• shiro(四)项目开发中的配置、


    配置拦截、过滤、验证请求

    <!-- shiro -->
                    <!-- 項目自定义的Realm -->
            <bean id="ShiroRealm" class="com.cms.shiro.ShiroRealm" ></bean>
            <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">                                  
                <property name="realm" ref="ShiroRealm" />            
            </bean>
                    <!-- Shiro Filter -->
            <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
                <property name="securityManager" ref="securityManager" />
                
                <property name="loginUrl" value="/" />
                
                <property name="successUrl" value="/main/index" />
                
                <property name="unauthorizedUrl" value="/toLogin" />
                
                <property name="filterChainDefinitions">
                    <value>
                    /static/login/**             = anon   <!-- 不用认证 -->
                    /static/js/myjs/**             = authc  <!-- 需要认证 -->
                    /static/**                     = anon
                       /loginToIndex                 = anon
                       /toLogin                     = anon
                      /**                            = authc 
               
                    </value>
                </property>
            </bean>
    ShiroRealm类代码
    package com.cms.shiro;
    
    import org.apache.shiro.authc.AuthenticationException;
    import org.apache.shiro.authc.AuthenticationInfo;
    import org.apache.shiro.authc.AuthenticationToken;
    import org.apache.shiro.authc.SimpleAuthenticationInfo;
    import org.apache.shiro.authc.UsernamePasswordToken;
    import org.apache.shiro.realm.Realm;
    
    public class ShiroRealm implements Realm{
    
        @Override
        public AuthenticationInfo getAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
               /*获取用户名*/
            String username = arg0.getPrincipal().toString();
            /*获取密码,由于密码是进行了加密的,所以必须转为char数组再转String
            * 否则无法识别*/
            String password =String.valueOf((char [])arg0.getCredentials());
             if(null != username && null != password){
                 return new SimpleAuthenticationInfo(username, password, getName());
             }else{
                 return null;
             }
        }
    
        @Override
        public String getName() {
            // TODO Auto-generated method stub
            return "ShiroRealm";
        }
        /**
         * 判断当前认证方式是不是用户名和密码
         */
        @Override
        public boolean supports(AuthenticationToken arg0) {
            // TODO Auto-generated method stub
            return arg0 instanceof UsernamePasswordToken;
        }
    
    }

    登录的代码

            Subject subject = SecurityUtils.getSubject(); 
            Session session = subject.getSession();
            String attribute = (String)session.getAttribute("abc");
            System.out.println(attribute);
            try {
                data.put("username", "username");
                data.put("password", "password");
                PageData pd = userService.getUserByUsernameAndPassword(data);
                System.out.println(pd);
            } catch (Exception e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            
            
            UsernamePasswordToken token = new UsernamePasswordToken("abc", "abc");         
            subject.login(token);
  • 相关阅读:
    Codeforces Round #419 (Div. 2)
    论蒟蒻的自我修养
    12 day 1
    Balanced Teams (USACO Jan Bronze 2014)
    一个奇怪的绘图程序
    BZOJ 1002 [ FJOI 2007 ]
    BZOJ 3540 realtime-update 解题
    准备做的题目
    代码风格与树形DP
    CH round #55 Streaming #6
  • 原文地址:https://www.cnblogs.com/qq376324789/p/10770100.html
Copyright © 2020-2023  润新知