spring+shiro 整合实例代码详解

spring+shiro 整合实例代码详解

一、添加相关依赖

org.apache.shiro

shiro-core

1.2.1

org.apache.shiro

shiro-web

1.2.1

org.apache.shiro

shiro-ehcache

1.2.1

org.apache.shiro

shiro-spring

1.2.1

commons-logging

commons-logging

1.2

二、编写代码

1、自定义realm

public class CommonRealm extends AuthorizingRealm {

@Autowired

private UserLoginService userLoginService;

@Override

public String getName() {

return "CommonRealm";

}

//授权

@Override

protecthttp://ed AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

String usernmae = (String) principals.getPrimaryPrincipal();

List permissions = new ArrayList();

if ("admin".equals(usernmae)) {

permissions.add("admin:ee");

}

SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

info.addStringPermissions(permissions);

return info;

}

//身份认证

@Override

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

String username = (String) token.getPrincipal();

User user = userLoginService.getUser(username);

if (user == null) {

return null;

}

SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, user.getPassword(), getName());

return info;

}

}

2、login controller

@Controller

public class UserAction {

@Autowired

private UserLoginService userLoginService;

@RequestMapping("/login.do")

public String userLogin(HttpServletRequest request, String username, String password) throws Exception {

// 如果登陆失败从request中获取异常信息，shiroLoginFailure就是shiro异常类的全限定名

String exceptionClassName = (String) request.getAttribute("shiroLoginFailure");

if (exceptionClassName != null) {

if (UnknownAccountException.class.getName().equals(exceptionClassName)) {

// 最终会抛给异常处理器

throw new XXXException("用户名不存在");

} else if (IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {

throw new XXXException("用户名/密码错误");

} else {

throw new Exception();// 最终在异常处理器生成未知错误

}

}

// 如果登录成功的话不走此方法，shiro认证成功会自动跳转到上一个请求路径，配的的successUrl没效果，后边会说

// 登陆失败走此方法，捕获异常，然后 return ~ ,还到login页面

return http://"login.jsp";

}

}

3、检测权限 controller

//此方法为了验证权限是否生效

@RequestMapping("/findAll.do")

@RequiresPermissions("admin:ee")

public ModelAndView list(HttpServletRequest request){

.......

}

三、常见问题

因为有一些特别常见的问题，需要修改xml配置，所以现在先手问题，把xml配置放在后边，直接就配置完善好的xml

问题一：登陆成功后shiro默认跳到上一次请求，没有上一次请求默认跳到/  ，那我们就想控制调到自己定义的路径咋办呢？

解决方案：

步骤一：继承FormAuthenticationFilter类，重写onLoginSuccess方法，这里可以自定义路径，因为这里自定义了成功跳转的路径，所以配置里的successUrl不用配置，赔了也没效果。。

public class LoginSuccessToFilter extends FormAuthenticationFilter {

@Override

protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {

WebUtils.getAndClearSavedRequest(request);

WebUtils.redirectToSavedRequest(request,response,"/findAll.do");

return false;

}

}

步骤二：

在shiro的xml配置文件中配置

在 shiroFilter配置中引入,完整xml在后边

四、Xml配置

applicationContext-shiro.xml

xmlns:xsi="http://w3.org/2001/XMLSchema-instance" xmlns:p="http://springframework.org/schema/p"

xmlns:context="http://springframework.org/schema/context"

xmlns:aop="http://springframework.org/schema/aop" xmlns:jee="http://springframework.org/shttp://chema/jee"

xmlns:mvc="http://springframework.org/schema/mvc" xmlns:util="http://springframework.org/schema/util"

xsi:schemaLocation="http://springframework.org/schema/beans http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/context http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/jee http://springframework.org/schema/jee/spring-jee.xsd

http://springframework.org/schema/aop http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/mvc http://springframework.org/schema/mvc/spring-mvc.xsd http://springframework.org/schema/util http://springframework.org/schema/util/spring-util.xsd">

/image/** = anon

/css/** = anon

/js/** = anon

/logout.do = logout

/** = authc

xmlns:xsi="http://w3.org/2001/XMLSchema-instance" xmlns:p="http://springframework.org/schema/p"

xmlns:context="http://springframework.org/schema/context"

xmlns:aop="http://springframework.org/schema/aop" xmlns:jee="http://springframework.org/shttp://chema/jee"

xmlns:mvc="http://springframework.org/schema/mvc" xmlns:util="http://springframework.org/schema/util"

xsi:schemaLocation="http://springframework.org/schema/beans http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/context http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/jee http://springframework.org/schema/jee/spring-jee.xsd

http://springframework.org/schema/aop http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/mvc http://springframework.org/schema/mvc/spring-mvc.xsd http://springframework.org/schema/util http://springframework.org/schema/util/spring-util.xsd">

/image/** = anon

/css/** = anon

/js/** = anon

/logout.do = logout

/** = authc

springmvc的配置

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xmlns:aop="http://springframework.org/schema/aop"

xmlns:tx="http://springframework.org/schema/tx"

xmlns:context="http://springframework.org/schema/context"

xmlns:mvc="http://springframework.org/schema/mvc" xmlns:jdbc="http://springframework.org/schema/jdbc"

xsi:schemaLocation="http://springframework.org/schema/beans

http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/aop

http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/tx

http://springframework.org/schema/tx/spring-tx.xsd

http://springframework.org/schema/context

http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/mvc

http://springframework.org/schema/mvc/spring-mvc.xsd http://springframework.org/schema/jdbc http://springframework.org/schema/jdbc/spring-jdbc.xsd">

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xmlns:aop="http://springframework.org/schema/aop"

xmlns:tx="http://springframework.org/schema/tx"

xmlns:context="http://springframework.org/schema/context"

xmlns:mvc="http://springframework.org/schema/mvc" xmlns:jdbc="http://springframework.org/schema/jdbc"

xsi:schemaLocation="http://springframework.org/schema/beans

http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/aop

http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/tx

http://springframework.org/schema/tx/spring-tx.xsd

http://springframework.org/schema/context

http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/mvc

http://springframework.org/schema/mvc/spring-mvc.xsd http://springframework.org/schema/jdbc http://springframework.org/schema/jdbc/spring-jdbc.xsd">

以上就是一个大概的整合和遇到的两个问题，博主也是查阅了很多的博客得到的较优答案，整理出来，已备后续参考，遇到一样问题的同学可以看看

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。