zoukankan      html  css  js  c++  java
  • Java-Shiro(三):Shiro与Spring MVC集成

    新建Java Daynamic Web项目

    导入Spring、SpringMVC依赖包:

    导入Spring & Spring MVC包(导入如下所有开发包):

    Spring AOP依赖扩展包:

    配置Spring : 

    1)修改web.xml导入“#contextLoaderListener”

    配置如下:

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://java.sun.com/xml/ns/javaee"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        id="WebApp_ID" version="2.5">
        <display-name>shiro-web-01</display-name>
        <!-- 配置Spring的 ContextLoaderListener -->
        <!-- needed for ContextLoaderListener -->
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:applicationContext.xml</param-value>
        </context-param>
    
        <!-- Bootstraps the root web application context before servlet initialization -->
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
    </web-app>
    View Code

    2)在src下添加Spring Bean配置文件applicationContext.xml

    配置Spring MVC

    1)在web.xm中导入“#dispatcherservlet”

    配置后web.xml文件内容为:

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://java.sun.com/xml/ns/javaee"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        id="WebApp_ID" version="2.5">
        <display-name>shiro-web-01</display-name>
        <!-- 配置Spring的 ContextLoaderListener -->
        <!-- needed for ContextLoaderListener -->
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:applicationContext.xml</param-value>
        </context-param>
    
        <!-- Bootstraps the root web application context before servlet initialization -->
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        
        <!-- 配置Spring MVC -->
        <!-- The front controller of this Spring Web application, responsible for handling all application requests -->
        <servlet>
            <servlet-name>spring</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <!-- 
            <init-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>location</param-value>
            </init-param>
             -->
            <load-on-startup>1</load-on-startup>
        </servlet>
    
        <!-- Map all requests to the DispatcherServlet for handling -->
        <servlet-mapping>
            <servlet-name>spring</servlet-name>
            <url-pattern>/</url-pattern>
        </servlet-mapping>
    </web-app>
    View Code

    2)在WEB-INF下新建Spring MVC配置文件spring-servlet.xml,并添加spring mvc配置

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
        xmlns:mvc="http://www.springframework.org/schema/mvc"
        xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
    
        <context:component-scan base-package="com.dx.shiro"></context:component-scan>
    
        <bean
            class="org.springframework.web.servlet.view.InternalResourceViewResolver">
            <property name="prefix" value="/"></property>
            <property name="suffix" value=".jsp"></property>
        </bean>
    
        <mvc:annotation-driven></mvc:annotation-driven>
        <mvc:default-servlet-handler />
    </beans>
    View Code

    配置Shiro环境

    1)导入shiro jar包

    导入Shiro开发包:

    或者通过pom.xml配置:

            <dependency>
                <groupId>org.apache.shiro</groupId>
                <artifactId>shiro-all</artifactId>
                <version>1.3.2</version>
            </dependency>
            <dependency>
                <groupId>org.slf4j</groupId>
                <artifactId>slf4j-log4j12</artifactId>
                <version>1.7.13</version>
            </dependency>

    2)配置web.xml,导入shiroFilter

    可以参考

    配置后web.xml内容为:

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://java.sun.com/xml/ns/javaee"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        id="WebApp_ID" version="2.5">
        <display-name>shiro-web-01</display-name>
        <!-- 配置Spring的 ContextLoaderListener -->
        <!-- needed for ContextLoaderListener -->
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:applicationContext.xml</param-value>
        </context-param>
    
        <!-- Bootstraps the root web application context before servlet initialization -->
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
    
        <!-- 配置Spring MVC -->
        <!-- The front controller of this Spring Web application, responsible for 
            handling all application requests -->
        <servlet>
            <servlet-name>spring</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <!-- <init-param> <param-name>contextConfigLocation</param-name> <param-value>location</param-value> 
                </init-param> -->
            <load-on-startup>1</load-on-startup>
        </servlet>
    
        <!-- Map all requests to the DispatcherServlet for handling -->
        <servlet-mapping>
            <servlet-name>spring</servlet-name>
            <url-pattern>/</url-pattern>
        </servlet-mapping>
    
        <!-- Shiro配置 -->
        <!-- ================================================================== 
            Filters ================================================================== -->
        <!-- Shiro Filter is defined in the spring application context: -->
        <filter>
            <filter-name>shiroFilter</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
            <init-param>
                <param-name>targetFilterLifecycle</param-name>
                <param-value>true</param-value>
            </init-param>
        </filter>
    
        <filter-mapping>
            <filter-name>shiroFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    
    </web-app>
    View Code

    3)配置Spring的配置文件中来配置Shiro,即在Src下来的applicationContext.xml中配置shiro

    配置后的applicationContext.xml内容如下:

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
        <!-- 1.配置SecurityManager -->
        <!-- Shiro's main business-tier object for web-enabled applications (use 
            DefaultSecurityManager instead when there is no web environment) -->
        <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
            <property name="cacheManager" ref="cacheManager" />
            <!-- Single realm app. If you have multiple realms, use the 'realms' property 
                instead. -->
            <property name="sessionMode" value="native" />
            <property name="realm" ref="jdbcRealm" />
        </bean>
    
        <!-- 2.配置CacheManager 2.1.配置ehcache的jar包及ehcache的配置文件 -->
        <!-- Let's use some enterprise caching support for better performance. You 
            can replace this with any enterprise caching framework implementation that 
            you like (Terracotta+Ehcache, Coherence, GigaSpaces, etc -->
        <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
            <!-- <property name="cacheManager" ref="ehCacheManager"/> -->
            <property name="cacheManagerConfigFile" value="classpath:ehcache.xml" />
        </bean>
    
        <!-- Used by the SecurityManager to access security data (users, roles, 
            etc). Many other realm implementations can be used too (PropertiesRealm, 
            LdapRealm, etc. -->
        <!-- 3.配置Realm -->
        <bean id="jdbcRealm" class="com.dx.shiro.realms.MyRealm">
        </bean>
    
        <!-- Post processor that automatically invokes init() and destroy() methods 
            for Spring-configured Shiro objects so you don't have to 1) specify an init-method 
            and destroy-method attributes for every bean definition and 2) even know 
            which Shiro objects require these methods to be called. -->
        <!-- 4.配置org.apache.shiro.spring.LifecycleBeanPostProcessor,可以自动的来调用配置在Spring 
            IOC容器中的 shiro bean的生命周期方法。 -->
        <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
    
        <!-- 5.启用IOC容器中使用shiro的注解,但必须在配置了DefaultAdvisorAutoProxyCreator之后才可以使用 -->
        <!-- Enable Shiro Annotations for Spring-configured beans. Only run after 
            the lifecycleBeanProcessor has run: -->
        <bean
            class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
            depends-on="lifecycleBeanPostProcessor" />
        <bean
            class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
            <property name="securityManager" ref="securityManager" />
        </bean>
    
    
        <!-- Define the Shiro Filter here (as a FactoryBean) instead of directly 
            in web.xml - web.xml uses the DelegatingFilterProxy to access this bean. 
            This allows us to wire things with more control as well utilize nice Spring 
            things such as PropertiesPlaceholderConfigurer and abstract beans or anything 
            else we might need: -->
        <!-- 
            6.配置shiroFilter 
            6.1. bean的id必须和web.xml中配置的DelegatingFilterProxy的<filter-name>一致 
            6.2. anon/authc是过滤器,anon允许匿名访问,authc需要认证才可以访问的页面。 
            -->
        <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
            <property name="securityManager" ref="securityManager" />
            <property name="loginUrl" value="/login.jsp" />
            <property name="successUrl" value="/list.jsp" />
            <property name="unauthorizedUrl" value="/unauthorized.jsp" />
            <!-- The 'filters' property is not necessary since any declared javax.servlet.Filter 
                bean defined will be automatically acquired and available via its beanName 
                in chain definitions, but you can perform overrides or parent/child consolidated 
                configuration here if you like: -->
            <!-- <property name="filters"> <util:map> <entry key="aName" value-ref="someFilterPojo"/> 
                </util:map> </property> -->
            <property name="filterChainDefinitions">
                <value>
                    /login.jsp = anon
    
                    # everything else requires authentication:
                    /** = authc
                </value>
            </property>
        </bean>
    </beans>

    3.1)配置ehcache的jar包及ehcache的配置文件

    ehcache.xml从hibernate中找:

    将其拷贝到src下

    ehcache.jar也可以从hibernate开发包中找到:

    将其拷贝到WEB-INF/lib下,导入到项目中。

    3.2)添加shiro realm

    新建包com.dx.shiro.realms,在包下新建一个MyRealm.java

    package com.dx.shiro.realms;
    
    import org.apache.shiro.authc.AuthenticationException;
    import org.apache.shiro.authc.AuthenticationInfo;
    import org.apache.shiro.authc.AuthenticationToken;
    import org.apache.shiro.realm.Realm;
    
    public class MyRealm implements Realm {
    
        public AuthenticationInfo getAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
            // TODO Auto-generated method stub
            return null;
        }
    
        public String getName() {
            // TODO Auto-generated method stub
            return null;
        }
    
        public boolean supports(AuthenticationToken arg0) {
            // TODO Auto-generated method stub
            return false;
        }
    
    }
    View Code

    这里采用咱不实现具体的接口的方式。

    3.3)在webcontent下添加页面

    添加页面login.jsp,list.jsp,unauthorized.jsp

    测试

    此时访问网址:

    其他任何页面都不允许访问。

  • 相关阅读:
    利用qt打开一张图片并转成灰度矩阵
    适配手机端浏览器
    ps常用快捷键(供自己学习查看)
    用选框工具画圆角矩形
    ps制作有背景图片的字体
    所有iOS 设备的屏幕尺寸
    九宫格有规律高亮滚动效果
    移动端点击事件全攻略
    移动端ios升级到11及以上时,手机弹框输入光标出现错位问题
    linux下截取整个网页
  • 原文地址:https://www.cnblogs.com/yy3b2007com/p/9182740.html
Copyright © 2011-2022 走看看