JFinal 整合 Shiro 補充Realm類和數據庫
JFinal 整合 Shiro原文: java
http://my.oschina.net/smile622/blog/135098
在此基礎上 補充數據庫和MyShiroRealm.java web
users表 sql
SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for `users`
-- ----------------------------
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) DEFAULT NULL,
`password` varchar(50) DEFAULT NULL,
`mail` varchar(100) DEFAULT NULL,
`roleid` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `RoleId` (`roleid`),
CONSTRAINT `users_ibfk_1` FOREIGN KEY (`roleid`) REFERENCES `roles` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=43 DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of users
-- ----------------------------
INSERT INTO `users` VALUES ('1', '1', '1', '1@126.com', '1');
INSERT INTO `users` VALUES ('2', 'admin', 'admin', 'admin@126.com', '2');
roles表 數據庫
SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for `roles`
-- ----------------------------
DROP TABLE IF EXISTS `roles`;
CREATE TABLE `roles` (
`id` int(11) NOT NULL,
`rolename` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------
-- Records of roles
-- ----------------------------
INSERT INTO `roles` VALUES ('1', 'user');
INSERT INTO `roles` VALUES ('2', 'sysadmin');
MyShiroRealm.java apache
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import xxx.model.Roles;
import xxx.model.Users;
/**
* 自實現用戶與權限查詢. 演示關係,密碼用明文存儲,所以使用默認 的SimpleCredentialsMatcher.
*/
public class MyShiroRealm extends AuthorizingRealm {
/**
* 認證回調函數, 登陸時調用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
String password = String.valueOf(token.getPassword());
// 調用操做數據庫的方法查詢user信息
Users user = Users.dao.findFirst(
"select * from users where username = ?", token.getUsername());
if (user != null) {
if (password.equals(user.getStr("password"))) {
Session session = SecurityUtils.getSubject().getSession();
session.setAttribute("username", user.getStr("username"));
return new SimpleAuthenticationInfo(user.getInt("id"),
user.getStr("password"), getName());
} else {
return null;
}
} else {
return null;
}
}
/**
* 受權查詢回調函數, 進行鑑權但緩存中無用戶的受權信息時調用.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals) {
int userId = (int) principals.fromRealm(getName()).iterator().next();
Users user = Users.dao.findById(userId);
if (user != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Roles role = Roles.dao.findById(user.getInt("roleid"));
info.addRole(role.getStr("rolename"));
// info.addStringPermissions( role.getPermissions()
// );//若是你添加了對權限的表,打開此註釋,添加角色具備的權限
return info;
} else {
return null;
}
}
}
FreeMarker添加Shiro標籤(須要加入shiro-freemarker-tags-0.1-SNAPSHOT.jar) 緩存
FreeMarkerRender.getConfiguration().setSharedVariable("shiro", new ShiroTags()); // FreeMarker中使用shiro標籤
到這一步基本的權限就夠了 session
附帶Shiro.ini ide
[main] shiro.loginUrl = /login #realm myRealm = xxx.manage.shiro.ShiroDbRealm securityManager.realm = $myRealm #cache shiroCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager shiroCacheManager.cacheManagerConfigFile = classpath:ehcache-shiro.xml securityManager.cacheManager = $shiroCacheManager #session sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionDAO.activeSessionsCacheName = shiro-activeSessionCache sessionManager.sessionDAO = $sessionDAO securityManager.sessionManager = $sessionManager securityManager.sessionManager.globalSessionTimeout = 360000 #這裏的規則,web.xml中的配置的ShiroFilter會使用到。 [urls] /manage/** = authc, roles[user] /** = anon
密碼加密等其餘功能請另查閱資料,如需更多複雜應用請查閱http://www.oschina.net/question/925382_114550 函數
相關文章
- 1. Jfinal整合shiro
- 2. JFinal 整合 Shiro
- 3. JFinal整合Shiro(二)
- 4. JFinal整合Shiro(一)
- 5. jfinal整合shiro回顧
- 6. Shiro:添加數據庫操作和Realm
- 7. JFianl整合Shiro
- 8. 數據庫補充
- 9. JFinal 整合 Shiro 補充密碼簡單加密方法及其餘
- 10. jfinal整合shiro步驟總結
- 更多相關文章...
- • Redis和數據庫的結合 - Redis教程
- • XSD 日期和時間數據類型 - XML Schema 教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Flink 數據傳輸及反壓詳解
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Jfinal整合shiro
- 2. JFinal 整合 Shiro
- 3. JFinal整合Shiro(二)
- 4. JFinal整合Shiro(一)
- 5. jfinal整合shiro回顧
- 6. Shiro:添加數據庫操作和Realm
- 7. JFianl整合Shiro
- 8. 數據庫補充
- 9. JFinal 整合 Shiro 補充密碼簡單加密方法及其餘
- 10. jfinal整合shiro步驟總結