sql:
1 /*
2 SQLyog Ultimate v11.33 (64 bit)
3 MySQL - 5.1.49-community : Database - db_shiro
4 *********************************************************************
5 */
6
7
8 /*!40101 SET NAMES utf8 */;
9
10 /*!40101 SET SQL_MODE=''*/;
11
12 /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
13 /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
14 /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
15 /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
16 CREATE DATABASE /*!32312 IF NOT EXISTS*/`db_shiro` /*!40100 DEFAULT CHARACTER SET utf8 */;
17
18 USE `db_shiro`;
19
20 /*Table structure for table `t_permission` */
21
22 DROP TABLE IF EXISTS `t_permission`;
23
24 CREATE TABLE `t_permission` (
25 `id` int(11) NOT NULL AUTO_INCREMENT,
26 `permissionName` varchar(50) DEFAULT NULL,
27 `roleId` int(11) DEFAULT NULL,
28 PRIMARY KEY (`id`),
29 KEY `roleId` (`roleId`),
30 CONSTRAINT `t_permission_ibfk_1` FOREIGN KEY (`roleId`) REFERENCES `t_role` (`id`)
31 ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
32
33 /*Data for the table `t_permission` */
34
35 insert into `t_permission`(`id`,`permissionName`,`roleId`) values (1,'user:*',1),(2,'student:*',2);
36
37 /*Table structure for table `t_role` */
38
39 DROP TABLE IF EXISTS `t_role`;
40
41 CREATE TABLE `t_role` (
42 `id` int(11) NOT NULL AUTO_INCREMENT,
43 `roleName` varchar(20) DEFAULT NULL,
44 PRIMARY KEY (`id`)
45 ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
46
47 /*Data for the table `t_role` */
48
49 insert into `t_role`(`id`,`roleName`) values (1,'admin'),(2,'teacher');
50
51 /*Table structure for table `t_user` */
52
53 DROP TABLE IF EXISTS `t_user`;
54
55 CREATE TABLE `t_user` (
56 `id` int(11) NOT NULL AUTO_INCREMENT,
57 `userName` varchar(20) DEFAULT NULL,
58 `password` varchar(100) DEFAULT NULL,
59 `roleId` int(11) DEFAULT NULL,
60 PRIMARY KEY (`id`),
61 KEY `roleId` (`roleId`),
62 CONSTRAINT `t_user_ibfk_1` FOREIGN KEY (`roleId`) REFERENCES `t_role` (`id`)
63 ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
64
65 /*Data for the table `t_user` */
66
67 insert into `t_user`(`id`,`userName`,`password`,`roleId`) values (1,'java1234','123456',1),(2,'jack','123',2),(3,'marry','234',NULL),(4,'json','345',NULL);
68
69 /*Table structure for table `users` */
70
71 DROP TABLE IF EXISTS `users`;
72
73 CREATE TABLE `users` (
74 `id` int(11) NOT NULL AUTO_INCREMENT,
75 `userName` varchar(20) DEFAULT NULL,
76 `password` varchar(20) DEFAULT NULL,
77 PRIMARY KEY (`id`)
78 ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
79
80 /*Data for the table `users` */
81
82 insert into `users`(`id`,`userName`,`password`) values (1,'java1234','123456');
83
84 /*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
85 /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
86 /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
87 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
我们要实现的功能是针对不同用户允许其访问不同的资源。
用户表:
角色表:
权限表:
我们发现,用户java1234拥有admin的角色的user:*权限,用户jack拥有teacher的角色的student.*权限。marry和json用户无角色。
实例项目地址:git@github.com:zhaojiatao/shiroweb2.git
我们在spring配置文件中配置匹配规则:
1 <!-- Shiro过滤器 -->
2 <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
3 <!-- Shiro的核心安全接口,这个属性是必须的 -->
4 <property name="securityManager" ref="securityManager"/>
5 <!-- 身份认证失败,则跳转到登录页面的配置 -->
6 <property name="loginUrl" value="/index.jsp"/>
7 <!-- 权限认证失败,则跳转到指定页面 -->
8 <property name="unauthorizedUrl" value="/unauthor.jsp"/>
9 <!-- Shiro连接约束配置,即过滤链的定义 -->
10 <property name="filterChainDefinitions">
11 <value>
12 /login=anon
13 /admin*=authc
14 /student=roles[teacher]
15 /teacher=perms["user:create"]
16 </value>
17 </property>
18 </bean>
如上所示,访问admin路径需要身份认证通过即可。访问/student路径需要拥有teacher的角色。访问/teacher路径需要拥有user:create权限。
我们开启web服务,进入登录页面,登录不同的用户会发现shiro已经实现了权限验证。