github: https://github.com/hx1098/springboot.git
1.项目结构:
2.usercontroller
package com.itheima.controller;
import com.itheima.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
@Controller
public class UserController {
@RequestMapping("/hello")
@ResponseBody
public String hello() {
System.err.println("userController");
return "ok";
}
@RequestMapping("/add")
public String add() {
return "/user/add";
}
@RequestMapping("/update")
public String update() {
return "/user/update";
}
@RequestMapping("/toLogin")
public String toLogin() {
return "/login";
}
@RequestMapping("/testThymeleaf")
public String testThymeleaf(Model model){
//把数据存入model
model.addAttribute("name", "黑马程序员");
//返回test.html
return "test";
}
/**
* 登录的逻辑处理
*/
@RequestMapping("/login")
public String login(String name,String password,Model modle) {
System.err.println("name= " + name);
//使用shiro编写认证操作
//1 获取subject
Subject subject = SecurityUtils.getSubject();
//2。封装用户数据
UsernamePasswordToken token = new UsernamePasswordToken(name,password);
//3.执行登录方法
try {
subject.login(token);
//登录成功
return "redirect:/testThymeleaf";//重定向
} catch (UnknownAccountException e) {
//登录失败:用户名不存在
modle.addAttribute("msg","用户名不存在");
return "login";
}catch (IncorrectCredentialsException e) {
//登录失败:密码错误
modle.addAttribute("msg","密码错误");
return "login";
}
}
}
3.user实体类
package com.itheima.domain;
/**
* @author hx <br>
* @Title: <br>
* @Package <br>
* @Description: <br>
* @date 2020/3/1311:16
*/
public class User {
private Integer id;
private String name;
private String password;
public Integer getId() {
return id;
}
public String getName() {
return name;
}
public String getPassword() {
return password;
}
public void setId(Integer id) {
this.id = id;
}
public void setName(String name) {
this.name = name;
}
public void setPassword(String password) {
this.password = password;
}
}
4.UserMapper接口
public interface UserMapper {
public User findByName(String name);
}
5.UserMapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<!-- 该文件存放CRUD的sql语句 -->
<mapper namespace="com.itheima.mapper.UserMapper">
<select id="findByName" parameterType="string" resultType="user">
SELECT id,
NAME,
PASSWORD
FROM
user where name = #{value}
</select>
</mapper>
6.service类和实现类
import com.itheima.domain.User;
/**
* @author hx <br>
* @Title: <br>
* @Package <br>
* @Description: <br>
* @date 2020/3/1311:23
*/
public interface UserService {
public User findByName(String name);
}
package com.itheima.service;
import com.itheima.domain.User;
import com.itheima.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
/**
* @author hx <br>
* @Title: <br>
* @Package <br>
* @Description: <br>
* @date 2020/3/1311:24
*/
@Service
public class UserServiceImpl implements UserService{
@Autowired
private UserMapper userMapper;
@Override
public User findByName(String name) {
User byName = userMapper.findByName(name);
System.err.println(name);
return byName;
}
}
7.ShiroConfig配置类
package com.itheima.shiro;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* shiro配置类
*
* @author hanxi
*
*/
@Configuration
public class ShiroConfig {
/**
* 创建ShiroFilterFactoryBean
*/
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(
@Qualifier("securityManager") DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 设置安全管理器
shiroFilterFactoryBean.setSecurityManager(securityManager);
//添加内置过滤器,
/**
* Shiro内置过滤器,可以实现权限相关的拦截器
* 常用的过滤器:
* anon: 无需认证(登录)可以访问
* authc: 必须认证才可以访问
* user: 如果使用rememberMe的功能可以直接访问
* perms: 该资源必须得到资源权限才可以访问
* role: 该资源必须得到角色权限才可以访问
*/
Map<String,String> filterMap = new LinkedHashMap<String, String>();
//
// filterMap.put("/add","authc");
// filterMap.put("/update", "authc");
//无需权限就可以访问
filterMap.put("/testThymeleaf", "anon");
filterMap.put("/login", "anon");
//所哟的都需要权限进行访问
filterMap.put("/*", "authc");
//修改跳轉頁面
shiroFilterFactoryBean.setLoginUrl("/toLogin");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactoryBean;
}
/**
* 创建DefaultWebSecurityManager
*/
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRelam userRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
// 关联realm
securityManager.setRealm(userRealm);
return securityManager;
}
/**
* 创建Realm
*/
@Bean("userRealm")
public UserRelam getRealm() {
return new UserRelam();
}
}
8.UserRelam
package com.itheima.shiro;
import com.itheima.domain.User;
import com.itheima.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
/**
* 自定义relam类
* @author hanxi
*
*/
public class UserRelam extends AuthorizingRealm{
@Autowired
private UserService userService;
/**
* 执行授权逻辑
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.err.println("执行授权逻辑");
return null;
}
/**
* 执行认证的逻辑
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.err.println( "执行认证的逻辑 ");
/*//假设数据库的用户名和密码
String name = "eric";
String password = "123456";*/
//编写shiro判断逻辑,判断用户名和密码
//1,判单用户名
UsernamePasswordToken tokens = (UsernamePasswordToken) token;
User user = userService.findByName(tokens.getUsername());
if (user == null){
return null;//shriro底层会抛出UnKnownAccountException
}
return new SimpleAuthenticationInfo("",user.getPassword(),"");
}
}
9.静态页面
add.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用户添加</title>
</head>
<body>
用户添加
</body>
</html>
update.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用户更改</title>
</head>
<body>
用户更改
</body>
</html>
login.html
<html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>
<h3>登录</h3>
<h3 th:text="${msg}" style="color: red"></h3>
<form method="post" action="login">
用户名:<input type="text" name="name"/><br/>
密码:<input type="password" name="password"/><br/>
<input type="submit" value="登录"/>
</form>
</body>
</html>
test.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>测试Thymeleaf的使用</title>
</head>
<body>
<h3 th:text="${name}"></h3>
<hr/>
用户添加:<a href="add">用户添加</a><hr/>
用户更新:<a href="update">用户更新</a>
</body>
</html>
10. application.properties
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/springboot
spring.datasource.username=root
spring.datasource.password=root
spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
#别名包扫描
mybatis.type-aliases-package=com.itheima.domain
11.启动项目,测试: