目录
一、登录拦截
1、在配置类中添加shiro的内置过滤器
概述:
2、设置认证了才能访问
代码:
测试结果(拦截成功):
3、跳转到登录页面
第一步:编写登录页面
第二步:在MyController类添加跳转方法
第三步:在配置类中设置登录页面
第四步:测试结果(点击add自动跳转到登录页面)
二、用户认证
1、执行认证
第一步:在MyController类中进行用户认证
第二步:修改登录页面
第三步:测试结果(提示错误说明执行了认证方法)
2、配置用户信息完成用户认证
第一步:修改AccountRealm类
第二步:测试结果
一、登录拦截
1、在配置类中添加shiro的内置过滤器
概述:
/*
* anon:无需认证就可以访问;
* authc:必须认证了才能访问;
* user:必须拥有记住我功能才能访问(一般不用);
* perms:拥有对某个资源的权限才能访问;
* role:拥有某个角色权限才能访问;
*/
2、设置认证了才能访问
代码:
package com.zibo.config;
import com.sun.org.apache.regexp.internal.RE;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
@Configuration
public class ShiroConfig {
//1、创建Realm对象,需要自定义
@Bean
public AccountRealm accountRealm(){
return new AccountRealm();
}
//2、DefaultWebSecurityManager
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("accountRealm")AccountRealm accountRealm){
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
//关联accountRealm
manager.setRealm(accountRealm);
return manager;
}
//3、ShiroFilterFactoryBean
@Bean(name = "shiroFilterFactoryBean")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager manager){
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//设置安全管理器
bean.setSecurityManager(manager);
//添加shiro内置过滤器
/*
* anon:无需认证就可以访问;
* authc:必须认证了才能访问;
* user:必须拥有记住我功能才能访问(一般不用);
* perms:拥有对某个资源的权限才能访问;
* role:拥有某个角色权限才能访问;
*/
LinkedHashMap<String, String> filterMap = new LinkedHashMap<>();
//设置认证了才能访问
filterMap.put("/account/add","authc");
filterMap.put("/account/update","authc");
bean.setFilterChainDefinitionMap(filterMap);
return bean;
}
}
测试结果(拦截成功):
3、跳转到登录页面
第一步:编写登录页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>登录</h1>
<form action="">
<p>用户名:<label>
<input type="text" name="username"/>
</label></p>
<p>密码:<label>
<input type="text" name="password"/>
</label></p>
<input type="submit" name="登录"/>
</form>
</body>
</html>
第二步:在MyController类添加跳转方法
package com.zibo.controller;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class MyController {
@RequestMapping({"/","/index"})
public String toIndex(Model model){
model.addAttribute("msg","Hello Shiro!");
return "index";
}
@RequestMapping("/account/add")
public String add(){
return "account/add";
}
@RequestMapping("/account/update")
public String update(){
return "account/update";
}
@RequestMapping("/toLogin")
public String toLogin(){
return "login";
}
}
第三步:在配置类中设置登录页面
package com.zibo.config;
import com.sun.org.apache.regexp.internal.RE;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
@Configuration
public class ShiroConfig {
//1、创建Realm对象,需要自定义
@Bean
public AccountRealm accountRealm(){
return new AccountRealm();
}
//2、DefaultWebSecurityManager
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("accountRealm")AccountRealm accountRealm){
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
//关联accountRealm
manager.setRealm(accountRealm);
return manager;
}
//3、ShiroFilterFactoryBean
@Bean(name = "shiroFilterFactoryBean")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager manager){
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//设置安全管理器
bean.setSecurityManager(manager);
//添加shiro内置过滤器
/*
* anon:无需认证就可以访问;
* authc:必须认证了才能访问;
* user:必须拥有记住我功能才能访问(一般不用);
* perms:拥有对某个资源的权限才能访问;
* role:拥有某个角色权限才能访问;
*/
LinkedHashMap<String, String> filterMap = new LinkedHashMap<>();
//设置认证了才能访问
filterMap.put("/account/add","authc");
filterMap.put("/account/update","authc");
bean.setFilterChainDefinitionMap(filterMap);
//设置登录页面
bean.setLoginUrl("/toLogin");
return bean;
}
}
第四步:测试结果(点击add自动跳转到登录页面)
二、用户认证
1、执行认证
第一步:在MyController类中进行用户认证
package com.zibo.controller;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class MyController {
@RequestMapping({"/","/index"})
public String toIndex(Model model){
model.addAttribute("msg","Hello Shiro!");
return "index";
}
@RequestMapping("/account/add")
public String add(){
return "account/add";
}
@RequestMapping("/account/update")
public String update(){
return "account/update";
}
@RequestMapping("/toLogin")
public String toLogin(){
return "login";
}
@RequestMapping("/login")
public String login(String username,String password,Model model){
//获取当前的Subject
Subject subject = SecurityUtils.getSubject();
//封装用户的登录数据
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
//登录
try{
subject.login(token);
return "index";
}catch (UnknownAccountException e){//用户名不存在
model.addAttribute("msg","用户名不存在!");
return "login";
} catch (IncorrectCredentialsException ice) {//密码错误
model.addAttribute("msg","密码错误!");
return "login";
} catch (LockedAccountException lae) {//用户被锁定
model.addAttribute("msg","用户被锁定!");
return "login";
}catch (AuthenticationException ae) {//认证异常:最大的异常,兜底
model.addAttribute("msg","认证异常!");
return "login";
}
}
}
第二步:修改登录页面
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>登录</h1>
<!--p用于提示错误信息-->
<p th:text="${msg}" style="color: red;"></p>
<form th:action="@{/login}">
<p>用户名:<label>
<input type="text" name="username"/>
</label></p>
<p>密码:<label>
<input type="text" name="password"/>
</label></p>
<input type="submit" name="登录"/>
</form>
</body>
</html>
第三步:测试结果(提示错误说明执行了认证方法)
2、配置用户信息完成用户认证
第一步:修改AccountRealm类
package com.zibo.config;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
//自定义的AccountRealm,需要继承AuthorizingRealm
public class AccountRealm extends AuthorizingRealm {
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执行了授权方法doGetAuthorizationInfo!");
return null;
}
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
System.out.println("执行了认证方法doGetAuthenticationInfo!");
//配置账户信息
String username = "zibo";
String password = "123456";
UsernamePasswordToken accountToken = (UsernamePasswordToken)authenticationToken;
//用户认证
if(!accountToken.getUsername().equals(username)){
return null;//抛出异常
}
//密码认证,shiro做
return new SimpleAuthenticationInfo("",password,"");
}
}
第二步:测试结果
