springboot与shiro和mybatis和mysql

Easter79
• 阅读 573

测试项目已上传到GitHub:https://github.com/xiaostudy/springboot_shiro_test1

1、创建springboot项目

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

 1 <!-- 数据库连接池 -->
 2 <dependency>
 3     <groupId>com.alibaba</groupId>
 4     <artifactId>druid</artifactId>
 5     <version>1.1.10</version>
 6 </dependency>
 7 <!-- Shiro -->
 8 <dependency>
 9     <groupId>org.apache.shiro</groupId>
10     <artifactId>shiro-spring</artifactId>
11     <version>1.3.2</version>
12 </dependency>
13 <!-- log4j -->
14 <dependency>
15     <groupId>log4j</groupId>
16     <artifactId>log4j</artifactId>
17     <version>1.2.17</version>
18 </dependency>

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

src\main\webapp\

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

2、创建实体类

 springboot与shiro和mybatis和mysql

PermissionEntity.java

 1 package com.xiaostudy.shiro_test1.entity;
 2 
 3 import java.io.Serializable;
 4 
 5 /**
 6  * 权限实体类
 7  * Created with IntelliJ IDEA.
 8  * User: Administrator
 9  * Date: 2019/6/8
10  * Time: 14:21
11  * Description: No Description
12  */
13 public class PermissionEntity implements Serializable {
14     private String id;
15     private String name;
16     private String url;
17 
18     public String getId() {
19         return id;
20     }
21 
22     public void setId(String id) {
23         this.id = id;
24     }
25 
26     public String getName() {
27         return name;
28     }
29 
30     public void setName(String name) {
31         this.name = name;
32     }
33 
34     public String getUrl() {
35         return url;
36     }
37 
38     public void setUrl(String url) {
39         this.url = url;
40     }
41 }

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.entity;
 2 
 3 import java.io.Serializable;
 4 import java.util.HashSet;
 5 import java.util.Set;
 6 
 7 /**
 8  * 角色实体类
 9  * Created with IntelliJ IDEA.
10  * User: Administrator
11  * Date: 2019/6/8
12  * Time: 14:24
13  * Description: No Description
14  */
15 public class RoleEntity implements Serializable {
16     private String id;
17     private String name;
18     private Set<PermissionEntity> permissions = new HashSet<>();
19 
20     public String getId() {
21         return id;
22     }
23 
24     public void setId(String id) {
25         this.id = id;
26     }
27 
28     public String getName() {
29         return name;
30     }
31 
32     public void setName(String name) {
33         this.name = name;
34     }
35 
36     public Set<PermissionEntity> getPermissions() {
37         return permissions;
38     }
39 
40     public void setPermissions(Set<PermissionEntity> permissions) {
41         this.permissions = permissions;
42     }
43 }

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.entity;
 2 
 3 import java.io.Serializable;
 4 import java.util.HashSet;
 5 import java.util.Set;
 6 
 7 /**
 8  * 用户实体类
 9  * Created with IntelliJ IDEA.
10  * User: Administrator
11  * Date: 2019/6/8
12  * Time: 14:26
13  * Description: No Description
14  */
15 public class UserEntity implements Serializable {
16     private String id;
17     private String name;
18     private String password;
19     private Set<RoleEntity> roles = new HashSet<>();
20 
21     public String getId() {
22         return id;
23     }
24 
25     public void setId(String id) {
26         this.id = id;
27     }
28 
29     public String getName() {
30         return name;
31     }
32 
33     public void setName(String name) {
34         this.name = name;
35     }
36 
37     public String getPassword() {
38         return password;
39     }
40 
41     public void setPassword(String password) {
42         this.password = password;
43     }
44 
45     public Set<RoleEntity> getRoles() {
46         return roles;
47     }
48 
49     public void setRoles(Set<RoleEntity> roles) {
50         this.roles = roles;
51     }
52 }

实体类entity,也可以叫bean、domain,具体叫什可以根据自己的喜欢选取

3、数据库创建表和添加数据

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

 1  DROP TABLE IF EXISTS `role_permission`;
 2  DROP TABLE IF EXISTS `permission`;
 3  DROP TABLE IF EXISTS `user_role`;
 4  DROP TABLE IF EXISTS `role`;
 5  DROP TABLE IF EXISTS `user`;
 6 
 7  CREATE TABLE `user` (
 8  `id` VARCHAR(255) PRIMARY KEY,
 9  `name` VARCHAR(255),
10  `password` VARCHAR(255)
11  ) engine = InnoDB default charset = utf8 comment = '用户表';
12 
13  CREATE TABLE `role` (
14  `id` VARCHAR(255) PRIMARY KEY,
15  `name` VARCHAR(255)
16  ) engine = InnoDB default charset = utf8 comment = '角色表';
17 
18  CREATE TABLE `user_role` (
19  `id` VARCHAR(255) PRIMARY KEY,
20  `user_id` VARCHAR(255),
21  `role_id` VARCHAR(255),
22  FOREIGN KEY (`user_id`) REFERENCES `user`(id),
23  FOREIGN KEY (`role_id`) REFERENCES `role`(id)
24  ) engine = InnoDB default charset = utf8 comment = '用户与角色多对多表';
25 
26  CREATE TABLE `permission` (
27  `id` VARCHAR(255) PRIMARY KEY,
28  `name` VARCHAR(255),
29  `url` VARCHAR(255)
30  ) engine = InnoDB default charset = utf8 comment = '权限表';
31 
32  CREATE TABLE `role_permission` (
33  `id` VARCHAR(255) PRIMARY KEY,
34  `role_id` VARCHAR(255),
35  `permission_id` VARCHAR(255),
36  FOREIGN KEY (`role_id`) REFERENCES `role`(id),
37  FOREIGN KEY (`permission_id`) REFERENCES `permission`(id)
38  ) engine = InnoDB default charset = utf8 comment = '角色与权限多对多表';
39 
40 insert into `user` (`id`, `name`, `password`) values('1','admin','123456');
41 insert into `user` (`id`, `name`, `password`) values('2','vip','123456');
42 insert into `user` (`id`, `name`, `password`) values('3','svip','1234');
43 
44 insert into `role` (`id`, `name`) values('1','user');
45 insert into `role` (`id`, `name`) values('2','vip');
46 insert into `role` (`id`, `name`) values('3','svip');
47 
48 insert into `permission` (`id`, `name`, `url`) values('1','user','user');
49 insert into `permission` (`id`, `name`, `url`) values('2','vip','vip');
50 insert into `permission` (`id`, `name`, `url`) values('3','svip','svip');
51 
52 insert into `user_role` (`id`, `user_id`, `role_id`) values('1','1','1');
53 insert into `user_role` (`id`, `user_id`, `role_id`) values('2','2','1');
54 insert into `user_role` (`id`, `user_id`, `role_id`) values('3','2','2');
55 insert into `user_role` (`id`, `user_id`, `role_id`) values('4','3','1');
56 insert into `user_role` (`id`, `user_id`, `role_id`) values('5','3','2');
57 insert into `user_role` (`id`, `user_id`, `role_id`) values('6','3','3');
58 
59 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('1','1','1');
60 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('2','2','1');
61 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('3','2','2');
62 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('4','3','1');
63 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('5','3','2');
64 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('6','3','3');

4、接下来写mapper,也叫dao

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.mapper;
 2 
 3 import com.xiaostudy.shiro_test1.entity.UserEntity;
 4 import org.apache.ibatis.annotations.Mapper;
 5 
 6 /**
 7  * Created with IntelliJ IDEA.
 8  * User: Administrator
 9  * Date: 2019/6/8
10  * Time: 14:45
11  * Description: No Description
12  */
13 @Mapper
14 public interface UserMapper {
15 
16     // 根据用户名称,查询用户信息
17     public UserEntity findByName(String name);
18 
19     // 根据用户id,查询用户信息、角色、权限
20     public UserEntity findById(String id);
21 }

@Mapper后面再讲,这里也可以不用@Mapper

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 3 <mapper namespace="com.xiaostudy.shiro_test1.mapper.UserMapper">
 4 
 5     <resultMap id="userMap" type="com.xiaostudy.shiro_test1.entity.UserEntity">
 6         <id property="id" column="id"/>
 7         <result property="name" column="name"/>
 8         <result property="password" column="password"/>
 9         <collection property="roles" ofType="com.xiaostudy.shiro_test1.entity.RoleEntity">
10             <id property="id" column="roleId"/>
11             <result property="name" column="roleName"/>
12             <collection property="permissions" ofType="com.xiaostudy.shiro_test1.entity.PermissionEntity">
13                 <id property="id" column="permissionId"/>
14                 <result property="name" column="permissionName"/>
15                 <result property="url" column="permissionUrl"/>
16             </collection>
17         </collection>
18     </resultMap>
19 
20     <select id="findByName" parameterType="java.lang.String" resultType="com.xiaostudy.shiro_test1.entity.UserEntity">
21       SELECT id, name, password
22         FROM user
23           WHERE name = #{name}
24     </select>
25 
26     <select id="findById" parameterType="java.lang.String" resultMap="userMap">
27       SELECT user.id, user.name, user.password,
28             role.id as roleId, role.name as roleName,
29             permission.id as permissionId,
30             permission.name as permissionName,
31             permission.url as permissionUrl
32         FROM user, user_role, role, role_permission, permission
33           WHERE user.id = #{id}
34             AND user.id = user_role.user_id
35             AND user_role.role_id = role.id
36             AND role.id = role_permission.role_id
37             AND role_permission.permission_id = permission.id
38     </select>
39 
40 </mapper>

5、下面写service

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.service;
 2 
 3 import com.xiaostudy.shiro_test1.entity.UserEntity;
 4 
 5 /**
 6  * Created with IntelliJ IDEA.
 7  * User: Administrator
 8  * Date: 2019/6/8
 9  * Time: 14:55
10  * Description: No Description
11  */
12 public interface UserService {
13 
14     UserEntity findByName(String name);
15 
16     UserEntity findById(String id);
17 }

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.service.impl;
 2 
 3 import com.xiaostudy.shiro_test1.entity.UserEntity;
 4 import com.xiaostudy.shiro_test1.mapper.UserMapper;
 5 import com.xiaostudy.shiro_test1.service.UserService;
 6 import org.springframework.beans.factory.annotation.Autowired;
 7 import org.springframework.stereotype.Service;
 8 
 9 /**
10  * Created with IntelliJ IDEA.
11  * User: Administrator
12  * Date: 2019/6/8
13  * Time: 14:56
14  * Description: No Description
15  */
16 @Service
17 public class UserServiceImpl implements UserService {
18 
19     @Autowired
20     private UserMapper userMapper;
21 
22     @Override
23     public UserEntity findByName(String name) {
24         return userMapper.findByName(name);
25     }
26 
27     @Override
28     public UserEntity findById(String id) {
29         return userMapper.findById(id);
30     }
31 }

6、下面写自定义Realm的UserRealm.java

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.realm;
 2 
 3 import com.xiaostudy.shiro_test1.entity.PermissionEntity;
 4 import com.xiaostudy.shiro_test1.entity.RoleEntity;
 5 import com.xiaostudy.shiro_test1.entity.UserEntity;
 6 import com.xiaostudy.shiro_test1.service.UserService;
 7 import org.apache.shiro.SecurityUtils;
 8 import org.apache.shiro.authc.*;
 9 import org.apache.shiro.authz.AuthorizationInfo;
10 import org.apache.shiro.authz.SimpleAuthorizationInfo;
11 import org.apache.shiro.realm.AuthorizingRealm;
12 import org.apache.shiro.subject.PrincipalCollection;
13 import org.apache.shiro.subject.Subject;
14 import org.apache.shiro.util.ByteSource;
15 import org.springframework.beans.factory.annotation.Autowired;
16 
17 import java.util.Collection;
18 import java.util.HashSet;
19 import java.util.Set;
20 
21 /**
22  * 自定义Realm,实现授权与认证
23  * Created with IntelliJ IDEA.
24  * User: Administrator
25  * Date: 2019/6/8
26  * Time: 15:01
27  * Description: No Description
28  */
29 public class UserRealm extends AuthorizingRealm {
30 
31     @Autowired
32     private UserService userService;
33 
34     /**
35      * 用户授权
36      **/
37     @Override
38     protected AuthorizationInfo doGetAuthorizationInfo(
39             PrincipalCollection principalCollection) {
40 
41         System.out.println("===执行授权===");
42 
43         Subject subject = SecurityUtils.getSubject();
44         UserEntity user = (UserEntity)subject.getPrincipal();
45         if(user != null){
46             SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
47             // 角色字符串集合
48             Collection<String> rolesCollection = new HashSet<>();
49             // 权限字符串集合
50             Collection<String> premissionCollection = new HashSet<>();
51             // 读取并赋值用户角色与权限
52             Set<RoleEntity> roles = user.getRoles();
53             for(RoleEntity role : roles){
54                 rolesCollection.add(role.getName());
55                 Set<PermissionEntity> permissions = role.getPermissions();
56                 for (PermissionEntity permission : permissions){
57                     // 权限名称为PermissionEntity为字段url
58                     premissionCollection.add(permission.getUrl());
59                 }
60                 info.addStringPermissions(premissionCollection);
61             }
62             info.addRoles(rolesCollection);
63             return info;
64         }
65         return null;
66     }
67 
68     /**
69      * 用户认证
70      **/
71     @Override
72     protected AuthenticationInfo doGetAuthenticationInfo(
73             AuthenticationToken authenticationToken) throws AuthenticationException {
74 
75         System.out.println("===执行认证===");
76 
77         UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
78         UserEntity bean = userService.findByName(token.getUsername());
79 
80         if(bean == null){
81             // 用户不存在
82             throw new UnknownAccountException();
83         } else {
84             bean = userService.findById(bean.getId());
85             if(null == bean) {
86                 // 认证失败
87                 throw new AuthenticationException();
88             }
89         }
90 
91         ByteSource credentialsSalt = ByteSource.Util.bytes(bean.getName());
92 
93         return new SimpleAuthenticationInfo(bean, bean.getPassword(),
94                 credentialsSalt, getName());
95     }
96 }

7、下面写shiro配置类

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.config;
 2 
 3 import com.xiaostudy.shiro_test1.realm.UserRealm;
 4 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 5 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 6 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 7 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
 8 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 9 import org.springframework.context.annotation.Bean;
10 import org.springframework.context.annotation.Configuration;
11 
12 import java.util.HashMap;
13 import java.util.Map;
14 
15 /**
16  * Shiro配置类
17  * Created with IntelliJ IDEA.
18  * User: Administrator
19  * Date: 2019/6/8
20  * Time: 15:06
21  * Description: No Description
22  */
23 @Configuration
24 public class ShiroConfig {
25 
26     // 创建自定义 realm
27     @Bean
28     public UserRealm userRealm() {
29         UserRealm userRealm = new UserRealm();
30         return userRealm;
31     }
32 
33     // 创建 SecurityManager 对象
34     @Bean
35     public DefaultWebSecurityManager securityManager() {
36         DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
37         securityManager.setRealm(userRealm());
38         return securityManager;
39     }
40 
41     // Filter工厂,设置对应的过滤条件和跳转条件
42     @Bean
43     public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
44         ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
45         shiroFilterFactoryBean.setSecurityManager(securityManager);
46         /**
47          * anon:匿名用户可访问
48          * authc:认证用户可访问
49          * user:使用rememberMe可访问
50          * perms:对应权限可访问
51          * role:对应角色权限可访问
52          */
53         Map<String, String> map = new HashMap<>();
54         // 开放登录接口
55         map.put("/login", "anon");
56 //        map.put("/login", "authc");
57         // 对登录跳转接口进行释放
58         map.put("/error", "anon");
59         // 对所有用户认证
60         map.put("/**", "authc");
61         // 登出
62         map.put("/logout", "logout");
63         // 登录
64         // 注意:这里配置的 /login 是指到 @RequestMapping(value="/login")中的 /login
65         shiroFilterFactoryBean.setLoginUrl("/login");
66         // 首页
67         shiroFilterFactoryBean.setSuccessUrl("/index");
68         // 错误页面,认证不通过跳转
69         shiroFilterFactoryBean.setUnauthorizedUrl("/error/unAuth");
70         shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
71         return shiroFilterFactoryBean;
72     }
73 
74     // 加入注解的使用,不加这个,注解不生效
75     @Bean
76     public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
77         AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
78         authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
79         return authorizationAttributeSourceAdvisor;
80     }
81 
82     // 跟上面的注解配置搭配使用,有时候加了上面的配置后注解不生效,需要加入下面的配置
83     @Bean
84     @ConditionalOnMissingBean
85     public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
86         DefaultAdvisorAutoProxyCreator app = new DefaultAdvisorAutoProxyCreator();
87         app.setProxyTargetClass(true);
88         return app;
89     }
90 }

8、下面写没有权限异常处理类

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.exception;
 2 
 3 import org.apache.shiro.authz.AuthorizationException;
 4 import org.apache.shiro.authz.UnauthorizedException;
 5 import org.springframework.stereotype.Component;
 6 import org.springframework.web.bind.annotation.ControllerAdvice;
 7 import org.springframework.web.bind.annotation.ExceptionHandler;
 8 import org.springframework.web.bind.annotation.ResponseBody;
 9 
10 /**
11  * Created with IntelliJ IDEA.
12  * User: Administrator
13  * Date: 2019/6/8
14  * Time: 15:13
15  * Description: No Description
16  */
17 @ControllerAdvice
18 public class NoPermissionException {
19     // 授权失败,就是说没有该权限
20     @ExceptionHandler(UnauthorizedException.class)
21     public String handleShiroException(Exception ex) {
22         return "/error/unAuth";
23     }
24 
25     @ResponseBody
26     @ExceptionHandler(AuthorizationException.class)
27     public String AuthorizationException(Exception ex) {
28         return "权限认证失败";
29     }
30 }

9、下面写controller

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.web.controller;
 2 
 3 import org.apache.shiro.SecurityUtils;
 4 import org.apache.shiro.authc.AuthenticationException;
 5 import org.apache.shiro.authc.IncorrectCredentialsException;
 6 import org.apache.shiro.authc.UnknownAccountException;
 7 import org.apache.shiro.authc.UsernamePasswordToken;
 8 import org.apache.shiro.subject.Subject;
 9 import org.springframework.stereotype.Controller;
10 import org.springframework.web.bind.annotation.RequestMapping;
11 
12 import javax.servlet.http.HttpServletRequest;
13 import javax.servlet.http.HttpServletResponse;
14 
15 /**
16  * 用户登录、登出、错误页面跳转控制器
17  * Created with IntelliJ IDEA.
18  * User: Administrator
19  * Date: 2019/6/8
20  * Time: 15:15
21  * Description: No Description
22  */
23 @Controller
24 public class MainController {
25 
26     @RequestMapping("/index")
27     public String index(HttpServletRequest request, HttpServletResponse response){
28         response.setHeader("root", request.getContextPath());
29         return "index";
30     }
31 
32     @RequestMapping("/login")
33     public String login(HttpServletRequest request, HttpServletResponse response){
34         response.setHeader("root", request.getContextPath());
35         String userName = request.getParameter("username");
36         String password = request.getParameter("password");
37 
38         // 等于null说明用户没有登录,只是拦截所有请求到这里,那就直接让用户去登录页面,就不认证了。
39         // 如果这里不处理,那个会返回用户名不存在,逻辑上不合理,用户还没登录怎么就用户名不存在?
40         if(null == userName) {
41             return "login";
42         }
43 
44         // 1.获取Subject
45         Subject subject = SecurityUtils.getSubject();
46         // 2.封装用户数据
47         UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
48         // 3.执行登录方法
49         try{
50             subject.login(token);
51             return "redirect:/index";
52         } catch (UnknownAccountException e){
53             // 这里是捕获自定义Realm的用户名不存在异常
54             request.setAttribute("msg","用户名不存在!");
55         } catch (IncorrectCredentialsException e){
56             request.setAttribute("userName",userName);
57             request.setAttribute("msg","密码错误!");
58         } catch (AuthenticationException e) {
59             // 这里是捕获自定义Realm的认证失败异常
60             request.setAttribute("msg","认证失败!");
61         }
62 
63         return "login";
64     }
65 
66     @RequestMapping("/logout")
67     public String logout(){
68         Subject subject = SecurityUtils.getSubject();
69         if (subject != null) {
70             subject.logout();
71         }
72 //        return "redirect:/main";
73         return "login";
74     }
75 
76     @RequestMapping("/error/unAuth")
77     public String unAuth(){
78         return "/error/unAuth";
79     }
80 
81     @RequestMapping("/err")
82     public String err(){
83         return "/error/unAuth";
84     }
85 }

springboot与shiro和mybatis和mysql

 1 package com.xiaostudy.shiro_test1.web.controller;
 2 
 3 import com.xiaostudy.shiro_test1.entity.UserEntity;
 4 import org.apache.shiro.SecurityUtils;
 5 import org.apache.shiro.authz.annotation.RequiresPermissions;
 6 import org.springframework.stereotype.Controller;
 7 import org.springframework.web.bind.annotation.RequestMapping;
 8 
 9 import javax.servlet.http.HttpServletRequest;
10 
11 /**
12  * 用户页面跳转
13  * Created with IntelliJ IDEA.
14  * User: Administrator
15  * Date: 2019/6/8
16  * Time: 15:21
17  * Description: No Description
18  */
19 @Controller
20 public class UserController {
21 
22     /**
23      * 个人中心,需认证可访问
24      */
25     @RequestMapping("/user/index")
26     @RequiresPermissions(value = "user")// 这里的user,就是对应权限实体类PermissionEntity的字段url,自定义Realm类UserRealm里是用这个字段
27     public String add(HttpServletRequest request){
28         UserEntity bean = (UserEntity) SecurityUtils.getSubject().getPrincipal();
29         request.setAttribute("userName", bean.getName());
30         return "/user/index";
31     }
32 
33     /**
34      * 会员中心,需认证且角色为vip可访问
35      */
36     @RequestMapping("/vip/index")
37     @RequiresPermissions(value = "vip")
38     public String update(){
39         return "/vip/index";
40     }
41 }

10、下面写spring-mvc.xml

springboot与shiro和mybatis和mysql

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <beans xmlns="http://www.springframework.org/schema/beans"
 3        xmlns:mvc="http://www.springframework.org/schema/mvc"
 4        xmlns:aop="http://www.springframework.org/schema/aop"
 5        xmlns:tx="http://www.springframework.org/schema/tx"
 6        xmlns:context="http://www.springframework.org/schema/context"
 7        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 8        xsi:schemaLocation="http://www.springframework.org/schema/beans
 9                         http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
10                         http://www.springframework.org/schema/mvc
11                         http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
12                         http://www.springframework.org/schema/context
13                         http://www.springframework.org/schema/context/spring-context-3.2.xsd
14                         http://www.springframework.org/schema/aop
15                         http://www.springframework.org/schema/aop/spring-aop-3.2.xsd
16                         http://www.springframework.org/schema/tx
17                         http://www.springframework.org/schema/tx/spring-tx-3.2.xsd">
18 
19     <!-- 把Controller交给spring管理 -->
20     <context:component-scan base-package="com.xiaostudy"/>
21 
22     <!-- 配置注解处理器映射器 功能:寻找执行类Controller -->
23     <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping"/>
24 
25     <!-- 配置注解处理器适配器 功能:调用controller方法,执行controller -->
26     <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter"/>
27 
28     <!-- 配置sprigmvc视图解析器:解析逻辑试图
29          后台返回逻辑试图:index
30         视图解析器解析出真正物理视图:前缀+逻辑试图+后缀====/WEB-INF/index.jsp -->
31     <!--<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
32         <property name="prefix" value="/WEB-INF/"/>
33         <property name="suffix" value=".jsp"/>
34     </bean>-->
35 </beans>

11、下面写web.xml

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
 3          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4          xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
 5          version="4.0">
 6     <display-name>Archetype Created Web Application</display-name>
 7 
 8     <!--请求编码设置-->
 9     <filter>
10         <filter-name>encodingFilter</filter-name>
11         <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
12         <init-param>
13             <param-name>encoding</param-name>
14             <param-value>UTF-8</param-value>
15         </init-param>
16         <init-param>
17             <param-name>forceEncoding</param-name>
18             <param-value>true</param-value>
19         </init-param>
20     </filter>
21     <filter-mapping>
22         <filter-name>encodingFilter</filter-name>
23         <url-pattern>/*</url-pattern>
24     </filter-mapping>
25 
26     <listener>
27         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
28     </listener>
29     <listener>
30         <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
31     </listener>
32     <servlet>
33         <servlet-name>SpringMVC</servlet-name>
34         <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
35         <init-param>
36             <param-name>contextConfigLocation</param-name>
37             <param-value>classpath:spring-mvc.xml</param-value>
38         </init-param>
39         <load-on-startup>1</load-on-startup>
40         <async-supported>true</async-supported>
41     </servlet>
42     <servlet-mapping>
43         <servlet-name>SpringMVC</servlet-name>
44         <url-pattern>/</url-pattern>
45     </servlet-mapping>
46     <welcome-file-list>
47         <welcome-file>/index</welcome-file>
48     </welcome-file-list>
49 </web-app>

12、下面写application.yml

springboot与shiro和mybatis和mysql

 1 spring:
 2     datasource:
 3         url: jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=UTF-8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC
 4         username: root
 5         password: root
 6         driver-class-name: com.mysql.cj.jdbc.Driver
 7         type: com.alibaba.druid.pool.DruidDataSource
 8         # 初始化时建立物理连接连接的个数
 9         initialSize: 5
10         # 最小连接池数量
11         minIdle: 5
12         # 最大连接池数量
13         maxActive: 20
14         # 获取连接时最大等待时间(ms),即60s
15         maxWait: 60000
16         # 1.Destroy线程会检测连接的间隔时间;2.testWhileIdle的判断依据
17         timeBetweenEvictionRunsMillis: 60000
18         # 最小生存时间ms
19         minEvictableIdleTimeMillis: 600000
20         maxEvictableIdleTimeMillis: 900000
21         # 用来检测连接是否有效的sql
22         validationQuery: SELECT 1 FROM DUAL
23         # 申请连接时执行validationQuery检测连接是否有效,启用会降低性能
24         testOnBorrow: false
25         # 归还连接时执行validationQuery检测连接是否有效,启用会降低性能
26         testOnReturn: false
27         # 申请连接的时候检测,如果空闲时间大于timeBetweenEvictionRunsMillis,
28         # 执行validationQuery检测连接是否有效,不会降低性能
29         testWhileIdle: true
30         # 是否缓存preparedStatement,mysql建议关闭
31         poolPreparedStatements: false
32         # 配置监控统计拦截的filters,去掉后监控界面sql无法统计,'wall'用于防火墙
33         filters: stat,wall,log4j
34     thymeleaf:
35         suffix: .html
36         charset: utf-8
37     mvc:
38         # 配置静态资源映射路径,/public、/resources路径失效
39         static-path-pattern: templates/**
40 mybatis:
41     mapper-locations: classpath:mapper/*.xml
42 #    mapperLocations: classpath:mapper/*.xml
43     # 虽然可以配置这项来进行pojo包扫描,但其实我更倾向于在mapper.xml写全类名
44 #    type-aliases-package: com.xiaostudy.shiro_test1.entity

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

13、下面写html

springboot与shiro和mybatis和mysql

 1 <!DOCTYPE html>
 2 <html lang="en" xmlns:th="http://www.thymeleaf.org">
 3 <head>
 4     <meta charset="UTF-8">
 5     <title>登录</title>
 6 </head>
 7 <body>
 8 <h1>用户登录</h1>
 9 <hr>
10 <form id="from" action="/login" method="post">
11     <table>
12         <tr>
13             <td>用户名</td>
14             <td>
15                 <input type="text" name="username" placeholder="请输入账户名" value="" th:value="${userName }"/>
16             </td>
17         </tr>
18         <tr>
19             <td>密码</td>
20             <td>
21                 <input type="password" name="password" placeholder="请输入密码"/>
22             </td>
23         </tr>
24         <tr>
25             <td colspan="2">
26                 <span style="color: red;">[[${msg }]]</span>
27             </td>
28         </tr>
29         <tr>
30             <td colspan="2">
31                 <input type="submit" value="登录"/>
32                 <input type="reset" value="重置"/>
33             </td>
34         </tr>
35     </table>
36 </form>
37 </body>
38 </html>

springboot与shiro和mybatis和mysql

 1 <!DOCTYPE html>
 2 <html lang="en">
 3 
 4 <head>
 5     <title>首页</title>
 6 </head>
 7 <body>
 8 <h1>首页</h1>
 9 <hr>
10 <ul>
11     <li><a href="user/index">个人中心</a></li>
12     <li><a href="vip/index">会员中心</a></li>
13     <li><a href="logout">退出登录</a></li>
14 </ul>
15 </body>
16 </html>

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

 1 <!DOCTYPE html>
 2 <html lang="en" xmlns:th="http://www.thymeleaf.org">
 3 <head>
 4     <title>用户中心</title>
 5 </head>
 6 <body>
 7 <h1>用户中心</h1>
 8 <hr>
 9 <h1>欢迎[[${userName }]],这里是用户中心</h1>
10 </body>
11 </html>

springboot与shiro和mybatis和mysql

 1 <!DOCTYPE html>
 2 <html lang="en" xmlns:th="http://www.thymeleaf.org">
 3 <head>
 4     <title>会员中心</title>
 5 </head>
 6 <body>
 7 <h1>会员中心</h1>
 8 <hr>
 9 <h1>欢迎来到<span style="color: red;">会员中心</span></h1>
10 </body>
11 </html>

springboot与shiro和mybatis和mysql

1 <!DOCTYPE html>
2 <html lang="en">
3 <head>
4     <title>未授权提示</title>
5 </head>
6 <body>
7 <h1>您还不是<span style="color: red;">会员</span> ,没有权限访问这个页面!</h1>
8 </body>
9 </html>

下面讲一下@Mapper与@MapperScan这个注解

@Mapper是放在具体的*Mapper.java类上面的,告诉springboot,这是mapper类

springboot与shiro和mybatis和mysql

而@MapperScan是让springboot去扫描指定包下的mapper类,就不用每个mapper自己添加一个@Mapper注解了,这种方式比较好,因为这里测试只有一个mapper类,就直接用@Mapper了,两个一起用会不会冲突,这里没有测试。

springboot与shiro和mybatis和mysql

整体目录

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

先看一下数据库表

 springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

下面是启动测试

 springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

参考文章:https://blog.csdn.net/qq_34802416/article/details/84959457

thymeleaf
点赞
收藏
评论区
推荐文章
blmius blmius
2年前
MySQL:[Err] 1292 - Incorrect datetime value: ‘0000-00-00 00:00:00‘ for column ‘CREATE_TIME‘ at row 1
文章目录问题用navicat导入数据时,报错:原因这是因为当前的MySQL不支持datetime为0的情况。解决修改sql\mode:sql\mode:SQLMode定义了MySQL应支持的SQL语法、数据校验等,这样可以更容易地在不同的环境中使用MySQL。全局s
Jacquelyn38 Jacquelyn38
2年前
2020年前端实用代码段,为你的工作保驾护航
有空的时候,自己总结了几个代码段,在开发中也经常使用,谢谢。1、使用解构获取json数据let jsonData  id: 1,status: "OK",data: 'a', 'b';let  id, status, data: number   jsonData;console.log(id, status, number )
皕杰报表之UUID
​在我们用皕杰报表工具设计填报报表时,如何在新增行里自动增加id呢?能新增整数排序id吗?目前可以在新增行里自动增加id,但只能用uuid函数增加UUID编码,不能新增整数排序id。uuid函数说明:获取一个UUID,可以在填报表中用来创建数据ID语法:uuid()或uuid(sep)参数说明:sep布尔值,生成的uuid中是否包含分隔符'',缺省为
Stella981 Stella981
2年前
KVM调整cpu和内存
一.修改kvm虚拟机的配置1、virsheditcentos7找到“memory”和“vcpu”标签,将<namecentos7</name<uuid2220a6d1a36a4fbb8523e078b3dfe795</uuid
Easter79 Easter79
2年前
Twitter的分布式自增ID算法snowflake (Java版)
概述分布式系统中,有一些需要使用全局唯一ID的场景,这种时候为了防止ID冲突可以使用36位的UUID,但是UUID有一些缺点,首先他相对比较长,另外UUID一般是无序的。有些时候我们希望能使用一种简单一些的ID,并且希望ID能够按照时间有序生成。而twitter的snowflake解决了这种需求,最初Twitter把存储系统从MySQL迁移
Wesley13 Wesley13
2年前
mysql设置时区
mysql设置时区mysql\_query("SETtime\_zone'8:00'")ordie('时区设置失败,请联系管理员!');中国在东8区所以加8方法二:selectcount(user\_id)asdevice,CONVERT\_TZ(FROM\_UNIXTIME(reg\_time),'08:00','0
Wesley13 Wesley13
2年前
00:Java简单了解
浅谈Java之概述Java是SUN(StanfordUniversityNetwork),斯坦福大学网络公司)1995年推出的一门高级编程语言。Java是一种面向Internet的编程语言。随着Java技术在web方面的不断成熟,已经成为Web应用程序的首选开发语言。Java是简单易学,完全面向对象,安全可靠,与平台无关的编程语言。
Stella981 Stella981
2年前
Django中Admin中的一些参数配置
设置在列表中显示的字段,id为django模型默认的主键list_display('id','name','sex','profession','email','qq','phone','status','create_time')设置在列表可编辑字段list_editable
Wesley13 Wesley13
2年前
MySQL部分从库上面因为大量的临时表tmp_table造成慢查询
背景描述Time:20190124T00:08:14.70572408:00User@Host:@Id:Schema:sentrymetaLast_errno:0Killed:0Query_time:0.315758Lock_
Python进阶者 Python进阶者
2个月前
Excel中这日期老是出来00:00:00,怎么用Pandas把这个去除
大家好,我是皮皮。一、前言前几天在Python白银交流群【上海新年人】问了一个Pandas数据筛选的问题。问题如下:这日期老是出来00:00:00,怎么把这个去除。二、实现过程后来【论草莓如何成为冻干莓】给了一个思路和代码如下:pd.toexcel之前把这
Easter79
Easter79
Lv1
今生可爱与温柔,每一样都不能少。
文章
2.8k
粉丝
5
获赞
1.2k