3 、shiro与Web集成

于 2017-07-14 16:24:12 发布
阅读量381 收藏
点赞数
分类专栏: 后台Java 文章标签: shiro web
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/fullStackChenZF/article/details/75120495
版权

一、搭建程序架构

       

二、引入依赖

  <dependency>

  <groupId>org.apache.shiro</groupId>

  <artifactId>shiro-core</artifactId>

  <version>1.3.2</version>

</dependency>

<dependency>

  <groupId>org.apache.shiro</groupId>

  <artifactId>shiro-ehcache</artifactId>

  <version>1.3.2</version>

</dependency>

<!--https://mvnrepository.com/artifact/org.apache.shiro/shiro-web -->

<dependency>

    <groupId>org.apache.shiro</groupId>

    <artifactId>shiro-web</artifactId>

    <version>1.3.2</version>

   <exclusions>

          <exclusion>

         <groupId>commons-logging</groupId>

         <artifactId>commons-logging</artifactId>

          </exclusion>

      </exclusions>

</dependency>

<dependency> 

             <groupId>org.slf4j</groupId> 

                <artifactId>slf4j-api</artifactId> 

            <version>1.7.5</version> 

            </dependency>  

           <dependency> 

                <groupId>org.slf4j</groupId> 

            <artifactId>jcl-over-slf4j</artifactId> 

                <version>1.7.5</version> 

                <scope>runtime</scope> 

        </dependency>  

           <dependency> 

            <groupId>ch.qos.logback</groupId> 

            <artifactId>logback-classic</artifactId> 

                <version>1.0.13</version> 

                <scope>runtime</scope> 

        </dependency>  

 

三、配置shiro.ini

[main]   

authc.loginUrl=/login   

[users] 

#提供了对用户/密码及其角色的配置,用户名=密码,角色1,角色2   

huwenhua=199316 

admin=123   

[urls] 

#用于web,提供了对web url拦截相关的配置,url=拦截器[参数],拦截器  

/admin/**=authc 

/login=anon 

四、在web.xml配置shiro

 <listener>

                   <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>

         </listener>

 <!--
    shiro默认的配置文件名字为shiro.ini,java se工程默认的配置src下,java web默认地点/WEB-INF/classes
    , 以下配置可以改变shiro的配置文件的名字和位置
    <context-param> 
        <param-name>shiroConfigLocations</param-name> 
        <param-value>classpath:shiro/shiro2.ini</param-value> 
    </context-param>  
   -->

         <filter>

                   <filter-name>ShiroFilter</filter-name>

                   <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>

         </filter>

         <filter-mapping>

                   <filter-name>ShiroFilter</filter-name>

                   <url-pattern>/*</url-pattern>

                   <dispatcher>REQUEST</dispatcher>

                   <dispatcher>FORWARD</dispatcher>

                   <dispatcher>INCLUDE</dispatcher>

                   <dispatcher>ERROR</dispatcher>

         </filter-mapping>

五、编写servlet并在web.xml中配置

 package cn.com.bochy.sevlet;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.IncorrectCredentialsException;

import org.apache.shiro.authc.UnknownAccountException;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.subject.Subject;

public class LoginServlet extends HttpServlet {

    private static final long serialVersionUID = 1L;

    public void doGet(HttpServletRequest request, HttpServletResponseresponse)

           throws ServletException, IOException {

        request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);    

    }

    public void doPost(HttpServletRequest request, HttpServletResponseresponse)

           throws ServletException, IOException {

        String username =request.getParameter("username"); 

            String password =request.getParameter("password"); 

              System.out.println(username+"  "+password);

            /**得到Subject及创建用户名/密码身份验证Token(即用户身份/凭证)  */ 

            Subject subject =SecurityUtils.getSubject(); 

           UsernamePasswordToken token = newUsernamePasswordToken(username,password); 

            String msg = null

            try

                //登录,即身份验证   

               subject.login(token); 

            } catch(UnknownAccountException e) { 

                msg = "用户名不存在!"

            }catch(IncorrectCredentialsException e) { 

                msg = "密码不正确!"

            }catch(AuthenticationException e) { 

                msg = "其他异常:"+e.getMessage(); 

            } 

              System.out.println("msg="+msg);

            if(msg!=null){ 

               request.setAttribute("msg", msg); 

               request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); 

            }else

                 request.getRequestDispatcher("/WEB-INF/jsp/main.jsp").forward(request, response);

               // response.sendRedirect("/WEB-INF/jsp/main.jsp"); 

            }            

        } 

}

在web.xml中配置

<servlet>

       <servlet-name>LoginServlet</servlet-name>

       <servlet-class>cn.com.bochy.sevlet.LoginServlet</servlet-class>

    </servlet>

    <servlet-mapping>

       <servlet-name>LoginServlet</servlet-name>

       <url-pattern>/login</url-pattern>

    </servlet-mapping>

六、测试

   当浏览器地址栏输入 http://localhost:8888/shiro/admin/xxxxx时, 它访问servlet的get方法,自动跳转到login页面

随便输入一个用户名,页面会显示用户不存在。

输入正确的用户名,密码乱输,页面会显示密码不正确

输入正确的用户名密码,admin/123,登录成功。

见shiro.ini文件

  

 


评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值