupId>    <artifactId>javax.servlet.jsp-api</artifactId>    <version>2.3.1</version></dependency>    <dependency>    <groupId>javax.servlet</groupId>    <artifactId>jstl</artifactId>    <version>1.2</version></dependency>   <dependency>    <groupId>log4j</groupId>    <artifactId>log4j</artifactId>    <version>1.2.17</version></dependency><dependency>    <groupId>commons-logging</groupId>    <artifactId>commons-logging</artifactId>    <version>1.2</version></dependency><dependency>    <groupId>org.apache.shiro</groupId>    <artifactId>shiro-core</artifactId>    <version>1.2.4</version></dependency><dependency>    <groupId>org.apache.shiro</groupId>    <artifactId>shiro-web</artifactId>    <version>1.2.4</version></dependency>          </dependencies>  <build>    <finalName>ShiroWebTest</finalName>  </build></project>

web.xml

<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>asdasd</display-name><welcome-file-list><welcome-file>index.html</welcome-file><welcome-file>index.htm</welcome-file><welcome-file>index.jsp</welcome-file><welcome-file>default.html</welcome-file><welcome-file>default.htm</welcome-file><welcome-file>default.jsp</welcome-file></welcome-file-list><listener>    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>  </listener>   <!-- 添加shiro支持 --><filter>    <filter-name>ShiroFilter</filter-name>    <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class></filter><filter-mapping>    <filter-name>ShiroFilter</filter-name>    <url-pattern>/*</url-pattern></filter-mapping><servlet><servlet-name>loginServlet</servlet-name><servlet-class>com.java1234.servlet.LoginServlet</servlet-class></servlet><servlet-mapping><servlet-name>loginServlet</servlet-name><url-pattern>/login</url-pattern></servlet-mapping><servlet><servlet-name>adminServlet</servlet-name><servlet-class>com.java1234.servlet.AdminServlet</servlet-class></servlet><servlet-mapping><servlet-name>adminServlet</servlet-name><url-pattern>/admin</url-pattern></servlet-mapping></web-app>

shiro.ini 在web-inf下，web配置shiro web 的，shiro.ini放其他位置否则无法访问

[main]authc.loginUrl=/loginroles.unauthorizedUrl=/unauthorized.jspperms.unauthorizedUrl=/unauthorized.jspmyRealm=com.java1234.realm.MyRealmsecurityManager.realms=$myRealm[urls]/login=anon/admin*=authc/student=roles[teacher]/teacher=perms["user:create"]

MyRoealm.class

package com.java1234.realm;import java.sql.Connection;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.SimpleAccount;import org.apache.shiro.authc.SimpleAuthenticationInfo;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.authz.SimpleAuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.subject.PrincipalCollection;import com.java1234.dao.UserDao;import com.java1234.entity.User;import com.java1234.util.DbUtil;public class MyRealm extends AuthorizingRealm{private UserDao userDao=new UserDao();private DbUtil dbUtil=new DbUtil();/** * 为当前登录的用户授予角色和权限 */@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {String userName=(String)principals.getPrimaryPrincipal();SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();Connection con=null;try{con=dbUtil.getCon();authorizationInfo.setRoles(userDao.getRoles(con,userName));authorizationInfo.setStringPermissions(userDao.getPermissions(con,userName));}catch(Exception e){e.printStackTrace();}finally{try {dbUtil.closeCon(con);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}}return authorizationInfo;}/** * 验证当前登录的用户 */@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {String userName=(String)token.getPrincipal();Connection con=null;try{con=dbUtil.getCon();User user=userDao.getByUserName(con, userName);if(user!=null){AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"xx");return authcInfo;}else{return null;}}catch(Exception e){e.printStackTrace();}finally{try {dbUtil.closeCon(con);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}}return null;}}