1.配置依赖:pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>cn.zzu.wcj</groupId>
<artifactId>ZZUPrj</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>ZZUPrj Maven Webapp</name>
<url>http://maven.apache.org</url>
<!-- 统一管理Jar包版本 -->
<properties>
<junit.version>4.12</junit.version>
<j2ee.version>7.0</j2ee.version>
<jstl.version>1.1.2</jstl.version>
<spring.version>4.2.6.RELEASE</spring.version>
<mybatis.version>3.3.0</mybatis.version>
<mybatis-spring.version>1.2.3</mybatis-spring.version>
<oracle.version>11.2.0.1.0</oracle.version>
<dbcp.version>1.4</dbcp.version>
<slf4j.version>1.7.16</slf4j.version>
<log4j.version>1.2.17</log4j.version>
<commons-logging.version>1.2</commons-logging.version>
<shiro-version>1.3.2</shiro-version>
</properties>
<dependencies>
<!-- 配置JUnit -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
</dependency>
<!-- 配置JavaEE -->
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>${j2ee.version}</version>
</dependency>
<!-- 配置JSTL -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>${jstl.version}</version>
</dependency>
<!-- 配置Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- 配置MyBatis -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!-- 配置Spring-MyBatis -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>${mybatis-spring.version}</version>
</dependency>
<!-- 配置Oracle -->
<dependency>
<groupId>com.oracle</groupId>
<artifactId>ojdbc6</artifactId>
<version>${oracle.version}</version>
</dependency>
<!-- 配置DBCP数据源 -->
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
<version>${dbcp.version}</version>
</dependency>
<!-- 配置日志管理 -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons-logging.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${slf4j.version}</version>
</dependency>
<!-- 配置Shiro支持 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro-version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro-version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro-version}</version>
</dependency>
</dependencies>
<build>
<finalName>ZZUPrj</finalName>
</build>
</project>
2.数据库基本配置:db.properties
jdbc.driverClassName=oracle.jdbc.driver.OracleDriver
jdbc.url=jdbc:oracle:thin:@127.0.0.1:1521:mydb
jdbc.username=scott
jdbc.password=tiger
3.编写自定义Realm
package cn.zzu.wcj.shiro.realm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import cn.zzu.wcj.entity.User;
import cn.zzu.wcj.service.IPermissionService;
import cn.zzu.wcj.service.IRoleService;
import cn.zzu.wcj.service.IUserService;
public class ShiroDbRealm extends AuthorizingRealm {
@Autowired
private IRoleService roleService ;
@Autowired
private IPermissionService permissionService ;
@Autowired
private IUserService userService ;
/**
* 验证权限时使用
*/
@Override
public AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals) {
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
String userName=(String)principals.getPrimaryPrincipal() ; //得到用户名
try{
info.addRoles(roleService.findByUserName(userName)); //根据用户名查找全部角色名称
info.addStringPermissions(permissionService.findByUserName(userName));//根据用户名查找全部权限
}catch(Exception e){
e.printStackTrace();
}
return info;
}
/**
* 用户登陆时使用
*/
@Override
public AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken token) throws AuthenticationException {
String userName=(String)token.getPrincipal(); //获取用户名
AuthenticationInfo info=null ;
User user =null;
try{
user=this.userService.findByUserName(userName) ; //根据用户名查找到用户
}catch(Exception e){
e.printStackTrace();
}
if(user !=null){
info=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"MyShiroDBRealm");
}
return info;
}
}
4.配置applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.2.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.2.xsd">
<!-- 配置自动扫描 -->
<context:component-scan base-package="cn.zzu.wcj">
<context:exclude-filter type="annotation"
expression="org.springframework.stereotype.Controller"/>
<context:exclude-filter type="annotation"
expression="org.springframework.web.bind.annotation.ControllerAdvice"/>
</context:component-scan>
<!-- 配置DBCP数据源 -->
<context:property-placeholder location="classpath:db.properties"/>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<!-- 数据库连接基本属性 -->
<property name="driverClassName" value="${jdbc.driverClassName}"></property>
<property name="url" value="${jdbc.url}"></property>
<property name="username" value="${jdbc.username}"></property>
<property name="password" value="${jdbc.password}"></property>
<!-- 配置連接池 -->
<property name="initialSize" value="6"></property>
<property name="maxIdle" value="8"></property>
<property name="maxActive" value="28"></property>
<property name="minIdle" value="28"></property>
<property name="maxWait" value="60000"></property>
</bean>
<!-- Spring整合MyBtis,不需要MyBatis配置文件 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource"></property>
<!-- 自动扫描*Mapper.xml文件 -->
<property name="mapperLocations" value="classpath:cn/zzu/wcj/mapper/*Mapper.xml"></property>
<!-- 配置Entity前缀 -->
<property name="typeAliasesPackage" value="cn.zzu.wcj.entity"></property>
</bean>
<!-- DAO接口所在包,Spring会自动扫描其下的DAOImpl类-->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="cn.zzu.wcj.dao"></property>
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
</bean>
<!-- 配置注解事务 -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"></property>
</bean>
<tx:annotation-driven transaction-manager="transactionManager"/>
<!-- 配置Shiro -->
<!-- 1.配置Realm -->
<bean id="shiroDbRealm" class="cn.zzu.wcj.shiro.realm.ShiroDbRealm"></bean>
<!-- 2.配置安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="shiroDbRealm"></property>
</bean>
<!-- 3.配置Shiro过滤器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 配置shiro安全接口 -->
<property name="securityManager" ref="securityManager"></property>
<!-- 配置身份认证失败时跳转的页面 -->
<property name="loginUrl" value="/login.jsp"></property>
<!-- 配置权限认证失败时跳转的页面 -->
<property name="unauthorizedUrl" value="/WEB-INF/views/denied.jsp"></property>
<!-- 配置shiro过滤约束配置,即过滤链的定义 -->
<property name="filterChainDefinitions">
<value>
/UserServlet/**=roles[SuperAdmin]
</value>
</property>
</bean>
<!-- 4.配置Shiro内部lifecycle函数的bean执行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor">
</bean>
<!-- 5.配置Shiro注解 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
</beans>
5.配置SpringMVC:spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.2.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.2.xsd">
<!-- 配置自动扫描处理器 -->
<context:component-scan base-package="cn.zzu.wcj" use-default-filters="false">
<context:include-filter type="annotation"
expression="org.springframework.stereotype.Controller"/>
<context:include-filter type="annotation"
expression="org.springframework.web.bind.annotation.ControllerAdvice"/>
</context:component-scan>
<!-- 配置视图解析器 -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<!-- SpringMVC必备 -->
<mvc:default-servlet-handler/>
<mvc:annotation-driven></mvc:annotation-driven>
<mvc:interceptors>
<!-- 配置Token拦截器,防止用户重复提交数据 -->
<mvc:interceptor>
<!--拦截所有得URL-->
<mvc:mapping path="/**"/>
<!--拦截器路径-->
<bean class="cn.zzu.wcj.interceptor.TokenInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
6.简单展示一下我登录时编写的表现层代码
package cn.zzu.wcj.handler;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import cn.zzu.wcj.entity.User;
import cn.zzu.wcj.service.IUserService;
import cn.zzu.wcj.util.EncryptUtils;
@RequestMapping("/UserHandler")
@Controller
public class UserHandler {
@Autowired
private EncryptUtils encryptUtils ;
@Autowired
private IUserService userService ;
@RequestMapping("/login")
public String login(User user,HttpServletRequest httpReq){
String page="success" ; //默认页面
String userName=user.getUserName() ; //获取用户名
String password=user.getPassword() ; //获取密码
password=this.encryptUtils.encMD5(userName+"@{"+password+"}", "shiro") ; //密码加密处理
user.setPassword(password); //将用户密码修改为加密后的密码
Subject currentUser=SecurityUtils.getSubject() ; //CurrentUser
UsernamePasswordToken token=null ;
token=new UsernamePasswordToken(userName, password) ; //创建令牌
try{
currentUser.login(token); //登陆验证
this.userService.doLoginCheck(user) ; //重新设置设置登陆时间
}catch(Exception e){
httpReq.setAttribute("errMsg", "用户名或密码错误,请重新登陆!"); //设置错误信息
page="redirect:/login.jsp" ;
}
return page ;
}
}
总结:在配置DBCP数据源的高级属性时千万别分散配置在db.properties,Eclipse每次都识别不了,我恼火死 了,不然会吃亏,好啦,框架都搭建完了,下面可以尽情的写后台代码了