LoginController
@Controller
public class LoginController {
@RequestMapping("gologin.html")
public String goLogin() {
return "login";
}
@RequestMapping("logout.html")
public String logout() {
Subject subject = SecurityUtils.getSubject();
subject.logout();
return "login";
}
@RequestMapping("login.html")
public String login(String username, String password, HttpServletRequest request) {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
subject.login(token);
return "redirect:index.html";
} catch (AuthenticationException e) {
e.printStackTrace();
request.setAttribute("error", "用戶名或密碼錯誤");
return "login";
}
}
}
MenuController
@Controller
@RequestMapping("/menu")
public class MenuController {
@RequestMapping("list.html")
public String list() {
return "/menu_list";
}
@RequestMapping("go_edit.html")
@RequiresPermissions("menu:edit")
public String goEdit() {
return "/menu_edit";
}
}
PageController
@Controller
public class PageController {
@RequestMapping("index.html")
public String index() {
return "index";
}
@RequestMapping("error.html")
public String error() {
return "error";
}
}
shiro-web.ini
[users]
root = secret, admin
guest = guest, guest
test = 123456, guest,test
[roles]
admin = *
guest = user:list
test = menu:list,menu:add
spring-config.xml
<context:component-scan base-package="com.shiro.test.mvc">
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Controller"/>
</context:component-scan>
<bean id="iniRealm" class="org.apache.shiro.realm.text.IniRealm">
<constructor-arg name="resourcePath" value="classpath:shiro-web.ini"/>
</bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="iniRealm"/>
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/gologin.html"/>
<property name="successUrl" value="/index.html"/>
<property name="unauthorizedUrl" value="/error.html"/>
<property name="filterChainDefinitions">
<value>
/login.html=anon
/gologin.html=anon
/index.html = authc
/role.html=authc,roles[admin]
/menu/** = authc
</value>
</property>
</bean>
</beans>