spring MVC+mybatis+spring security笔记<二>
来源:互联网 发布:一代军师知乎 编辑:程序博客网 时间:2024/06/05 01:15
上篇中用户信息配置在了spring-security中,登陆界面也使用的是security自带的页面,接下来就将mybatis整合进来,当然用户信息和权限信息肯定是要从数据库中获取了,除此之外,登录界面也使用自定义的。
步骤一:
首先,先写个自定义的登录页面:
<form method="post" class="am-form" action="<%=path%>/j_spring_security_check"> <label for="email">用户名:</label> <input type="text" name="j_username"> <br> <label for="password">密码:</label> <input type="password" name="j_password" id="password"> <br> <label for="remember-me"> <input id="remember-me" type="checkbox"> 记住密码 </label> <br /> <div class="am-cf"> <input type="submit" name="submit" value="登 录" class="am-btn am-btn-primary am-btn-sm am-fl"> <input type="submit" onclick="forget();" value="忘记密码 ^_^? " class="am-btn am-btn-default am-btn-sm am-fr"> </div> </form>
注意现在还是使用的security自己的登录验证,所以输入框的name值必须为:j_username,j_password
然后修改配置文件,只需增加一行:
<http auto-config="true"><intercept-url pattern="/main.jsp" access="ROLE_SALE"/><access-denied-handler error-page="/error.jsp"/><span style="color:#ff6600;"><form-login login-page="/index.jsp" default-target-url="/main.jsp"/></span></http>启动项目试一下:
OK了。。
步骤二
在数据库中先简单的建三张表:user、role、user_role
user:id username password
role:id name roleKey enable
user_role:id userId(FK) roleId(FK) ----中间表
引入mybatis的jar包和MySQL的驱动包,加入mybatis的配置文件spring-security.xml(这个配置文件资料太多了,就不写出来了);
稍微修改下web.xml
<context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath:spring-security.xml,classpath:spring-mybatis.xml </param-value> </context-param>项目中加入User.java、Role.java、UserDao、RoleDao、UserService、RoleService
步骤三
要从数据库中读取用户和权限等信息实现登录验证,就需要写一个实现了UserDetailsService接口的类
package org.advancingCat.security;import java.util.Collection;import java.util.HashSet;import java.util.List;import java.util.Set;import org.advancingCat.entity.Role;import org.advancingCat.service.RoleService;import org.advancingCat.service.UserService;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.SimpleGrantedAuthority;import org.springframework.security.core.userdetails.User;import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;public class MyUserService implements UserDetailsService{@Autowiredprivate UserService userService;@Autowiredprivate RoleService roleService;@Overridepublic UserDetails loadUserByUsername(String username)throws UsernameNotFoundException {org.advancingCat.entity.User dbUser = null;try {dbUser = userService.queryByName(username);} catch (Exception e) {e.printStackTrace();}if(dbUser==null){throw new UsernameNotFoundException("用户名不存在");}Collection<GrantedAuthority> grantedAuth = getGrantedAuth(dbUser);//security的UserUserDetails user = new User(dbUser.getUsername(), dbUser.getPassword(),true,true,true,true, grantedAuth);return user;}/** * 获取用户的角色:role中的roleKey字段封装到Set<GrantedAuthority>中 * @param user * @return */private Set<GrantedAuthority> getGrantedAuth(org.advancingCat.entity.User user){Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();try {List<Role> roleList = roleService.queryByUserId(user.getId());for(Role r : roleList){authSet.add(new SimpleGrantedAuthority(r.getRoleKey()));}} catch (Exception e) {e.printStackTrace();}return authSet;}}
其中queryByUserId是根据用户ID获取用户的角色集合(有时候用户不止一个角色) Rolemapper文件:
<select id="queryByUserId" resultMap="BaseResultMap" parameterType="java.lang.Integer">select name,roleKey from role r left join user_role ur on r.id=ur.roleIdwhere ur.userId=#{userId}</select>
修改spring-security.xml,将之前的<user-service>去掉
<authentication-manager><authentication-provider user-service-ref="myUserService"></authentication-provider></authentication-manager><beans:bean id="myUserService" class="org.advancingCat.security.MyUserService"></beans:bean>
0 0
- spring MVC+mybatis+spring security笔记<二>
- spring MVC+mybatis+spring security笔记<一>
- spring mvc+mybatis笔记(二)
- Spring security学习笔记二
- spring mvc+mybatis笔记(一)
- spring mvc+mybatis笔记(三)
- springboot+mybatis+spring security
- spring mvc 3 + security
- spring security整合spring mvc
- spring-security for spring mvc
- spring+mybatis+spring-mvc
- Spring +Spring MVC+Mybatis
- Spring学习笔记之二: Spring MVC
- Spring MVC+Mybatis 框架整合(二)
- mybatis学习笔记二mybatis结合spring mvc实现(用户登录,数据查询)
- Spring 3之MVC & Security简单整合开发(二)
- Spring 3之MVC & Security简单整合开发(二)
- Spring 3之MVC & Security简单整合开发(二)
- python 插入排序
- 选择排序 python
- 如何计算时间复杂度
- 对vbox中的snapshot原理的理解
- Note of Chap11、12、13
- spring MVC+mybatis+spring security笔记<二>
- Android用PopupWindow实现新浪微博的分组信息
- Ubuntu常用技巧--转自:月光博客
- C++ 模板详解(一)
- 键值重复率高的B树索引构建过程和查询操作分析
- android 简单调试中用到的 Log.
- Android之Adapter用法总结
- PHP简单工厂模式、工厂方法模式和抽象工厂模式比较
- CSS小知识:居中