Shiro鍏ラ棬

Posted 2020-11-15

鏍囩锛?a href='http://www.mamicode.com/so/1/dem' title='dem'>dem   ace   throws   鍑嗗宸ヤ綔   The   濡備綍   娉ㄦ剰   鍦板潃   version   

Shiro绠€浠?/h2>

1. 浠€涔堟槸shiro

   shiro鏄痑pache鐨勪竴涓紑婧愭鏋讹紝鏄竴涓潈闄愮鐞嗙殑妗嗘灦锛屽疄鐜?鐢ㄦ埛璁よ瘉銆佺敤鎴锋巿鏉冦€?/p>

   spring涓湁spring security (鍘熷悕Acegi)锛屾槸涓€涓潈闄愭鏋讹紝瀹冨拰spring渚濊禆杩囦簬绱у瘑锛屾病鏈塻hiro浣跨敤绠€鍗曘€?/p>

   shiro涓嶄緷璧栦簬spring锛宻hiro涓嶄粎鍙互瀹炵幇 web搴旂敤鐨勬潈闄愮鐞嗭紝杩樺彲浠ュ疄鐜癱/s绯荤粺锛?/p>

   鍒嗗竷寮忕郴缁熸潈闄愮鐞嗭紝shiro灞炰簬杞婚噺妗嗘灦锛岃秺鏉ヨ秺澶氫紒涓氶」鐩紑濮嬩娇鐢╯hiro銆?/p>

 

 

2. 鍦ㄥ簲鐢ㄧ▼搴忚搴︽潵瑙傚療濡備綍浣跨敤Shiro瀹屾垚宸ヤ綔(鍥?1)

   Subject锛氫富浣擄紝浠ｈ〃浜嗗綋鍓?ldquo;鐢ㄦ埛”锛岃繖涓敤鎴蜂笉涓€瀹氭槸涓€涓叿浣撶殑浜猴紝涓庡綋鍓嶅簲鐢ㄤ氦浜掔殑浠讳綍涓滆タ閮芥槸Subject锛屽缃戠粶鐖櫕锛屾満鍣ㄤ汉绛夛紱鍗充竴涓娊璞℃蹇碉紱鎵€鏈塖ubject 閮界粦瀹氬埌SecurityManager锛屼笌Subject鐨勬墍鏈変氦浜掗兘浼氬鎵樼粰SecurityManager锛涘彲浠ユ妸Subject璁や负鏄竴涓棬闈紱SecurityManager鎵嶆槸瀹為檯鐨勬墽琛岃€咃紱

   SecurityManager锛氬畨鍏ㄧ鐞嗗櫒锛涘嵆鎵€鏈変笌瀹夊叏鏈夊叧鐨勬搷浣滈兘浼氫笌SecurityManager 浜や簰锛涗笖瀹冪鐞嗙潃鎵€鏈塖ubject锛涘彲浠ョ湅鍑哄畠鏄疭hiro 鐨勬牳蹇冿紝瀹冭礋璐ｄ笌鍚庤竟浠嬬粛鐨勫叾浠栫粍浠惰繘琛屼氦浜掞紝濡傛灉瀛︿範杩嘢pringMVC锛屼綘鍙互鎶婂畠鐪嬫垚DispatcherServlet鍓嶇鎺у埗鍣紱

   Realm锛氬煙锛孲hiro浠庝粠Realm鑾峰彇瀹夊叏鏁版嵁锛堝鐢ㄦ埛銆佽鑹层€佹潈闄愶級锛屽氨鏄SecurityManager瑕侀獙璇佺敤鎴疯韩浠斤紝閭ｄ箞瀹冮渶瑕佷粠Realm鑾峰彇鐩稿簲鐨勭敤鎴疯繘琛屾瘮杈冧互纭畾鐢ㄦ埛韬唤鏄惁鍚堟硶锛涗篃闇€瑕佷粠Realm寰楀埌鐢ㄦ埛鐩稿簲鐨勮鑹?鏉冮檺杩涜楠岃瘉鐢ㄦ埛鏄惁鑳借繘琛屾搷浣滐紱鍙互鎶奟ealm鐪嬫垚DataSource锛屽嵆瀹夊叏鏁版嵁婧愩€?/p>

 

 

 

3. shiro鏋舵瀯(鍥?2)

  3.1 subject锛氫富浣擄紝鍙互鏄敤鎴蜂篃鍙互鏄▼搴忥紝涓讳綋瑕佽闂郴缁燂紝绯荤粺闇€瑕佸涓讳綋杩涜璁よ瘉銆佹巿鏉冦€?/p>

  3.2 securityManager锛氬畨鍏ㄧ鐞嗗櫒锛屼富浣撹繘琛岃璇佸拰鎺堟潈閮芥槸閫氳繃securityManager杩涜銆俿ecurityManager鏄竴涓泦鍚堬紝

                       鐪熸鍋氫簨鐨勪笉鏄痵ecurityManager鑰屾槸瀹冮噷闈㈢殑涓滆タ銆?/p>

  3.3 authenticator锛氳璇佸櫒锛屼富浣撹繘琛岃璇佹渶缁堥€氳繃authenticator杩涜鐨勩€?/p>

  3.4 authorizer锛氭巿鏉冨櫒锛屼富浣撹繘琛屾巿鏉冩渶缁堥€氳繃authorizer杩涜鐨勩€?/p>

  3.5 sessionManager锛歸eb搴旂敤涓竴鑸槸鐢╳eb瀹瑰櫒锛堜腑闂翠欢tomcat锛夊session杩涜绠＄悊锛宻hiro涔熸彁渚涗竴濂梥ession绠＄悊鐨勬柟寮忋€?/p>

                      shiro涓嶄粎浠呭彲浠ョ敤浜巜eb绠＄悊涔熷彲浠ョ敤浜巆s绠＄悊锛屾墍浠ヤ粬涓嶇敤web瀹瑰櫒鐨剆ession绠＄悊銆?/p>

  3.6 SessionDao锛?nbsp; 閫氳繃SessionDao绠＄悊session鏁版嵁锛岄拡瀵逛釜鎬у寲鐨剆ession鏁版嵁瀛樺偍闇€瑕佷娇鐢╯essionDao

                    锛堝鏋滅敤tomcat绠＄悊session灏变笉鐢⊿essionDao锛屽鏋滆鍒嗗竷寮忕殑缁熶竴绠＄悊session灏辫鐢ㄥ埌SessionDao锛夈€?/p>

  3.7 cache Manager锛氱紦瀛樼鐞嗗櫒锛屼富瑕佸session鍜屾巿鏉冩暟鎹繘琛岀紦瀛橈紙鏉冮檺绠＄悊妗嗘灦涓昏灏辨槸瀵硅璇佸拰鎺堟潈杩涜绠＄悊锛?/p>

                     session鏄湪鏈嶅姟鍣ㄧ紦瀛樹腑鐨勶級锛屾瘮濡傚皢鎺堟潈鏁版嵁閫氳繃cacheManager杩涜缂撳瓨绠＄悊锛?/p>

                     鍜宔hcache鏁村悎瀵圭紦瀛樻暟鎹繘琛岀鐞嗭紙redis鏄紦瀛樻鏋讹級銆?/p>

  3.8 realm锛氬煙锛岄鍩燂紝鐩稿綋浜庢暟鎹簮锛岄€氳繃realm瀛樺彇璁よ瘉銆佹巿鏉冪浉鍏虫暟鎹紙鍘熸潵鏄€氳繃鏁版嵁搴撳彇鐨勶級銆?/p>

             娉ㄦ剰锛歛uthenticator璁よ瘉鍣ㄥ拰authorizer鎺堟潈鍣ㄨ皟鐢╮ealm涓瓨鍌ㄦ巿鏉冨拰璁よ瘉鐨勬暟鎹拰閫昏緫銆?/p>

  3.9 cryptography锛氬瘑鐮佺鐞嗭紝姣斿md5鍔犲瘑锛屾彁渚涗簡涓€濂楀姞瀵?瑙ｅ瘑鐨勭粍浠讹紝鏂逛究寮€鍙戙€傛瘮濡傛彁渚涘父鐢ㄧ殑鏁ｅ垪銆佸姞/瑙ｅ瘑绛夊姛鑳姐€傛瘮濡?md5鏁ｅ垪绠楁硶锛坢d5鍙湁鍔犲瘑娌℃湁瑙ｅ瘑锛夈€?/p>

 

Shiro鍏ラ棬妗堜緥

鍑嗗宸ヤ綔锛?/p>

1銆佸鍏ョ浉鍏充緷璧?/p>

2銆佺紪鍐檚hiro.ini鏂囦欢

[users]
zs=123
ls=456
ww=789

pom.xml

<?xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>com.cjh</groupId>
  <artifactId>shiro</artifactId>
  <version>1.0-SNAPSHOT</version>
  <packaging>war</packaging>

  <name>shiro Maven Webapp</name>
  <!-- FIXME change it to the project鈥?/span>s website -->
  <url>http://www.example.com</url>

  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <maven.compiler.source>1.7</maven.compiler.source>
    <maven.compiler.target>1.7</maven.compiler.target>
    <maven.compiler.plugin.version>3.7.0</maven.compiler.plugin.version>

    <!-- 娣诲姞鐩稿叧渚濊禆 -->
    <junit.version>4.12</junit.version>
    <servlet.version>4.0.0</servlet.version>
    <log4j2.version>2.9.1</log4j2.version>
    <slf4j.version>1.7.7</slf4j.version>
    <log4j2.disruptor.version>3.2.0</log4j2.disruptor.version>

    <shiro.version>1.2.5</shiro.version>
  </properties>


  <dependencies>
    <!-- shiro鏍稿績鍖?-->
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-core</artifactId>
      <version>${shiro.version}</version>
    </dependency>
    <!-- 娣诲姞shiro web鏀寔 -->
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-web</artifactId>
      <version>${shiro.version}</version>
    </dependency>
    <!--**********junit**********-->
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>${junit.version}</version>
      <scope>test</scope>
    </dependency>
    <!--**********servlet**********-->
    <dependency>
      <groupId>javax.servlet</groupId>
      <artifactId>javax.servlet-api</artifactId>
      <version>${servlet.version}</version>
      <scope>provided</scope>
    </dependency>
    <!-- **********************  鏃ュ織閰嶇疆  ********************** -->
    <dependency>
      <groupId>org.slf4j</groupId>
      <artifactId>slf4j-api</artifactId>
      <version>${slf4j.version}</version>
    </dependency>
    <dependency>
      <groupId>org.slf4j</groupId>
      <artifactId>jcl-over-slf4j</artifactId>
      <version>${slf4j.version}</version>
      <scope>runtime</scope>
      <exclusions>
        <exclusion>
          <artifactId>slf4j-api</artifactId>
          <groupId>org.slf4j</groupId>
        </exclusion>
      </exclusions>
    </dependency>
    <!--2) 鐢ㄤ簬涓巗lf4j淇濇寔妗ユ帴-->
    <dependency>
      <groupId>org.apache.logging.log4j</groupId>
      <artifactId>log4j-slf4j-impl</artifactId>
      <version>${log4j2.version}</version>
      <exclusions>
        <exclusion>
          <artifactId>slf4j-api</artifactId>
          <groupId>org.slf4j</groupId>
        </exclusion>
      </exclusions>
    </dependency>
    <!--3) 鏍稿績log4j2jar鍖?->
    <dependency>
      <groupId>org.apache.logging.log4j</groupId>
      <artifactId>log4j-api</artifactId>
      <version>${log4j2.version}</version>
    </dependency>
    <dependency>
      <groupId>org.apache.logging.log4j</groupId>
      <artifactId>log4j-core</artifactId>
      <version>${log4j2.version}</version>
    </dependency>
    <!--4) web宸ョ▼闇€瑕佸寘鍚玪og4j-web锛岄潪web宸ョ▼涓嶉渶瑕?->
    <dependency>
      <groupId>org.apache.logging.log4j</groupId>
      <artifactId>log4j-web</artifactId>
      <version>${log4j2.version}</version>
      <scope>runtime</scope>
    </dependency>
    <!--5) 闇€瑕佷娇鐢╨og4j2鐨凙syncLogger闇€瑕佸寘鍚玠isruptor-->
    <dependency>
      <groupId>com.lmax</groupId>
      <artifactId>disruptor</artifactId>
      <version>${log4j2.disruptor.version}</version>
    </dependency>

  </dependencies>


  <build>
    <finalName>shiro</finalName>
    <resources>
      <!--瑙ｅ喅mybatis-generator-maven-plugin杩愯鏃舵病鏈夊皢XxxMapper.xml鏂囦欢鏀惧叆target鏂囦欢澶圭殑闂-->
      <resource>
        <directory>src/main/java</directory>
        <includes>
          <include>**/*.xml</include>
        </includes>
      </resource>
      <!--瑙ｅ喅mybatis-generator-maven-plugin杩愯鏃舵病鏈夊皢jdbc.properites鏂囦欢鏀惧叆target鏂囦欢澶圭殑闂-->
      <resource>
        <directory>src/main/resources</directory>
        <includes>
          <include>*.properties</include>
          <include>*.xml</include>
          <include>*.ini</include>
        </includes>
      </resource>
    </resources>
    <pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
      <plugins>
        <!-- 缂栫爜鍜岀紪璇戝拰JDK鐗堟湰 -->
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
          <version>${maven.compiler.plugin.version}</version>
          <configuration>
            <source>${maven.compiler.source}</source>
            <target>${maven.compiler.target}</target>
            <encoding>${project.build.sourceEncoding}</encoding>
          </configuration>
        </plugin>


        <plugin>
          <artifactId>maven-clean-plugin</artifactId>
          <version>3.1.0</version>
        </plugin>
        <!-- see http://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_war_packaging -->
        <plugin>
          <artifactId>maven-resources-plugin</artifactId>
          <version>3.0.2</version>
        </plugin>
        <plugin>
          <artifactId>maven-compiler-plugin</artifactId>
          <version>3.8.0</version>
        </plugin>
        <plugin>
          <artifactId>maven-surefire-plugin</artifactId>
          <version>2.22.1</version>
        </plugin>
        <plugin>
          <artifactId>maven-war-plugin</artifactId>
          <version>3.2.2</version>
        </plugin>
        <plugin>
          <artifactId>maven-install-plugin</artifactId>
          <version>2.5.2</version>
        </plugin>
        <plugin>
          <artifactId>maven-deploy-plugin</artifactId>
          <version>2.8.2</version>
        </plugin>
      </plugins>
    </pluginManagement>
  </build>

</project>

Dome1.java

package com.cjh.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

/**
 * @author
 * @site
 * @company
 * @create 2019-10-12 20:09
 */
public class Demo1 {

    public static void main(String[] args) {
        /*
          1.鑾峰彇鍒板畨鍏ㄧ鐞嗗櫒宸ュ巶securityManagerFactory
          2.鑾峰彇鍒板畨鍏ㄧ鐞嗗櫒
          3.灏嗗畨鍏ㄧ鐞嗗櫒浜ょ粰securityuitl宸ュ叿绫?
          4銆佷粠securityutil涓幏鍙杝ubject鐧诲綍涓讳綋
          5銆佽幏鍙杍sp浼犻€掕繃鏉ョ殑鐢ㄦ埛鍚嶅瘑鐒跺悗褰㈡垚涓€涓猼oken浠ょ墝
          6銆佺櫥褰曟搷浣滐紙鐧诲綍鎴愬姛锛熺櫥褰曞け璐ワ級
         */
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
//       妯℃嫙鎺ユ敹鍒颁簡jsp浠庡墠绔痡sp浼犻€掕繃鏉ョ殑鐢ㄦ埛鍚嶅瘑鐮佸幓瀹屾垚鐧诲綍
        String uname = "zs";
        String pwd = "1234";
        UsernamePasswordToken token = new UsernamePasswordToken(uname,pwd);
       try {
           subject.login(token);
           System.out.println("鐧诲綍鎴愬姛锛侊紒");
       }catch (Exception e){
           System.out.println("鐧诲綍澶辫触澶勭悊鎺柦锛侊紒");
       }
       subject.logout();
        System.out.println("鐧诲嚭鎴愬姛锛侊紒");


    }
}

 

Shiro涓巜eb瀹瑰櫒鐨勯泦鎴?/h2>

1銆佸噯澶囦竴涓猻hiro-web.ini鏂囦欢

[main]
#瀹氫箟韬唤璁よ瘉澶辫触鍚庣殑璇锋眰url鏄犲皠锛宭oginUrl鏄韩浠借璇佽繃婊ゅ櫒涓殑涓€涓睘鎬?
authc.loginUrl=/login
#瀹氫箟瑙掕壊璁よ瘉澶辫触鍚庣殑璇锋眰url鏄犲皠锛寀nauthorizedUrl鏄鑹茶璇佽繃婊ゅ櫒涓殑涓€涓睘鎬?
roles.unauthorizedUrl=/unauthorized.jsp
#瀹氫箟鏉冮檺璁よ瘉澶辫触鍚庤姹倁rl鏄犲皠锛寀nauthorizedUrl鏄鑹茶璇佽繃婊ゅ櫒涓殑涓€涓睘鎬?
perms.unauthorizedUrl=/unauthorized.jsp

[users]
zs=123,role1
ls=123,role2
ww=123,role3
zdm=123,admin


[roles]
role1=user:create
role2=user:create,user:update
role3=user:create,user:update,user:delete,user:view,user:load
admin=user:*



#瀹氫箟璇锋眰鐨勫湴鍧€闇€瑕佸仛浠€涔堥獙璇?
[urls]
#璇锋眰login鐨勬椂鍊欎笉闇€瑕佹潈闄愶紝娓稿韬唤鍗冲彲(anon)
/login.do=anon

#璇锋眰/user/updatePwd.jsp鐨勬椂鍊欙紝闇€瑕佽韩浠借璇?authc)
/user/updatePwd.jsp=authc

#璇锋眰/admin鐨勬椂鍊欙紝闇€瑕佽鑹茶璇侊紝蹇呴』鏄嫢鏈塧dmin瑙掕壊鐨勭敤鎴锋墠琛?
/admin/*.jsp=roles[admin]

#璇锋眰/teacher鐨勬椂鍊欙紝闇€瑕佹潈闄愯璇侊紝蹇呴』鏄嫢鏈塽ser:create鏉冮檺鐨勮鑹茬殑鐢ㄦ埛鎵嶈
/user/teacher.jsp=perms["user:update"]

Web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         version="3.1">
  <display-name>Archetype Created Web Application</display-name>
  <context-param>
    <param-name>shiroConfigLocations</param-name>
    <param-value>classpath:shiro-web.ini</param-value>
  </context-param>
  <listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
  </listener>

  <filter>
    <filter-name>ShiroFilter</filter-name>
    <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>ShiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

</web-app>

login.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
    <h1>鐢ㄦ埛鐧婚檰</h1>
    <div style="color: red">${message}</div>
    <form action="${pageContext.request.contextPath}/login" method="post">
        甯愬彿锛?/span><input type="text" name="username"><br>
        瀵嗙爜锛?/span><input type="password" name="password"><br>
        <input type="submit" value="纭畾">
        <input type="reset" value="閲嶇疆">
    </form>
</body>
</html>

main.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@taglib prefix="r" uri="http://shiro.apache.org/tags" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<h1>涓荤晫闈?lt;%=System.currentTimeMillis()%>锛屾杩庢偍锛歔${sessionScope.username}]</h1>
<ul>
    绯荤粺鍔熻兘鍒楄〃
    <li>
        <a href="admin/addUser.jsp">鐢ㄦ埛鏂板</a>
    </li>
    <li>
        <a href="admin/listUser.jsp">鐢ㄦ埛鏌ヨ</a>
    </li>
    <li>
        <a href="admin/resetPwd.jsp">閲嶇疆鐢ㄦ埛瀵嗙爜</a>
    </li>
    <li>
        <a href="admin/updateUser.jsp">鐢ㄦ埛淇敼</a>
    </li>
    <li>
        <a href="user/updatePwd.jsp">涓汉瀵嗙爜淇敼</a>
    </li>
    <li>
        <a href="user/teacher.jsp">鑰佸笀绠€浠?lt;/a>
    </li>
    <li>
        <a href="${pageContext.request.contextPath}/logout">閫€鍑虹郴缁?lt;/a>
    </li>
</ul>
<ul>
    shiro鏍囩
    <li>
        <r:hasPermission name="user:create">
            <a href="admin/addUser.jsp">鐢ㄦ埛鏂板</a>
        </r:hasPermission>
    </li>
    <li>
        <a href="admin/listUser.jsp">鐢ㄦ埛鏌ヨ</a>
    </li>
    <li>
        <a href="admin/resetPwd.jsp">閲嶇疆鐢ㄦ埛瀵嗙爜</a>
    </li>
    <li>
        <r:hasPermission name="user:update">
            <a href="admin/updateUser.jsp">鐢ㄦ埛淇敼</a>
        </r:hasPermission>
    </li>
    <li>
        <a href="user/updatePwd.jsp">涓汉瀵嗙爜淇敼</a>
    </li>
    <li>
        <a href="${pageContext.request.contextPath}/logout">閫€鍑虹郴缁?lt;/a>
    </li>
</ul>
</body>
</html>

 

LoginServlt

package com.cjh.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author
 * @site
 * @company
 * @create 2019-10-12 20:30
 */
@WebServlet("/login")
public class LoginServlet extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doPost(req,resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        Subject subject = SecurityUtils.getSubject();
        String uname = req.getParameter("username");
        String pwd = req.getParameter("password");
        UsernamePasswordToken token = new UsernamePasswordToken(uname, pwd);
        try {
            subject.login(token);
            req.getRequestDispatcher("main.jsp").forward(req,resp);
        }catch (Exception e){
            req.setAttribute("message","鐢ㄦ埛鍚嶆垨瀵嗙爜閿欒锛?/span>");
            req.getRequestDispatcher("login.jsp").forward(req,resp);

        }
    }
}

logoutservlt

package com.cjh.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author
 * @site
 * @company
 * @create 2019-10-12 20:30
 */
@WebServlet("/logout")
public class LogoutServlet extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doPost(req,resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        resp.sendRedirect("login.jsp");

    }
}

 

缁撴灉锛?/p>