参考shiro官方文档进行学习
1.环境搭建
采用eclipse + maven + jetty插件的方式
使用版本1.2.4
pom文件内容
1 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 2 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 3 <modelVersion>4.0.0</modelVersion> 4 <groupId>com.kite</groupId> 5 <artifactId>shiro</artifactId> 6 <packaging>war</packaging> 7 <version>0.0.1-SNAPSHOT</version> 8 <name>shiro Maven Webapp</name> 9 <url>http://maven.apache.org</url> 10 <properties> 11 <shiro.version>1.2.4</shiro.version> 12 </properties> 13 <dependencies> 14 <dependency> 15 <groupId>junit</groupId> 16 <artifactId>junit</artifactId> 17 <version>4.10</version> 18 <scope>test</scope> 19 </dependency> 20 <dependency> 21 <groupId>org.apache.shiro</groupId> 22 <artifactId>shiro-core</artifactId> 23 <version>${shiro.version}</version> 24 </dependency> 25 <dependency> 26 <groupId>org.apache.shiro</groupId> 27 <artifactId>shiro-web</artifactId> 28 <version>${shiro.version}</version> 29 </dependency> 30 <dependency> 31 <groupId>org.apache.shiro</groupId> 32 <artifactId>shiro-ehcache</artifactId> 33 <version>${shiro.version}</version> 34 </dependency> 35 <dependency> 36 <groupId>javax.servlet</groupId> 37 <artifactId>javax.servlet-api</artifactId> 38 <version>3.0.1</version> 39 </dependency> 40 </dependencies> 41 <build> 42 <finalName>shiro</finalName> 43 <plugins> 44 <!-- jetty插件 --> 45 <plugin> 46 <groupId>org.mortbay.jetty</groupId> 47 <artifactId>maven-jetty-plugin</artifactId> 48 <version>6.1.5</version> 49 <configuration> 50 <webAppSourceDirectory>src/main/webapp</webAppSourceDirectory> 51 <scanIntervalSeconds>3</scanIntervalSeconds> 52 <contextPath>/</contextPath> 53 <connectors> 54 <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector"> 55 <port>80</port> 56 </connector> 57 </connectors> 58 </configuration> 59 </plugin> 60 </plugins> 61 </build> 62 </project>
web.xml配置
1 <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 2 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 3 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" 4 version="2.4"> 5 <display-name>Archetype Created Web Application</display-name> 6 <listener> 7 <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> 8 </listener> 9 10 <filter> 11 <filter-name>ShiroFilter</filter-name> 12 <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> 13 </filter> 14 15 <filter-mapping> 16 <filter-name>ShiroFilter</filter-name> 17 <url-pattern>/*</url-pattern> 18 <dispatcher>REQUEST</dispatcher> 19 <dispatcher>FORWARD</dispatcher> 20 <dispatcher>INCLUDE</dispatcher> 21 <dispatcher>ERROR</dispatcher> 22 </filter-mapping> 23 <servlet> 24 <servlet-name>LoginServlet</servlet-name> 25 <servlet-class>com.kite.servlet.LoginServlet</servlet-class> 26 </servlet> 27 <servlet-mapping> 28 <servlet-name>LoginServlet</servlet-name> 29 <url-pattern>/login</url-pattern> 30 </servlet-mapping> 31 </web-app>
shiro.ini配置后期会采用数据库的方式,只需要简单了解即可,users表示当前可用登录用户,urls表示连接, authc表示需要登录hour才能使用,anon表示无需登录就可以使用
1 [main] 2 3 [users] 4 kite=aaa123456 5 tom=kite 6 [urls] 7 /index.jsp=authc 8 /login.jsp=anon 9 /login=anon 10 /index=authc
login.jsp页面 用来登录
<!DOCTYPE html> <body> <h2>Hello World!</h2> <form action="login"> username:<input type="text" name="username" /><br/> password:<input type="text" name="password" /><br/> <input type="submit"/> </form> </body> </html>
loginServlet
1 package com.kite.servlet; 2 3 import java.io.IOException; 4 5 import javax.servlet.ServletException; 6 import javax.servlet.http.HttpServlet; 7 import javax.servlet.http.HttpServletRequest; 8 import javax.servlet.http.HttpServletResponse; 9 10 import org.apache.shiro.SecurityUtils; 11 import org.apache.shiro.authc.AuthenticationException; 12 import org.apache.shiro.authc.ExcessiveAttemptsException; 13 import org.apache.shiro.authc.IncorrectCredentialsException; 14 import org.apache.shiro.authc.LockedAccountException; 15 import org.apache.shiro.authc.UnknownAccountException; 16 import org.apache.shiro.authc.UsernamePasswordToken; 17 import org.apache.shiro.subject.Subject; 18 19 /** 20 * Servlet implementation class LoginServlet 21 */ 22 public class LoginServlet extends HttpServlet { 23 private static final long serialVersionUID = 1L; 24 25 /** 26 * @see HttpServlet#HttpServlet() 27 */ 28 public LoginServlet() { 29 super(); 30 // TODO Auto-generated constructor stub 31 } 32 33 /** 34 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse 35 * response) 36 */ 37 protected void doGet(HttpServletRequest request, 38 HttpServletResponse response) throws ServletException, IOException { 39 this.doPost(request, response); 40 } 41 42 /** 43 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse 44 * response) 45 */ 46 protected void doPost(HttpServletRequest request, 47 HttpServletResponse response) throws ServletException, IOException { 48 String username = request.getParameter("username"); 49 String password = request.getParameter("password"); 50 UsernamePasswordToken token = new UsernamePasswordToken(username, 51 password); 52 Subject subject = SecurityUtils.getSubject(); 53 String emsg = null; 54 try { 55 subject.login(token); 56 } catch (UnknownAccountException uae) { 57 emsg = "账号不存在"; 58 } catch (IncorrectCredentialsException ice) { 59 emsg = "密码错误"; 60 } catch (LockedAccountException lae) { 61 emsg = "账号已锁定"; 62 } catch (ExcessiveAttemptsException eae) { 63 emsg = "重试次数超限"; 64 } catch (AuthenticationException ae) { 65 emsg = "其他错误:" + ae.getMessage(); 66 } 67 System.out.println(emsg); 68 if(emsg == null) { 69 request.getRequestDispatcher("index.jsp").forward(request, response); 70 } else { 71 response.sendRedirect(request.getContextPath() + "/login.jsp"); 72 } 73 } 74 75 }
index.jsp页面
1 <html> 2 <body> 3 <h2>Hello World!</h2> 4 </body> 5 </html>
同过一个简单的helloWord案例来进入shiro