泰坦尼克號預測生存可能性
阿新 • • 發佈:2020-08-15
1.匯入jar包
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.0</version> </dependency>
2.編寫配置類
package org.huqi.config; import java.util.LinkedHashMap; import java.util.Map;import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.aop.framework.adapter.DefaultAdvisorAdapterRegistry;import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; //標記當前類是spring的配置檔案 @Configuration public class ShiroConfig { /** * 配置一個SecurityManager 安全管理器 **/ @Bean public SecurityManager securityManager(Realm myRealm) { DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); defaultWebSecurityManager.setRealm(myRealm); return defaultWebSecurityManager; } //配置一個自定義的Realm的bean,最終將使用這個bean返回的物件來完全我們的認證和授權 @Bean public MyRealm myRealm() { return new MyRealm(); } //配置一個Shiro的過濾器bean,這個bean將配置shiro相關的一個規則的攔截 //例如什麼樣的請求可以訪問什麼樣的請求不可以範文 @Bean public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean= new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); shiroFilterFactoryBean.setLoginUrl("/login.html");//配置使用者登入請求,如果需要登入就轉入到這個登入頁面 shiroFilterFactoryBean.setSuccessUrl("/success.html");//配置登入成功後跳轉的地址 shiroFilterFactoryBean.setUnauthorizedUrl("/unamthorized.html");//配置無訪問許可權跳轉的地址 Map<String, String> map=new LinkedHashMap<String, String>(); map.put("/login","anon");//anon配置登入求情不需要驗證 map.put("/logout", "logout");//配置登出請求 map.put("/admin/**", "authc");//authc 需要登入驗證 map.put("/user/**", "authc");//authc 需要登入驗證 map.put("/**","authc");//配置剩餘所有的請求都要進行驗證(注意:一定要放到最後),可選的配置 shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } /** * * 開啟shiro的註解支援 * */ @Bean public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() { DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator=new DefaultAdvisorAutoProxyCreator(); defaultAdvisorAutoProxyCreator.setProxyTargetClass(true); return defaultAdvisorAutoProxyCreator; } /** * 開啟aop的支援 * */ @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){ AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor=new AuthorizationAttributeSourceAdvisor(); authorizationAttributeSourceAdvisor.setSecurityManager(securityManager); return authorizationAttributeSourceAdvisor; } }
3.編寫認證授權類
package org.huqi.config; import java.util.HashSet; import java.util.Set; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthenticatingRealm; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.realm.Realm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.web.filter.authz.AuthorizationFilter; import org.apache.tomcat.util.http.parser.Authorization; /** * 標記當前是一個認證和授權的類 * * */ public class MyRealm extends AuthorizingRealm{ /** * 使用者認證的方法 * @param authenticationToken 使用者身份,這裡存放著使用者的賬號和密碼 * @param 使用者登入成功後的身份證明 * * @throws 如果shiro認證失敗會丟擲各種異常 * */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken myToken=(UsernamePasswordToken)token; String userName=myToken.getUsername(); String passWord=new String(myToken.getPassword()); if(userName==null||passWord==null) { return null; } //建立密碼認證物件,由shiro自動認證密碼 //引數1 資料庫中的賬號 //引數2 為密碼 //引數3是當前real return new SimpleAuthenticationInfo(userName, "123456", getName()); } @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Object obj = principals.getPrimaryPrincipal(); Set<String> set=new HashSet<String>(); if(obj.equals("admin")) { set.add("admin"); set.add("user"); } if(obj.equals("user")) { set.add("user"); } Set<String> prisesions=new HashSet<String>(); if(obj.equals("user")) { prisesions.add("user:add"); prisesions.add("user:get"); } SimpleAuthorizationInfo info=new SimpleAuthorizationInfo(); info.addRoles(set); info.addStringPermissions(prisesions); return info ; } }
4.編寫controller
package org.huqi.controller; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.Md5CredentialsMatcher; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresRoles; import org.apache.shiro.crypto.hash.Md5Hash; import org.apache.shiro.crypto.hash.SimpleHash; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @Controller public class TestConfig { @RequestMapping("/success") public Object loginSuccess() { return "/success.html"; } @RequestMapping("/login") public Object logout(String userName,String passWord) { Subject subject=SecurityUtils.getSubject(); subject.logout(); if(!subject.isAuthenticated()) { UsernamePasswordToken usernamePasswordToken=new UsernamePasswordToken(userName, passWord); try { //如果認證失敗就會丟擲異常 subject.login(usernamePasswordToken); }catch(Exception e) { e.printStackTrace(); return "/login.html"; } } return "/success.html"; } @RequestMapping("/logout") public Object login(String userName,String passWord) { return "/login.html"; } /** * 指定當前方法或當前類需要什麼角色 * */ @ResponseBody @RequiresRoles(value = {"admin"}) @RequestMapping("admin/test") public Object testAdmin() { return "admin"; } @ResponseBody @RequiresRoles(value = "user") @RequestMapping("user/test") public Object testUser() { return "/user"; } /** * 指定什麼許可權下才能訪問 * */ @ResponseBody @RequiresPermissions(value = {"user:add"}) @RequestMapping("user/add") public Object add() { return "user:add"; } @ResponseBody @RequiresPermissions(value = {"user:get"}) @RequestMapping("user/get") public Object get() { return "user:get"; } @ResponseBody @ExceptionHandler public Object exception(Exception e) { return "許可權異常"+e; } }