• java-shiro登录验证


    登录验证:

    LoginController:(LoginController.java)

    @ResponseBody
        @RequestMapping(value="/login",method=RequestMethod.POST)
        public ResponseResult login(User user, HttpServletRequest request) {
            ResponseResult responseResult = new ResponseResult(ResponseResult.FAILURECODE,"登陆失败");
            String loginName = user.getLoginName();
            String passWord = user.getPassWord();
            String eccodePassWord = MD5Operation.getEncryptedPwd(passWord);
            
            /*调用shiro判断当前用户是否是系统用户*/
            //得到当前用户
            Subject subject = SecurityUtils.getSubject();
            //判断是否登录,如果未登录,则登录
            if (!subject.isAuthenticated()) {
                //创建用户名/密码验证Token, shiro是将用户录入的登录名和密码(未加密)封装到uPasswordToken对象中
                UsernamePasswordToken uPasswordToken = new UsernamePasswordToken(loginName,eccodePassWord);
                //自动调用AuthRealm.doGetAuthenticationInfo
                try {
                    //执行登录,如果登录未成功,则捕获相应的异常
                    subject.login(uPasswordToken);
                    responseResult.setMsg("登录成功");
                    responseResult.setCode(ResponseResult.SUCCESSCODE);
                }catch (Exception e) {
                    // 捕获异常
                }
            }
                    
            /*写seesion,保存当前user对象*/
            //从shiro中获取当前用户
            User sUser = (User)subject.getPrincipal();
            subject.getSession().setAttribute("sUser", sUser);
            return responseResult;
        }

    ShiroAuthorizingRealm:自定义Realm(ShiroAuthorizingRealm.java)

    public class ShiroAuthorizingRealm extends AuthorizingRealm {
    
        private static final Logger logger = Logger.getLogger(ShiroAuthorizingRealm.class);
        //注入用户管理对象
        @Autowired
        private UserService userService;
        public UserService getUserService() {
            return userService;
        }
    
        public void setUserService(UserService userService) {
            this.userService = userService;
        }
    
        @Override
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
            // TODO 自动生成的方法存根
            return null;
        }
    
        @Override
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken uPasswordToken) throws AuthenticationException {
            UsernamePasswordToken upToken = (UsernamePasswordToken) uPasswordToken;
            String loginName = upToken.getUsername();
            String passWord = String.valueOf(upToken.getPassword());
            User user = null;
            try {
                user = userService.findUserByLoginName(loginName);
            } catch(Exception ex) {
                logger.warn("获取用户失败
    " + ex.getMessage());
            }
            if (user == null) {
                logger.warn("用户不存在");
                throw new UnknownAccountException("用户不存在");
            }
            else if (!passWord.equals(user.getPassWord())) {
                 logger.warn("密码错误");
                 throw new UnknownAccountException("密码错误");
            }
            logger.info("用户【" + loginName + "】登录成功");
            
            AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user, user.getPassWord(), user.getUserName());
            Subject subject1 = SecurityUtils.getSubject();
            if (null != subject1) {
                Session session = subject1.getSession();
                if (null != session) {
                    session.setAttribute("currentUser", user);
                }
            }
            return authcInfo;
        }
    
       
    }

    shiro.xml配置文件:(spring-shiro.xml)

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns:aop="http://www.springframework.org/schema/aop"
        xmlns:context="http://www.springframework.org/schema/context"
        xmlns:mvc="http://www.springframework.org/schema/mvc"
        xmlns:tx="http://www.springframework.org/schema/tx"
        xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd
            http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.3.xsd
            http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd">
    
        <!-- 缓存管理器 使用Ehcache实现 -->
        <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
            <property name="cacheManagerConfigFile" value="classpath:ehcache-shiro.xml" />
        </bean>
        
        <!-- Shiro的Web过滤器 -->
        <!-- 此bean要被web.xml引用,和web.xml中的filtername同名 -->
        <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
            <property name="securityManager" ref="securityManager" />
            <property name="loginUrl" value="/system/login" />
            <property name="unauthorizedUrl" value="/" />
            <property name="filterChainDefinitions">
                <value>
                    /system/login = anon
                </value>
            </property>
        </bean>
        
        <!-- 安全管理器 -->
        <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
            <property name="realm" ref="dbRealm" />
            <property name="cacheManager" ref="cacheManager"/>
        </bean>
        <!-- 自定义realm -->
        <bean id="dbRealm" class="lee.system.school.shiro.ShiroAuthorizingRealm">
            <property name="userService" ref="userService"/>
        </bean>
        <bean id="userService" class="lee.system.school.service.impl.UserService" />
        
        <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
    </beans>

    web.xml:(web.xml)

        <!-- 加载spring容器 -->
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:spring.xml,classpath:spring-mybatis.xml,classpath:spring-shiro.xml</param-value>
        </context-param>
    
    <!-- 设置监听器 -->
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
          
          <!-- Shiro配置(需要 ContextLoaderListener ) -->
        <filter>
            <filter-name>shiroFilter</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
            <init-param>
                <param-name>targetFilterLifecycle</param-name>
                <param-value>true</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>shiroFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    ResponseResult类:(ResponseResult.java)
    public class ResponseResult {
        /**
         * 返回code:成功
         */
        public final static int SUCCESSCODE = 1;
        
        /**
         * 返回code:失败
         */
        public final static int FAILURECODE = 0;
    
        private int code;
        private String msg;
        private Object data;
    
        public ResponseResult(int code) {
            this.code = code;
        }
    
        public ResponseResult(int code, String msg) {
            this.code = code;
            this.msg = msg;
        }
    
        public ResponseResult(int code, String msg, Object data) {
            this.code = code;
            this.msg = msg;
            this.data = data;
        }
    
        public int getCode() {
            return code;
        }
    
        public void setCode(int code) {
            this.code = code;
        }
    
        public String getMsg() {
            return msg;
        }
    
        public void setMsg(String msg) {
            this.msg = msg;
        }
    
        public Object getData() {
            return data;
        }
    
        public void setData(Object data) {
            this.data = data;
        }
    }
  • 相关阅读:
    如何做一个富文本编辑器
    chrome插件开发示例
    使用github Pages和Jekyll搭建一个Blog
    使用JavaScript制作简单的动画
    JQuery模拟七------利用extend包装ajax实现
    JQuery模拟六------jQuery处理事件简化版
    JQuery模拟五------实现属性set&get和CSS set&get
    JQuery模拟四------把用到Sizzle的地方先用CSS3选择器实现
    JQuery模拟三------利用extend函数扩展jQuery自身的方法和浏览器判断
    JQuery模拟二------添加extend函数和简单选择器
  • 原文地址:https://www.cnblogs.com/lijianda/p/9146276.html
Copyright © 2020-2023  润新知