Shiro整合web01

Posted 1斑点

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Shiro整合web01相关的知识,希望对你有一定的参考价值。

 Shiro 集成 Web 配置
 <listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
  </listener>
   
<!-- 添加shiro支持 -->
<filter>
    <filter-name>ShiroFilter</filter-name>
    <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
 
<filter-mapping>
    <filter-name>ShiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping> 
---------------------------------------------------------------------------------------
 [main]
authc.loginUrl=/login   没登录的话先进行身份认证
roles.unauthorizedUrl=/unauthorized.jsp
//权限不够
perms.unauthorizedUrl=/unauthorized.jsp
/权限不够
[users]
java1234=123456,admin
jack=123,teacher
marry=234
json=345
[roles]
admin=user:*
teacher=student:*
[urls]
/login=anon
/admin=authc
/student=roles[teacher]  请求/student这个url必须有一个用户里角色为teacher的用户
/teacher=perms["user:create"]
---------------------------------------------------------------------------------------------------------------------------
 public class LoginServlet extends HttpServlet{
 
private static final long serialVersionUID = 1L;
 
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// TODO Auto-generated method stub
System.out.println("login doget");
req.getRequestDispatcher("login.jsp").forward(req, resp);
}
 
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("login dopost");
String userName=req.getParameter("userName");
String password=req.getParameter("password");
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(userName, password);
try{
subject.login(token);
Session session = subject.getSession();
System.out.println("sessionId:"+session.getId());
System.out.println("sessionHost:"+session.getHost());
System.out.println("sessionTimeout:"+session.getTimeout());
session.setAttribute("info", "session的数据");
resp.sendRedirect("success.jsp");
}catch(Exception e){
e.printStackTrace();
req.setAttribute("errorInfo", "用户名或者密码错误");
req.getRequestDispatcher("login.jsp").forward(req, resp);
}
}
--------------------------------------------------------------------------------------------
<body>欢迎你!
<shiro:hasRole name="admin">
欢迎有admin角色的用户
</shiro:hasRole>
<shiro:hasPermission name="student:create">
欢迎有student:create权限的用户
<shiro:principal/>
</shiro:hasPermission>
</body>































以上是关于Shiro整合web01的主要内容,如果未能解决你的问题,请参考以下文章

(转)shiro权限框架详解06-shiro与web项目整合(下)

Apache Shiro Web应用整合-配置

shiro-web整合

web项目整合Shiro框架

ssm整合shiro时web。xml中配置filter,tomcat报错

Shiro与基本web环境整合登陆验证实例