Springmvc+Mybatis+shiro整合

Apache Shiro是一個強大且易用的Java安全框架,執行身份驗證、受權、密碼學和會話管理。使用Shiro的易於理解的API,您能夠快速、輕鬆地得到任何應用程序,從最小的移動應用程序到最大的網絡和企業應用程序。javascript

Shiro 主要分爲來個部分就是認證和受權,在我的感受來看就是查詢數據庫作相應的判斷而已,Shiro只是一個框架而已,其中的內容須要本身的去構建,先後是本身的,中間是Shiro幫咱們去搭建和配置好的css

 

項目:建立maven項目web項目html

 

pomx.xml配置好須要的jar包java

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com</groupId>
  <artifactId>oabyddh</artifactId>
  <packaging>war</packaging>
  <version>0.0.1-SNAPSHOT</version>
  <name>oabyddh Maven Webapp</name>
  <url>http://maven.apache.org</url>
  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>3.8.1</version>
      <scope>test</scope>
    </dependency>
    <dependency>
     <groupId>javax.servlet</groupId>
        <artifactId>servlet-api</artifactId>
        <version>2.5</version>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.mybatis</groupId>
        <artifactId>mybatis</artifactId>
        <version>3.4.1</version>
    </dependency>
    <dependency>
        <groupId>mysql</groupId>
        <artifactId>mysql-connector-java</artifactId>
        <version>5.1.39</version>
    </dependency>
    <dependency>
        <groupId>org.mybatis</groupId>
        <artifactId>mybatis-spring</artifactId>
        <version>1.3.0</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-core</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-jdbc</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-aspects</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-beans</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context-support</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-aop</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-tx</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>4.3.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-log4j12</artifactId>
        <version>1.7.21</version>
    </dependency>
    <dependency>
        <groupId>javax.servlet</groupId>
        <artifactId>jstl</artifactId>
        <version>1.2</version>
    </dependency>
    <dependency>
        <groupId>c3p0</groupId>
        <artifactId>c3p0</artifactId>
        <version>0.9.1.2</version>
    </dependency>
    <dependency>
        <groupId>com.alibaba</groupId>
        <artifactId>fastjson</artifactId>
        <version>1.2.35</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/com.github.pagehelper/pagehelper -->
    <dependency>
        <groupId>com.github.pagehelper</groupId>
        <artifactId>pagehelper</artifactId>
        <version>5.0.0</version>
    </dependency>
    <dependency>
          <groupId>org.apache.shiro</groupId>
          <artifactId>shiro-core</artifactId>
          <version>1.2.2</version>
      </dependency>
    
    <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-web -->
    <dependency>
        <groupId>org.apache.shiro</groupId>
        <artifactId>shiro-web</artifactId>
        <version>1.2.6</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring -->
    <dependency>
        <groupId>org.apache.shiro</groupId>
        <artifactId>shiro-spring</artifactId>
        <version>1.2.6</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/commons-fileupload/commons-fileupload -->
    <dependency>
        <groupId>commons-fileupload</groupId>
        <artifactId>commons-fileupload</artifactId>
        <version>1.3.2</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.poi/poi -->
    <dependency>
        <groupId>org.apache.poi</groupId>
        <artifactId>poi</artifactId>
        <version>3.15</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.poi/poi-ooxml -->
    <dependency>
        <groupId>org.apache.poi</groupId>
        <artifactId>poi-ooxml</artifactId>
        <version>3.15</version>
    </dependency>
    <dependency>
        <groupId>org.csource</groupId>
        <artifactId>fastdfs_client</artifactId>
        <version>1.20</version>
    </dependency>  
  </dependencies>
  <build>
    <finalName>oabyddh</finalName>
    <plugins>
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-compiler-plugin</artifactId>
            <version>2.3.2</version>
            <configuration>
                <target>1.6</target>
                <source>1.6</source>
                <encoding>UTF-8</encoding>
            </configuration>
        </plugin>
    </plugins>
  </build>
      <properties>  
        <!-- 文件拷貝時的編碼 -->  
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>  
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>  
        <!-- 編譯時的編碼 -->  
        <maven.compiler.encoding>UTF-8</maven.compiler.encoding>  
    </properties>
</project>

web.xml配置文件:mysql

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd" >

<web-app>
    <display-name>oa system</display-name>
    
    <!-- 定義全局變量 -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:resources/spring.xml</param-value>
    </context-param>

    <!-- 編碼過濾器 -->
    <filter>
        <filter-name>characterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <!-- 定義局部變量,只針對該filter有效 -->
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <!-- 不管是否設置了編碼,強制指定編碼 -->
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    
    <!-- shiro權限過濾器 -->
    <filter>
        <filter-name>shiroFilter</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        <!-- 若是設置"targetFilterLifecycle"爲true,則spring來管理Filter.init()和Filter.destroy();若爲false,則這兩個方法失效。 -->
        <!-- 這裏的Filter是一個代理,交由spring的bean來處理 -->
        <init-param>
            <param-name>targetFilterLifecycle</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    
    <filter-mapping>
        <filter-name>characterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    
    <filter-mapping>
        <filter-name>shiroFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    
   <!-- 此監聽器出用於主要爲了解決java.beans.Introspector致使內存泄漏的問題. This listener should be registered as the first one in web.xml, before any application listeners such as Spring's ContextLoaderListener. -->
   <!-- 此監聽器應該配置在web.xml中與Spring相關監聽器中的第一個位置(也要在ContextLoaderListener的前面) -->
    <listener>
        <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
    </listener>
    
    <!-- 啓動Web容器時,自動裝配ApplicationContext的配置信息 -->
    <!-- ContextLoaderListener會讀取這些XML文件併產生 WebApplicationContext對象,而後將這個對象放置在ServletContext的屬性裏 -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    
    <!-- springMVC -->
    <servlet>
        <servlet-name>springMVC</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:resources/springmvc.xml</param-value>
        </init-param>
    </servlet>
    
    <servlet-mapping>
        <servlet-name>springMVC</servlet-name>
        <!-- 是攔截全部請求,包括視圖解析後跳轉的.jsp頁面,/則不會攔截視圖解析後的.jsp頁面 -->
        <url-pattern>/</url-pattern>
    </servlet-mapping>
    
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>
</web-app>

springmvc.xmljquery

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation=" http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <!-- 配置註解驅動 -->
    <mvc:annotation-driven />
    
    <!-- 配置Controller掃描的包 -->
    <context:component-scan base-package="com.oabyddh.controller" />
    
    <!-- 配置靜態資源 -->
    <mvc:resources location="/css/" mapping="/css/**"></mvc:resources>
    <mvc:resources location="/js/" mapping="/js/**"></mvc:resources>
    
    <!-- 異常處理 -->
    <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="exceptionMappings">
            <props>
                <prop key="java.lang.Exception">/exceptions</prop>
            </props>
        </property>
        <property name="defaultErrorView" value="exceptions.jsp"></property>
        <property name="exceptionAttribute" value="ex"></property>
    </bean>
    
    <!-- 類型轉換器,默認springmvc只有基本類型轉換器 -->
    <mvc:annotation-driven>
        <mvc:message-converters register-defaults="true">
            <bean class="org.springframework.http.converter.ByteArrayHttpMessageConverter"/>
            <!--配置fastjson-->
            <bean class="com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter">
                <property name="supportedMediaTypes">
                    <list>
                        <value>text/html;charset=utf-8</value>
                        <value>application/json</value>
                    </list>
                </property>
                <property name="features">
                    <list>
                        <value>WriteMapNullValue</value>
                        <value>QuoteFieldNames</value>
                    </list>
                </property>
            </bean>
            
        </mvc:message-converters>
    </mvc:annotation-driven> 
    
    <!-- jsp視圖層配置 -->
    <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
        <property name="prefix" value="/"/>
        <property name="suffix" value=".jsp"/>
    </bean>
    
    <!-- 上傳文件攔截,設置最大上傳文件大小 10M=10*1024*1024(B)=10485760 bytes -->  
    <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">  
        <property name="maxUploadSize" value="10485760" />
        <property name="maxInMemorySize" value="50000"></property>
        <property name="defaultEncoding" value="UTF-8"></property>  
    </bean>
    
    <!-- 開啓shiro註解-->
    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
        <property name="proxyTargetClass" value="true" />
    </bean>

    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    </bean>
    
</beans>

spring.xmllinux

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd">

<!-- 註冊JDBC屬性文件 -->
<context:property-placeholder location="classpath:resources/oabyddh.properties"/>

<!-- 註冊數據源:C3P0數據源 -->
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource">
    <property name="driverClass" value="${jdbc.driverClass}" />
    <property name="jdbcUrl" value="${jdbc.url}" />
    <property name="user" value="${jdbc.user}" />
    <property name="password" value="${jdbc.password}" />
</bean>

<!-- 註冊SqlSessionFactory的bean 該bean來完成對mybatis的注入 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
    <!-- 數據源 -->
    <property name="dataSource" ref="dataSource" />
    <!-- 指定mybatis主配置文件 -->
    <property name="configLocation" value="classpath:resources/mybatis.xml" />
    <!-- 指定Mapper文件所在包 -->
    <property name="mapperLocations" value="classpath:com/oabyddh/dao/impl/*.xml"></property>
    <!-- 配置分頁插件 -->
     <property name="plugins">
        <array>
          <bean class="com.github.pagehelper.PageInterceptor">
            <property name="properties">
              <value> helperDialect=mysql </value>
            </property>
          </bean>
        </array>
      </property>
</bean>

<!-- 註冊Mapper掃描配置器, 改bean來完成把mapper轉換成接口的注入 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
    <property name="sqlSessionFactoryBeanName" value="sqlSessionFactory" />
    <!-- 指定接口和mapper所在的包,當接口和mapper在同一個包內,能夠自動掃描到mapper.xml, 若是不在,須要在sqlSessionFactory中配置mapperLocations來指定mapper所在的位置-->
    <property name="basePackage" value="com.oabyddh.dao" />
</bean>

<!-- 註冊事務管理器 -->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
    <property name="dataSource" ref="dataSource" />
</bean>

<!-- 註冊事務通知 -->
<tx:annotation-driven transaction-manager="transactionManager"/>

<!-- 掃描注入spring註解 -->
<context:component-scan base-package="com.oabyddh.service" />

<!-- 引入其餘配置文件 -->
<import resource="classpath:resources/spring-shiro.xml"/>

</beans>

spring-shiro.xmlgit

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd">

    <!-- 對應於web.xml中配置的那個shiroFilter -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <!-- Shiro的核心安全接口,這個屬性是必須的 -->
        <property name="securityManager" ref="securityManager"/>
        <!-- 要求登陸時的連接(登陸頁面地址),非必須的屬性,默認會自動尋找Web工程根目錄下的"/login.jsp"頁面 至關於添加了/login.jsp=anon -->
        <property name="loginUrl" value="/login.jsp"/>
        <!-- 登陸成功後要跳轉的鏈接(本例中此屬性用不到,由於登陸成功後的處理邏輯在LoginController裏硬編碼) -->
        <!-- <property name="successUrl" value="/" ></property> -->
        <!-- 用戶訪問未對其受權的資源時,所顯示的鏈接 -->
        <property name="unauthorizedUrl" value="/error/unauthorized"/>
        <property name="filterChainDefinitions">
            <value>
                <!-- /build/**=anon /**=authc --> /css/**=anon /js/**=anon /fonts/**=anon /auth/**=anon /**=authc </value>
        </property>

    </bean>


    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"></bean>
    <!-- 數據庫保存的密碼是使用MD5算法加密的,因此這裏須要配置一個密碼匹配對象 -->
    <bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.Md5CredentialsMatcher"></bean>
    <!-- 緩存管理 -->
    <bean id="shiroCacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager"></bean>

    <!-- 使用Shiro自帶的JdbcRealm類,指定密碼匹配所須要用到的加密對象,指定存儲用戶、角色、權限許可的數據源及相關查詢語句 -->
    <bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
        <property name="credentialsMatcher" ref="credentialsMatcher"></property>
        <!-- permissionsLookupEnabled默認false。False時不會使用permissionsQuery的SQL去查詢權限資源。設置爲true纔會去執行 -->
        <property name="permissionsLookupEnabled" value="true"></property>
        <property name="dataSource" ref="dataSource"></property>
        <property name="authenticationQuery" value="select password from tbl_users where userName = ?"></property>
        <property name="userRolesQuery" value="select ug.groupName from tbl_userGroups ug, tbl_users u where u.groupId = ug.id and u.userName = ?"></property>
        <property name="permissionsQuery" value="select p.perName from tbl_userGroups ug, tbl_permissions p, tbl_groupMapPermission gmp where ug.id = gmp.groupId and p.id = gmp.permissionId and ug.groupName = ?"></property>
    </bean>

    <!-- Shiro安全管理器 -->
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="realm" ref="jdbcRealm"></property>
        <property name="cacheManager" ref="shiroCacheManager"></property>
    </bean>

    <!-- Shiro的註解配置必定要放在spring-mvc中 -->

</beans>

oabyddh.propertiesgithub

#\u6570\u636E\u5E93\u914D\u7F6E jdbc.driverClass=com.mysql.jdbc.Driver jdbc.url=jdbc:mysql://172.16.27.11:3306/oabyddh?useUnicode=true&characterEncoding=utf8 jdbc.user=oabyddh jdbc.password=oabyddh #\u56FE\u7247\u5B58\u50A8\u914D\u7F6E imgServerAddress=172.16.27.11 imgServerPort=80

mybatis.xmlweb

<?xml version="1.0" encoding="UTF-8" ?>  
<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
    
<configuration>
    <settings>
        <!-- 打印查詢語句 -->
        <setting name="logImpl" value="STDOUT_LOGGING" />
    </settings>
    
    <!-- POJO對象的所在包,能夠解析爲別名 -->
    <typeAliases>
        <package name="com.oabyddh.model"/>
    </typeAliases>
    
    <mappers>
        <package name="com.oabyddh.dao.impl"/>
    </mappers>
    


</configuration>

AuthController.java

package com.oabyddh.controller; import java.util.HashMap; import java.util.Map; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import com.oabyddh.model.User; /** * 平臺 登錄,退出控制器 * @author djoker * */ @Controller @RequestMapping("/auth") public class AuthController { /** * 登錄控制器 * @param user * @return
     */ @ResponseBody @RequestMapping("/ajaxLogin") public Object login(User user) { Map<String, String> res = new HashMap<String, String>(); UsernamePasswordToken token = new UsernamePasswordToken(user.getUserName(), user.getPassword()); Subject subject = SecurityUtils.getSubject(); try { subject.login(token); if(subject.isAuthenticated()) { res.put("code", "0"); res.put("msg", "登錄成功!"); } }catch(Exception e) { res.put("code", "-1"); res.put("msg", e.getMessage()); } return res; } /** * 退出控制器 * @return
     */ @ResponseBody @RequestMapping("/ajaxLogout") public Object logout() { SecurityUtils.getSubject().logout(); Map<String, String> res = new HashMap<String, String>(); res.put("code", "0"); res.put("msg", "退出成功!"); return res; } }

login.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ page isELIgnored="false"%>    
<%
    String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>
<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <base href="<%=basePath %>">
    <link rel="stylesheet" type="text/css" href="css/bootstrap.min.css">
</head>
<body>
    <div class="container">
        <div class="row">
            <form>
                <div class="col-md-4 col-md-offset-4">
                    <div class="form-group">
                        <label>帳號:</label>
                        <input class="form-control" name="userName" id="userName" type="text">
                    </div>
                    <div class="form-group">
                        <label>密碼:</label>
                        <input class="form-control" name="password" id="password" type="password">
                    </div>
                    <div>
                        <button class="btn btn-primary" type="button" onclick="login()">登錄</button>
                    </div>
                </div>
            </form>
        </div>
    </div>
    
    <script type="text/javascript" src="js/jquery.min.js"></script>
    <script type="text/javascript" src="js/oabyddh.js"></script>
</body>
</html>

index.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>   
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %> 
<%@ page isELIgnored="false"%>
<%
    String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>
<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <base href="<%=basePath %>">
    <link rel="stylesheet" type="text/css" href="css/bootstrap.min.css">
</head>
<body>
<div>
    <button type="button" class="btn btn-primary" onclick="logout()">退出</button>
</div>
<!-- 只有具備管理員查看權限才能夠看到 -->
<shiro:hasPermission name="manager:view">
    <div> 你好管理員,屬於manager組成員 </div>
</shiro:hasPermission>
<!-- 認證成功後才能夠看到 -->
<shiro:authenticated>
    <div> 新的一天,工做努力,工做加油! </div>
</shiro:authenticated>
    <script type="text/javascript" src="js/jquery.min.js"></script>
    <script type="text/javascript" src="js/oabyddh.js"></script>
</body>
</html>

數據庫:

-- MySQL dump 10.13 Distrib 5.1.73, for redhat-linux-gnu (x86_64) -- -- Host: localhost Database: oabyddh -- ------------------------------------------------------ -- Server version 5.1.73

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; -- -- Table structure for table `tbl_groupMapPermission` -- 
DROP TABLE IF EXISTS `tbl_groupMapPermission`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_groupMapPermission` ( `id` int(255) NOT NULL AUTO_INCREMENT, `groupId` int(255) DEFAULT NULL, `permissionId` int(255) DEFAULT NULL, `state` int(255) DEFAULT '0', PRIMARY KEY (`id`), KEY `groupId` (`groupId`), KEY `permissionId` (`permissionId`), CONSTRAINT `tbl_groupMapPermission_ibfk_1` FOREIGN KEY (`groupId`) REFERENCES `tbl_userGroups` (`id`), CONSTRAINT `tbl_groupMapPermission_ibfk_2` FOREIGN KEY (`permissionId`) REFERENCES `tbl_permissions` (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_groupMapPermission` --  LOCK TABLES `tbl_groupMapPermission` WRITE; /*!40000 ALTER TABLE `tbl_groupMapPermission` DISABLE KEYS */; INSERT INTO `tbl_groupMapPermission` VALUES (1,1,1,0),(2,1,2,0),(3,1,3,0),(4,1,4,0); /*!40000 ALTER TABLE `tbl_groupMapPermission` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_permissions` -- 
DROP TABLE IF EXISTS `tbl_permissions`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_permissions` ( `id` int(255) NOT NULL AUTO_INCREMENT, `perName` varchar(255) NOT NULL, `description` varchar(255) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `perName` (`perName`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_permissions` --  LOCK TABLES `tbl_permissions` WRITE; /*!40000 ALTER TABLE `tbl_permissions` DISABLE KEYS */; INSERT INTO `tbl_permissions` VALUES (1,'manager:view','查看管理員權限'),(2,'manager:add','添加管理員權限'),(3,'manager:del','刪除管理員權限'),(4,'m anager:modify','修改管理員權限'); /*!40000 ALTER TABLE `tbl_permissions` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_userGroups` -- 
DROP TABLE IF EXISTS `tbl_userGroups`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_userGroups` ( `id` int(255) NOT NULL AUTO_INCREMENT, `groupName` varchar(255) NOT NULL, `description` varchar(255) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `groupName` (`groupName`) ) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_userGroups` --  LOCK TABLES `tbl_userGroups` WRITE; /*!40000 ALTER TABLE `tbl_userGroups` DISABLE KEYS */; INSERT INTO `tbl_userGroups` VALUES (1,'管理員組','管理員所屬組'),(2,'經理組','經理職務所屬組'),(3,'主管組','主管職務所屬組'),(4,'財務組','財務職務 所屬組'),(5,'人事組','人事職務所屬組'),(6,'員工組','普通員工所屬組'); /*!40000 ALTER TABLE `tbl_userGroups` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_users` -- 
DROP TABLE IF EXISTS `tbl_users`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_users` ( `id` int(255) NOT NULL AUTO_INCREMENT, `userName` varchar(255) NOT NULL, `password` varchar(255) NOT NULL, `realName` varchar(255) NOT NULL, `groupId` int(255) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `userName` (`userName`), KEY `groupId` (`groupId`), CONSTRAINT `tbl_users_ibfk_1` FOREIGN KEY (`groupId`) REFERENCES `tbl_userGroups` (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_users` --  LOCK TABLES `tbl_users` WRITE; /*!40000 ALTER TABLE `tbl_users` DISABLE KEYS */; INSERT INTO `tbl_users` VALUES (1,'admin','9003d1df22eb4d3820015070385194c8','超級管理員',1),(2,'user01','9003d1df22eb4d3820015070385194c8','張楚嵐' ,6); /*!40000 ALTER TABLE `tbl_users` ENABLE KEYS */; UNLOCK TABLES; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- Dump completed on 2018-04-28 23:18:42

使用到的js文件:oabyddh.js

/*************登錄與退出***************/
//登錄平臺
function login(){ var userName = $("#userName").val(); var password = $("#password").val(); $.ajax({ url:"auth/ajaxLogin", type:"post", dataType:'json', //不使用contentType,data能夠是對象,若是使用contentType,則data只能是字符串
        //contentType:"application/json; charset=utf-8",
 data:{userName: userName, password: password}, success:function(data){ var code = data.code; if(code == 0){ location.href="index.jsp"; }else{ alert(data.msg); } }, error:function(){ } }); } //退出平臺
function logout(){ $.ajax({ url:"auth/ajaxLogout", type:"post", dataType:"json", success:function(data){ var code = data.code; location.href="login.jsp"; }, error:function(){ } }); }

 

測試效果:

使用admin pwd登錄時能夠看到管理員信息,而使用user01 pwd登錄,看不到管理員才能看到的信息

相關文章
相關標籤/搜索