测试项目已上传到GitHub:https://github.com/xiaostudy/springboot_shiro_test1
1、创建springboot项目
1 <!-- 数据库连接池 --> 2 <dependency> 3 <groupId>com.alibaba</groupId> 4 <artifactId>druid</artifactId> 5 <version>1.1.10</version> 6 </dependency> 7 <!-- Shiro --> 8 <dependency> 9 <groupId>org.apache.shiro</groupId> 10 <artifactId>shiro-spring</artifactId> 11 <version>1.3.2</version> 12 </dependency> 13 <!-- log4j --> 14 <dependency> 15 <groupId>log4j</groupId> 16 <artifactId>log4j</artifactId> 17 <version>1.2.17</version> 18 </dependency>
srcmainwebapp
2、创建实体类
PermissionEntity.java
1 package com.xiaostudy.shiro_test1.entity; 2 3 import java.io.Serializable; 4 5 /** 6 * 权限实体类 7 * Created with IntelliJ IDEA. 8 * User: Administrator 9 * Date: 2019/6/8 10 * Time: 14:21 11 * Description: No Description 12 */ 13 public class PermissionEntity implements Serializable { 14 private String id; 15 private String name; 16 private String url; 17 18 public String getId() { 19 return id; 20 } 21 22 public void setId(String id) { 23 this.id = id; 24 } 25 26 public String getName() { 27 return name; 28 } 29 30 public void setName(String name) { 31 this.name = name; 32 } 33 34 public String getUrl() { 35 return url; 36 } 37 38 public void setUrl(String url) { 39 this.url = url; 40 } 41 }
1 package com.xiaostudy.shiro_test1.entity; 2 3 import java.io.Serializable; 4 import java.util.HashSet; 5 import java.util.Set; 6 7 /** 8 * 角色实体类 9 * Created with IntelliJ IDEA. 10 * User: Administrator 11 * Date: 2019/6/8 12 * Time: 14:24 13 * Description: No Description 14 */ 15 public class RoleEntity implements Serializable { 16 private String id; 17 private String name; 18 private Set<PermissionEntity> permissions = new HashSet<>(); 19 20 public String getId() { 21 return id; 22 } 23 24 public void setId(String id) { 25 this.id = id; 26 } 27 28 public String getName() { 29 return name; 30 } 31 32 public void setName(String name) { 33 this.name = name; 34 } 35 36 public Set<PermissionEntity> getPermissions() { 37 return permissions; 38 } 39 40 public void setPermissions(Set<PermissionEntity> permissions) { 41 this.permissions = permissions; 42 } 43 }
1 package com.xiaostudy.shiro_test1.entity; 2 3 import java.io.Serializable; 4 import java.util.HashSet; 5 import java.util.Set; 6 7 /** 8 * 用户实体类 9 * Created with IntelliJ IDEA. 10 * User: Administrator 11 * Date: 2019/6/8 12 * Time: 14:26 13 * Description: No Description 14 */ 15 public class UserEntity implements Serializable { 16 private String id; 17 private String name; 18 private String password; 19 private Set<RoleEntity> roles = new HashSet<>(); 20 21 public String getId() { 22 return id; 23 } 24 25 public void setId(String id) { 26 this.id = id; 27 } 28 29 public String getName() { 30 return name; 31 } 32 33 public void setName(String name) { 34 this.name = name; 35 } 36 37 public String getPassword() { 38 return password; 39 } 40 41 public void setPassword(String password) { 42 this.password = password; 43 } 44 45 public Set<RoleEntity> getRoles() { 46 return roles; 47 } 48 49 public void setRoles(Set<RoleEntity> roles) { 50 this.roles = roles; 51 } 52 }
实体类entity,也可以叫bean、domain,具体叫什可以根据自己的喜欢选取
3、数据库创建表和添加数据
1 DROP TABLE IF EXISTS `role_permission`; 2 DROP TABLE IF EXISTS `permission`; 3 DROP TABLE IF EXISTS `user_role`; 4 DROP TABLE IF EXISTS `role`; 5 DROP TABLE IF EXISTS `user`; 6 7 CREATE TABLE `user` ( 8 `id` VARCHAR(255) PRIMARY KEY, 9 `name` VARCHAR(255), 10 `password` VARCHAR(255) 11 ) engine = InnoDB default charset = utf8 comment = '用户表'; 12 13 CREATE TABLE `role` ( 14 `id` VARCHAR(255) PRIMARY KEY, 15 `name` VARCHAR(255) 16 ) engine = InnoDB default charset = utf8 comment = '角色表'; 17 18 CREATE TABLE `user_role` ( 19 `id` VARCHAR(255) PRIMARY KEY, 20 `user_id` VARCHAR(255), 21 `role_id` VARCHAR(255), 22 FOREIGN KEY (`user_id`) REFERENCES `user`(id), 23 FOREIGN KEY (`role_id`) REFERENCES `role`(id) 24 ) engine = InnoDB default charset = utf8 comment = '用户与角色多对多表'; 25 26 CREATE TABLE `permission` ( 27 `id` VARCHAR(255) PRIMARY KEY, 28 `name` VARCHAR(255), 29 `url` VARCHAR(255) 30 ) engine = InnoDB default charset = utf8 comment = '权限表'; 31 32 CREATE TABLE `role_permission` ( 33 `id` VARCHAR(255) PRIMARY KEY, 34 `role_id` VARCHAR(255), 35 `permission_id` VARCHAR(255), 36 FOREIGN KEY (`role_id`) REFERENCES `role`(id), 37 FOREIGN KEY (`permission_id`) REFERENCES `permission`(id) 38 ) engine = InnoDB default charset = utf8 comment = '角色与权限多对多表'; 39 40 insert into `user` (`id`, `name`, `password`) values('1','admin','123456'); 41 insert into `user` (`id`, `name`, `password`) values('2','vip','123456'); 42 insert into `user` (`id`, `name`, `password`) values('3','svip','1234'); 43 44 insert into `role` (`id`, `name`) values('1','user'); 45 insert into `role` (`id`, `name`) values('2','vip'); 46 insert into `role` (`id`, `name`) values('3','svip'); 47 48 insert into `permission` (`id`, `name`, `url`) values('1','user','user'); 49 insert into `permission` (`id`, `name`, `url`) values('2','vip','vip'); 50 insert into `permission` (`id`, `name`, `url`) values('3','svip','svip'); 51 52 insert into `user_role` (`id`, `user_id`, `role_id`) values('1','1','1'); 53 insert into `user_role` (`id`, `user_id`, `role_id`) values('2','2','1'); 54 insert into `user_role` (`id`, `user_id`, `role_id`) values('3','2','2'); 55 insert into `user_role` (`id`, `user_id`, `role_id`) values('4','3','1'); 56 insert into `user_role` (`id`, `user_id`, `role_id`) values('5','3','2'); 57 insert into `user_role` (`id`, `user_id`, `role_id`) values('6','3','3'); 58 59 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('1','1','1'); 60 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('2','2','1'); 61 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('3','2','2'); 62 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('4','3','1'); 63 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('5','3','2'); 64 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('6','3','3');
4、接下来写mapper,也叫dao
1 package com.xiaostudy.shiro_test1.mapper; 2 3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import org.apache.ibatis.annotations.Mapper; 5 6 /** 7 * Created with IntelliJ IDEA. 8 * User: Administrator 9 * Date: 2019/6/8 10 * Time: 14:45 11 * Description: No Description 12 */ 13 @Mapper 14 public interface UserMapper { 15 16 // 根据用户名称,查询用户信息 17 public UserEntity findByName(String name); 18 19 // 根据用户id,查询用户信息、角色、权限 20 public UserEntity findById(String id); 21 }
@Mapper后面再讲,这里也可以不用@Mapper
1 <?xml version="1.0" encoding="UTF-8"?> 2 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> 3 <mapper namespace="com.xiaostudy.shiro_test1.mapper.UserMapper"> 4 5 <resultMap id="userMap" type="com.xiaostudy.shiro_test1.entity.UserEntity"> 6 <id property="id" column="id"/> 7 <result property="name" column="name"/> 8 <result property="password" column="password"/> 9 <collection property="roles" ofType="com.xiaostudy.shiro_test1.entity.RoleEntity"> 10 <id property="id" column="roleId"/> 11 <result property="name" column="roleName"/> 12 <collection property="permissions" ofType="com.xiaostudy.shiro_test1.entity.PermissionEntity"> 13 <id property="id" column="permissionId"/> 14 <result property="name" column="permissionName"/> 15 <result property="url" column="permissionUrl"/> 16 </collection> 17 </collection> 18 </resultMap> 19 20 <select id="findByName" parameterType="java.lang.String" resultType="com.xiaostudy.shiro_test1.entity.UserEntity"> 21 SELECT id, name, password 22 FROM user 23 WHERE name = #{name} 24 </select> 25 26 <select id="findById" parameterType="java.lang.String" resultMap="userMap"> 27 SELECT user.id, user.name, user.password, 28 role.id as roleId, role.name as roleName, 29 permission.id as permissionId, 30 permission.name as permissionName, 31 permission.url as permissionUrl 32 FROM user, user_role, role, role_permission, permission 33 WHERE user.id = #{id} 34 AND user.id = user_role.user_id 35 AND user_role.role_id = role.id 36 AND role.id = role_permission.role_id 37 AND role_permission.permission_id = permission.id 38 </select> 39 40 </mapper>
5、下面写service
1 package com.xiaostudy.shiro_test1.service; 2 3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 5 /** 6 * Created with IntelliJ IDEA. 7 * User: Administrator 8 * Date: 2019/6/8 9 * Time: 14:55 10 * Description: No Description 11 */ 12 public interface UserService { 13 14 UserEntity findByName(String name); 15 16 UserEntity findById(String id); 17 }
1 package com.xiaostudy.shiro_test1.service.impl; 2 3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import com.xiaostudy.shiro_test1.mapper.UserMapper; 5 import com.xiaostudy.shiro_test1.service.UserService; 6 import org.springframework.beans.factory.annotation.Autowired; 7 import org.springframework.stereotype.Service; 8 9 /** 10 * Created with IntelliJ IDEA. 11 * User: Administrator 12 * Date: 2019/6/8 13 * Time: 14:56 14 * Description: No Description 15 */ 16 @Service 17 public class UserServiceImpl implements UserService { 18 19 @Autowired 20 private UserMapper userMapper; 21 22 @Override 23 public UserEntity findByName(String name) { 24 return userMapper.findByName(name); 25 } 26 27 @Override 28 public UserEntity findById(String id) { 29 return userMapper.findById(id); 30 } 31 }
6、下面写自定义Realm的UserRealm.java
1 package com.xiaostudy.shiro_test1.realm; 2 3 import com.xiaostudy.shiro_test1.entity.PermissionEntity; 4 import com.xiaostudy.shiro_test1.entity.RoleEntity; 5 import com.xiaostudy.shiro_test1.entity.UserEntity; 6 import com.xiaostudy.shiro_test1.service.UserService; 7 import org.apache.shiro.SecurityUtils; 8 import org.apache.shiro.authc.*; 9 import org.apache.shiro.authz.AuthorizationInfo; 10 import org.apache.shiro.authz.SimpleAuthorizationInfo; 11 import org.apache.shiro.realm.AuthorizingRealm; 12 import org.apache.shiro.subject.PrincipalCollection; 13 import org.apache.shiro.subject.Subject; 14 import org.apache.shiro.util.ByteSource; 15 import org.springframework.beans.factory.annotation.Autowired; 16 17 import java.util.Collection; 18 import java.util.HashSet; 19 import java.util.Set; 20 21 /** 22 * 自定义Realm,实现授权与认证 23 * Created with IntelliJ IDEA. 24 * User: Administrator 25 * Date: 2019/6/8 26 * Time: 15:01 27 * Description: No Description 28 */ 29 public class UserRealm extends AuthorizingRealm { 30 31 @Autowired 32 private UserService userService; 33 34 /** 35 * 用户授权 36 **/ 37 @Override 38 protected AuthorizationInfo doGetAuthorizationInfo( 39 PrincipalCollection principalCollection) { 40 41 System.out.println("===执行授权==="); 42 43 Subject subject = SecurityUtils.getSubject(); 44 UserEntity user = (UserEntity)subject.getPrincipal(); 45 if(user != null){ 46 SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); 47 // 角色字符串集合 48 Collection<String> rolesCollection = new HashSet<>(); 49 // 权限字符串集合 50 Collection<String> premissionCollection = new HashSet<>(); 51 // 读取并赋值用户角色与权限 52 Set<RoleEntity> roles = user.getRoles(); 53 for(RoleEntity role : roles){ 54 rolesCollection.add(role.getName()); 55 Set<PermissionEntity> permissions = role.getPermissions(); 56 for (PermissionEntity permission : permissions){ 57 // 权限名称为PermissionEntity为字段url 58 premissionCollection.add(permission.getUrl()); 59 } 60 info.addStringPermissions(premissionCollection); 61 } 62 info.addRoles(rolesCollection); 63 return info; 64 } 65 return null; 66 } 67 68 /** 69 * 用户认证 70 **/ 71 @Override 72 protected AuthenticationInfo doGetAuthenticationInfo( 73 AuthenticationToken authenticationToken) throws AuthenticationException { 74 75 System.out.println("===执行认证==="); 76 77 UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken; 78 UserEntity bean = userService.findByName(token.getUsername()); 79 80 if(bean == null){ 81 // 用户不存在 82 throw new UnknownAccountException(); 83 } else { 84 bean = userService.findById(bean.getId()); 85 if(null == bean) { 86 // 认证失败 87 throw new AuthenticationException(); 88 } 89 } 90 91 ByteSource credentialsSalt = ByteSource.Util.bytes(bean.getName()); 92 93 return new SimpleAuthenticationInfo(bean, bean.getPassword(), 94 credentialsSalt, getName()); 95 } 96 }
7、下面写shiro配置类
1 package com.xiaostudy.shiro_test1.config; 2 3 import com.xiaostudy.shiro_test1.realm.UserRealm; 4 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; 5 import org.apache.shiro.spring.web.ShiroFilterFactoryBean; 6 import org.apache.shiro.web.mgt.DefaultWebSecurityManager; 7 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; 8 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; 9 import org.springframework.context.annotation.Bean; 10 import org.springframework.context.annotation.Configuration; 11 12 import java.util.HashMap; 13 import java.util.Map; 14 15 /** 16 * Shiro配置类 17 * Created with IntelliJ IDEA. 18 * User: Administrator 19 * Date: 2019/6/8 20 * Time: 15:06 21 * Description: No Description 22 */ 23 @Configuration 24 public class ShiroConfig { 25 26 // 创建自定义 realm 27 @Bean 28 public UserRealm userRealm() { 29 UserRealm userRealm = new UserRealm(); 30 return userRealm; 31 } 32 33 // 创建 SecurityManager 对象 34 @Bean 35 public DefaultWebSecurityManager securityManager() { 36 DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); 37 securityManager.setRealm(userRealm()); 38 return securityManager; 39 } 40 41 // Filter工厂,设置对应的过滤条件和跳转条件 42 @Bean 43 public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) { 44 ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); 45 shiroFilterFactoryBean.setSecurityManager(securityManager); 46 /** 47 * anon:匿名用户可访问 48 * authc:认证用户可访问 49 * user:使用rememberMe可访问 50 * perms:对应权限可访问 51 * role:对应角色权限可访问 52 */ 53 Map<String, String> map = new HashMap<>(); 54 // 开放登录接口 55 map.put("/login", "anon"); 56 // map.put("/login", "authc"); 57 // 对登录跳转接口进行释放 58 map.put("/error", "anon"); 59 // 对所有用户认证 60 map.put("/**", "authc"); 61 // 登出 62 map.put("/logout", "logout"); 63 // 登录 64 // 注意:这里配置的 /login 是指到 @RequestMapping(value="/login")中的 /login 65 shiroFilterFactoryBean.setLoginUrl("/login"); 66 // 首页 67 shiroFilterFactoryBean.setSuccessUrl("/index"); 68 // 错误页面,认证不通过跳转 69 shiroFilterFactoryBean.setUnauthorizedUrl("/error/unAuth"); 70 shiroFilterFactoryBean.setFilterChainDefinitionMap(map); 71 return shiroFilterFactoryBean; 72 } 73 74 // 加入注解的使用,不加这个,注解不生效 75 @Bean 76 public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) { 77 AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor(); 78 authorizationAttributeSourceAdvisor.setSecurityManager(securityManager); 79 return authorizationAttributeSourceAdvisor; 80 } 81 82 // 跟上面的注解配置搭配使用,有时候加了上面的配置后注解不生效,需要加入下面的配置 83 @Bean 84 @ConditionalOnMissingBean 85 public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { 86 DefaultAdvisorAutoProxyCreator app = new DefaultAdvisorAutoProxyCreator(); 87 app.setProxyTargetClass(true); 88 return app; 89 } 90 }
8、下面写没有权限异常处理类
1 package com.xiaostudy.shiro_test1.exception; 2 3 import org.apache.shiro.authz.AuthorizationException; 4 import org.apache.shiro.authz.UnauthorizedException; 5 import org.springframework.stereotype.Component; 6 import org.springframework.web.bind.annotation.ControllerAdvice; 7 import org.springframework.web.bind.annotation.ExceptionHandler; 8 import org.springframework.web.bind.annotation.ResponseBody; 9 10 /** 11 * Created with IntelliJ IDEA. 12 * User: Administrator 13 * Date: 2019/6/8 14 * Time: 15:13 15 * Description: No Description 16 */ 17 @ControllerAdvice 18 public class NoPermissionException { 19 // 授权失败,就是说没有该权限 20 @ExceptionHandler(UnauthorizedException.class) 21 public String handleShiroException(Exception ex) { 22 return "/error/unAuth"; 23 } 24 25 @ResponseBody 26 @ExceptionHandler(AuthorizationException.class) 27 public String AuthorizationException(Exception ex) { 28 return "权限认证失败"; 29 } 30 }
9、下面写controller
1 package com.xiaostudy.shiro_test1.web.controller; 2 3 import org.apache.shiro.SecurityUtils; 4 import org.apache.shiro.authc.AuthenticationException; 5 import org.apache.shiro.authc.IncorrectCredentialsException; 6 import org.apache.shiro.authc.UnknownAccountException; 7 import org.apache.shiro.authc.UsernamePasswordToken; 8 import org.apache.shiro.subject.Subject; 9 import org.springframework.stereotype.Controller; 10 import org.springframework.web.bind.annotation.RequestMapping; 11 12 import javax.servlet.http.HttpServletRequest; 13 import javax.servlet.http.HttpServletResponse; 14 15 /** 16 * 用户登录、登出、错误页面跳转控制器 17 * Created with IntelliJ IDEA. 18 * User: Administrator 19 * Date: 2019/6/8 20 * Time: 15:15 21 * Description: No Description 22 */ 23 @Controller 24 public class MainController { 25 26 @RequestMapping("/index") 27 public String index(HttpServletRequest request, HttpServletResponse response){ 28 response.setHeader("root", request.getContextPath()); 29 return "index"; 30 } 31 32 @RequestMapping("/login") 33 public String login(HttpServletRequest request, HttpServletResponse response){ 34 response.setHeader("root", request.getContextPath()); 35 String userName = request.getParameter("username"); 36 String password = request.getParameter("password"); 37 38 // 等于null说明用户没有登录,只是拦截所有请求到这里,那就直接让用户去登录页面,就不认证了。 39 // 如果这里不处理,那个会返回用户名不存在,逻辑上不合理,用户还没登录怎么就用户名不存在? 40 if(null == userName) { 41 return "login"; 42 } 43 44 // 1.获取Subject 45 Subject subject = SecurityUtils.getSubject(); 46 // 2.封装用户数据 47 UsernamePasswordToken token = new UsernamePasswordToken(userName, password); 48 // 3.执行登录方法 49 try{ 50 subject.login(token); 51 return "redirect:/index"; 52 } catch (UnknownAccountException e){ 53 // 这里是捕获自定义Realm的用户名不存在异常 54 request.setAttribute("msg","用户名不存在!"); 55 } catch (IncorrectCredentialsException e){ 56 request.setAttribute("userName",userName); 57 request.setAttribute("msg","密码错误!"); 58 } catch (AuthenticationException e) { 59 // 这里是捕获自定义Realm的认证失败异常 60 request.setAttribute("msg","认证失败!"); 61 } 62 63 return "login"; 64 } 65 66 @RequestMapping("/logout") 67 public String logout(){ 68 Subject subject = SecurityUtils.getSubject(); 69 if (subject != null) { 70 subject.logout(); 71 } 72 // return "redirect:/main"; 73 return "login"; 74 } 75 76 @RequestMapping("/error/unAuth") 77 public String unAuth(){ 78 return "/error/unAuth"; 79 } 80 81 @RequestMapping("/err") 82 public String err(){ 83 return "/error/unAuth"; 84 } 85 }
1 package com.xiaostudy.shiro_test1.web.controller; 2 3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import org.apache.shiro.SecurityUtils; 5 import org.apache.shiro.authz.annotation.RequiresPermissions; 6 import org.springframework.stereotype.Controller; 7 import org.springframework.web.bind.annotation.RequestMapping; 8 9 import javax.servlet.http.HttpServletRequest; 10 11 /** 12 * 用户页面跳转 13 * Created with IntelliJ IDEA. 14 * User: Administrator 15 * Date: 2019/6/8 16 * Time: 15:21 17 * Description: No Description 18 */ 19 @Controller 20 public class UserController { 21 22 /** 23 * 个人中心,需认证可访问 24 */ 25 @RequestMapping("/user/index") 26 @RequiresPermissions(value = "user")// 这里的user,就是对应权限实体类PermissionEntity的字段url,自定义Realm类UserRealm里是用这个字段 27 public String add(HttpServletRequest request){ 28 UserEntity bean = (UserEntity) SecurityUtils.getSubject().getPrincipal(); 29 request.setAttribute("userName", bean.getName()); 30 return "/user/index"; 31 } 32 33 /** 34 * 会员中心,需认证且角色为vip可访问 35 */ 36 @RequestMapping("/vip/index") 37 @RequiresPermissions(value = "vip") 38 public String update(){ 39 return "/vip/index"; 40 } 41 }
10、下面写spring-mvc.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:mvc="http://www.springframework.org/schema/mvc" 4 xmlns:aop="http://www.springframework.org/schema/aop" 5 xmlns:tx="http://www.springframework.org/schema/tx" 6 xmlns:context="http://www.springframework.org/schema/context" 7 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 8 xsi:schemaLocation="http://www.springframework.org/schema/beans 9 http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 10 http://www.springframework.org/schema/mvc 11 http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd 12 http://www.springframework.org/schema/context 13 http://www.springframework.org/schema/context/spring-context-3.2.xsd 14 http://www.springframework.org/schema/aop 15 http://www.springframework.org/schema/aop/spring-aop-3.2.xsd 16 http://www.springframework.org/schema/tx 17 http://www.springframework.org/schema/tx/spring-tx-3.2.xsd"> 18 19 <!-- 把Controller交给spring管理 --> 20 <context:component-scan base-package="com.xiaostudy"/> 21 22 <!-- 配置注解处理器映射器 功能:寻找执行类Controller --> 23 <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping"/> 24 25 <!-- 配置注解处理器适配器 功能:调用controller方法,执行controller --> 26 <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter"/> 27 28 <!-- 配置sprigmvc视图解析器:解析逻辑试图 29 后台返回逻辑试图:index 30 视图解析器解析出真正物理视图:前缀+逻辑试图+后缀====/WEB-INF/index.jsp --> 31 <!--<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 32 <property name="prefix" value="/WEB-INF/"/> 33 <property name="suffix" value=".jsp"/> 34 </bean>--> 35 </beans>
11、下面写web.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" 3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 4 xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" 5 version="4.0"> 6 <display-name>Archetype Created Web Application</display-name> 7 8 <!--请求编码设置--> 9 <filter> 10 <filter-name>encodingFilter</filter-name> 11 <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> 12 <init-param> 13 <param-name>encoding</param-name> 14 <param-value>UTF-8</param-value> 15 </init-param> 16 <init-param> 17 <param-name>forceEncoding</param-name> 18 <param-value>true</param-value> 19 </init-param> 20 </filter> 21 <filter-mapping> 22 <filter-name>encodingFilter</filter-name> 23 <url-pattern>/*</url-pattern> 24 </filter-mapping> 25 26 <listener> 27 <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 28 </listener> 29 <listener> 30 <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class> 31 </listener> 32 <servlet> 33 <servlet-name>SpringMVC</servlet-name> 34 <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 35 <init-param> 36 <param-name>contextConfigLocation</param-name> 37 <param-value>classpath:spring-mvc.xml</param-value> 38 </init-param> 39 <load-on-startup>1</load-on-startup> 40 <async-supported>true</async-supported> 41 </servlet> 42 <servlet-mapping> 43 <servlet-name>SpringMVC</servlet-name> 44 <url-pattern>/</url-pattern> 45 </servlet-mapping> 46 <welcome-file-list> 47 <welcome-file>/index</welcome-file> 48 </welcome-file-list> 49 </web-app>
12、下面写application.yml
1 spring: 2 datasource: 3 url: jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=UTF-8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC 4 username: root 5 password: root 6 driver-class-name: com.mysql.cj.jdbc.Driver 7 type: com.alibaba.druid.pool.DruidDataSource 8 # 初始化时建立物理连接连接的个数 9 initialSize: 5 10 # 最小连接池数量 11 minIdle: 5 12 # 最大连接池数量 13 maxActive: 20 14 # 获取连接时最大等待时间(ms),即60s 15 maxWait: 60000 16 # 1.Destroy线程会检测连接的间隔时间;2.testWhileIdle的判断依据 17 timeBetweenEvictionRunsMillis: 60000 18 # 最小生存时间ms 19 minEvictableIdleTimeMillis: 600000 20 maxEvictableIdleTimeMillis: 900000 21 # 用来检测连接是否有效的sql 22 validationQuery: SELECT 1 FROM DUAL 23 # 申请连接时执行validationQuery检测连接是否有效,启用会降低性能 24 testOnBorrow: false 25 # 归还连接时执行validationQuery检测连接是否有效,启用会降低性能 26 testOnReturn: false 27 # 申请连接的时候检测,如果空闲时间大于timeBetweenEvictionRunsMillis, 28 # 执行validationQuery检测连接是否有效,不会降低性能 29 testWhileIdle: true 30 # 是否缓存preparedStatement,mysql建议关闭 31 poolPreparedStatements: false 32 # 配置监控统计拦截的filters,去掉后监控界面sql无法统计,'wall'用于防火墙 33 filters: stat,wall,log4j 34 thymeleaf: 35 suffix: .html 36 charset: utf-8 37 mvc: 38 # 配置静态资源映射路径,/public、/resources路径失效 39 static-path-pattern: templates/** 40 mybatis: 41 mapper-locations: classpath:mapper/*.xml 42 # mapperLocations: classpath:mapper/*.xml 43 # 虽然可以配置这项来进行pojo包扫描,但其实我更倾向于在mapper.xml写全类名 44 # type-aliases-package: com.xiaostudy.shiro_test1.entity
13、下面写html
1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <meta charset="UTF-8"> 5 <title>登录</title> 6 </head> 7 <body> 8 <h1>用户登录</h1> 9 <hr> 10 <form id="from" action="/login" method="post"> 11 <table> 12 <tr> 13 <td>用户名</td> 14 <td> 15 <input type="text" name="username" placeholder="请输入账户名" value="" th:value="${userName }"/> 16 </td> 17 </tr> 18 <tr> 19 <td>密码</td> 20 <td> 21 <input type="password" name="password" placeholder="请输入密码"/> 22 </td> 23 </tr> 24 <tr> 25 <td colspan="2"> 26 <span style="color: red;">[[${msg }]]</span> 27 </td> 28 </tr> 29 <tr> 30 <td colspan="2"> 31 <input type="submit" value="登录"/> 32 <input type="reset" value="重置"/> 33 </td> 34 </tr> 35 </table> 36 </form> 37 </body> 38 </html>
1 <!DOCTYPE html> 2 <html lang="en"> 3 4 <head> 5 <title>首页</title> 6 </head> 7 <body> 8 <h1>首页</h1> 9 <hr> 10 <ul> 11 <li><a href="user/index">个人中心</a></li> 12 <li><a href="vip/index">会员中心</a></li> 13 <li><a href="logout">退出登录</a></li> 14 </ul> 15 </body> 16 </html>
1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <title>用户中心</title> 5 </head> 6 <body> 7 <h1>用户中心</h1> 8 <hr> 9 <h1>欢迎[[${userName }]],这里是用户中心</h1> 10 </body> 11 </html>
1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <title>会员中心</title> 5 </head> 6 <body> 7 <h1>会员中心</h1> 8 <hr> 9 <h1>欢迎来到<span style="color: red;">会员中心</span></h1> 10 </body> 11 </html>
1 <!DOCTYPE html> 2 <html lang="en"> 3 <head> 4 <title>未授权提示</title> 5 </head> 6 <body> 7 <h1>您还不是<span style="color: red;">会员</span> ,没有权限访问这个页面!</h1> 8 </body> 9 </html>
下面讲一下@Mapper与@MapperScan这个注解
@Mapper是放在具体的*Mapper.java类上面的,告诉springboot,这是mapper类
而@MapperScan是让springboot去扫描指定包下的mapper类,就不用每个mapper自己添加一个@Mapper注解了,这种方式比较好,因为这里测试只有一个mapper类,就直接用@Mapper了,两个一起用会不会冲突,这里没有测试。
整体目录
先看一下数据库表
下面是启动测试
参考文章:https://blog.csdn.net/qq_34802416/article/details/84959457
thymeleaf