Shiro+spring01

mapper层

package com.java1234.dao;

 

import java.util.Set;

 

import com.java1234.entity.User;

 

public interface UserDao {

 

/**

* 通过用户名查询用户

* @param userName

* @return

*/

public User getByUserName(String userName);

 

/**

* 通过用户名查询角色信息

* @param userName

* @return

*/

public Set<String> getRoles(String userName);

 

/**

* 通过用户名查询权限信息

* @param userName

* @return

*/

public Set<String> getPermissions(String userName);

}-----------------------------------------------------------------------------------------------------------
 UserMapper.xml

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE mapper

PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"

"http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<mapper namespace="com.java1234.dao.UserDao">

 

<resultMap type="User" id="UserResult">

<result property="id" column="id"/>

<result property="userName" column="userName"/>

<result property="password" column="password"/>

</resultMap>

 

<select id="getByUserName" parameterType="String" resultMap="UserResult">

select * from t_user where userName=#{userName}

</select>

 

<select id="getRoles" parameterType="String" resultType="String">

select r.roleName from t_user u,t_role r where u.roleId=r.id and u.userName=#{userName}

</select>

 

<select id="getPermissions" parameterType="String" resultType="String">

select p.permissionName from t_user u,t_role r,t_permission p where u.roleId=r.id and p.roleId=r.id and u.userName=#{userName}

</select>

 

</mapper> 

--------------------------------------------------------------------------------------------------------------------------------------------------

package com.java1234.service;

 

import java.util.Set;

 

import com.java1234.entity.User;

 

public interface UserService {

 

/**

* 通过用户名查询用户

* @param userName

* @return

*/

public User getByUserName(String userName);

 

/**

* 通过用户名查询角色信息

* @param userName

* @return

*/

public Set<String> getRoles(String userName);

 

/**

* 通过用户名查询权限信息

* @param userName

* @return

*/

public Set<String> getPermissions(String userName);

}

------------------------------------------------------------------------------------------------------------------------
UserServiceImpl------

 

@Service("userService")

public class UserServiceImpl implements UserService{

 

@Resource

private UserDao userDao;

 

public User getByUserName(String userName) {

return userDao.getByUserName(userName);

}

 

public Set<String> getRoles(String userName) {

return userDao.getRoles(userName);

}

 

public Set<String> getPermissions(String userName) {

return userDao.getPermissions(userName);

}

 

}------------------------------------------------------------------------------------------------------------------

/**

 * 用户Controller层

 * @author Administrator

 *

 */

@Controller

@RequestMapping("/user")

public class UserController {

 

/**

* 用户登录

* @param user

* @param request

* @return

*/

@RequestMapping("/login")

public String login(User user,HttpServletRequest request){

Subject subject=SecurityUtils.getSubject();

UsernamePasswordToken token=new UsernamePasswordToken(user.getUserName(), user.getPassword());

try{

//验证是否登录

subject.login(token);

Session session=subject.getSession();

System.out.println("sessionId:"+session.getId());

System.out.println("sessionHost:"+session.getHost());

System.out.println("sessionTimeout:"+session.getTimeout());

session.setAttribute("info", "session的数据");

return "redirect:/success.jsp";

}catch(Exception e){

e.printStackTrace();

request.setAttribute("user", user);

request.setAttribute("errorMsg", "用户名或密码错误！");

return "index";

}

}

 

 

}

----------------------------------------------------------------------------------------------------------------------------------------------

 

MyRealm

 

public class MyRealm extends AuthorizingRealm{

 

@Resource

private UserService userService;

 

/**

 * 为当限前登录的用户授予角色和权

 */

@Override

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

String userName=(String)principals.getPrimaryPrincipal();

SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();

authorizationInfo.setRoles(userService.getRoles(userName));

authorizationInfo.setStringPermissions(userService.getPermissions(userName));

return authorizationInfo;

}

 

/**

 * 验证当前登录的用户

 */

@Override

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

String userName=(String)token.getPrincipal();

User user=userService.getByUserName(userName);

if(user!=null){

AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"xx");

return authcInfo;

}else{

return null;

}

}

 

}