1.配置依賴:pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>cn.zzu.wcj</groupId>
<artifactId>ZZUPrj</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>ZZUPrj Maven Webapp</name>
<url>http://maven.apache.org</url>
<!-- 統一管理Jar包版本 -->
<properties>
<junit.version>4.12</junit.version>
<j2ee.version>7.0</j2ee.version>
<jstl.version>1.1.2</jstl.version>
<spring.version>4.2.6.RELEASE</spring.version>
<mybatis.version>3.3.0</mybatis.version>
<mybatis-spring.version>1.2.3</mybatis-spring.version>
<oracle.version>11.2.0.1.0</oracle.version>
<dbcp.version>1.4</dbcp.version>
<slf4j.version>1.7.16</slf4j.version>
<log4j.version>1.2.17</log4j.version>
<commons-logging.version>1.2</commons-logging.version>
<shiro-version>1.3.2</shiro-version>
</properties>
<dependencies>
<!-- 配置JUnit -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
</dependency>
<!-- 配置JavaEE -->
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>${j2ee.version}</version>
</dependency>
<!-- 配置JSTL -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>${jstl.version}</version>
</dependency>
<!-- 配置Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- 配置MyBatis -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!-- 配置Spring-MyBatis -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>${mybatis-spring.version}</version>
</dependency>
<!-- 配置Oracle -->
<dependency>
<groupId>com.oracle</groupId>
<artifactId>ojdbc6</artifactId>
<version>${oracle.version}</version>
</dependency>
<!-- 配置DBCP數據源 -->
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
<version>${dbcp.version}</version>
</dependency>
<!-- 配置日誌管理 -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons-logging.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${slf4j.version}</version>
</dependency>
<!-- 配置Shiro支持 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro-version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro-version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro-version}</version>
</dependency>
</dependencies>
<build>
<finalName>ZZUPrj</finalName>
</build>
</project>
2.數據庫基本配置:db.properties
jdbc.driverClassName=oracle.jdbc.driver.OracleDriver
jdbc.url=jdbc:oracle:thin:@127.0.0.1:1521:mydb
jdbc.username=scott
jdbc.password=tiger
3.編寫自定義Realm
package cn.zzu.wcj.shiro.realm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import cn.zzu.wcj.entity.User;
import cn.zzu.wcj.service.IPermissionService;
import cn.zzu.wcj.service.IRoleService;
import cn.zzu.wcj.service.IUserService;
public class ShiroDbRealm extends AuthorizingRealm {
@Autowired
private IRoleService roleService ;
@Autowired
private IPermissionService permissionService ;
@Autowired
private IUserService userService ;
/**
* 驗證權限時使用
*/
@Override
public AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals) {
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
String userName=(String)principals.getPrimaryPrincipal() ; //得到用戶名
try{
info.addRoles(roleService.findByUserName(userName)); //根據用戶名查找全部角色名稱
info.addStringPermissions(permissionService.findByUserName(userName));//根據用戶名查找全部權限
}catch(Exception e){
e.printStackTrace();
}
return info;
}
/**
* 用戶登陸時使用
*/
@Override
public AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken token) throws AuthenticationException {
String userName=(String)token.getPrincipal(); //獲取用戶名
AuthenticationInfo info=null ;
User user =null;
try{
user=this.userService.findByUserName(userName) ; //根據用戶名查找到用戶
}catch(Exception e){
e.printStackTrace();
}
if(user !=null){
info=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"MyShiroDBRealm");
}
return info;
}
}
4.配置applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.2.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.2.xsd">
<!-- 配置自動掃描 -->
<context:component-scan base-package="cn.zzu.wcj">
<context:exclude-filter type="annotation"
expression="org.springframework.stereotype.Controller"/>
<context:exclude-filter type="annotation"
expression="org.springframework.web.bind.annotation.ControllerAdvice"/>
</context:component-scan>
<!-- 配置DBCP數據源 -->
<context:property-placeholder location="classpath:db.properties"/>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<!-- 數據庫連接基本屬性 -->
<property name="driverClassName" value="${jdbc.driverClassName}"></property>
<property name="url" value="${jdbc.url}"></property>
<property name="username" value="${jdbc.username}"></property>
<property name="password" value="${jdbc.password}"></property>
<!-- 配置連接池 -->
<property name="initialSize" value="6"></property>
<property name="maxIdle" value="8"></property>
<property name="maxActive" value="28"></property>
<property name="minIdle" value="28"></property>
<property name="maxWait" value="60000"></property>
</bean>
<!-- Spring整合MyBtis,不需要MyBatis配置文件 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource"></property>
<!-- 自動掃描*Mapper.xml文件 -->
<property name="mapperLocations" value="classpath:cn/zzu/wcj/mapper/*Mapper.xml"></property>
<!-- 配置Entity前綴 -->
<property name="typeAliasesPackage" value="cn.zzu.wcj.entity"></property>
</bean>
<!-- DAO接口所在包,Spring會自動掃描其下的DAOImpl類-->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="cn.zzu.wcj.dao"></property>
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
</bean>
<!-- 配置註解事務 -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"></property>
</bean>
<tx:annotation-driven transaction-manager="transactionManager"/>
<!-- 配置Shiro -->
<!-- 1.配置Realm -->
<bean id="shiroDbRealm" class="cn.zzu.wcj.shiro.realm.ShiroDbRealm"></bean>
<!-- 2.配置安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="shiroDbRealm"></property>
</bean>
<!-- 3.配置Shiro過濾器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 配置shiro安全接口 -->
<property name="securityManager" ref="securityManager"></property>
<!-- 配置身份認證失敗時跳轉的頁面 -->
<property name="loginUrl" value="/login.jsp"></property>
<!-- 配置權限認證失敗時跳轉的頁面 -->
<property name="unauthorizedUrl" value="/WEB-INF/views/denied.jsp"></property>
<!-- 配置shiro過濾約束配置,即過濾鏈的定義 -->
<property name="filterChainDefinitions">
<value>
/UserServlet/**=roles[SuperAdmin]
</value>
</property>
</bean>
<!-- 4.配置Shiro內部lifecycle函數的bean執行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor">
</bean>
<!-- 5.配置Shiro註解 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
</beans>
5.配置SpringMVC:spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.2.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.2.xsd">
<!-- 配置自動掃描處理器 -->
<context:component-scan base-package="cn.zzu.wcj" use-default-filters="false">
<context:include-filter type="annotation"
expression="org.springframework.stereotype.Controller"/>
<context:include-filter type="annotation"
expression="org.springframework.web.bind.annotation.ControllerAdvice"/>
</context:component-scan>
<!-- 配置視圖解析器 -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<!-- SpringMVC必備 -->
<mvc:default-servlet-handler/>
<mvc:annotation-driven></mvc:annotation-driven>
<mvc:interceptors>
<!-- 配置Token攔截器,防止用戶重複提交數據 -->
<mvc:interceptor>
<!--攔截所有得URL-->
<mvc:mapping path="/**"/>
<!--攔截器路徑-->
<bean class="cn.zzu.wcj.interceptor.TokenInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
6.簡單展示一下我登錄時編寫的表現層代碼
package cn.zzu.wcj.handler;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import cn.zzu.wcj.entity.User;
import cn.zzu.wcj.service.IUserService;
import cn.zzu.wcj.util.EncryptUtils;
@RequestMapping("/UserHandler")
@Controller
public class UserHandler {
@Autowired
private EncryptUtils encryptUtils ;
@Autowired
private IUserService userService ;
@RequestMapping("/login")
public String login(User user,HttpServletRequest httpReq){
String page="success" ; //默認頁面
String userName=user.getUserName() ; //獲取用戶名
String password=user.getPassword() ; //獲取密碼
password=this.encryptUtils.encMD5(userName+"@{"+password+"}", "shiro") ; //密碼加密處理
user.setPassword(password); //將用戶密碼修改爲加密後的密碼
Subject currentUser=SecurityUtils.getSubject() ; //CurrentUser
UsernamePasswordToken token=null ;
token=new UsernamePasswordToken(userName, password) ; //創建令牌
try{
currentUser.login(token); //登陸驗證
this.userService.doLoginCheck(user) ; //重新設置設置登陸時間
}catch(Exception e){
httpReq.setAttribute("errMsg", "用戶名或密碼錯誤,請重新登陸!"); //設置錯誤信息
page="redirect:/login.jsp" ;
}
return page ;
}
}
總結:在配置DBCP數據源的高級屬性時千萬別分散配置在db.properties,Eclipse每次都識別不了,我惱火死 了,不然會吃虧,好啦,框架都搭建完了,下面可以盡情的寫後臺代碼了