Skip to content

Commit

Permalink
Shiro
Browse files Browse the repository at this point in the history
  • Loading branch information
jarrymei committed Jan 14, 2018
0 parents commit 90db3bf
Show file tree
Hide file tree
Showing 14 changed files with 429 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .idea/vcs.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

29 changes: 29 additions & 0 deletions src/main/java/com/zhidi/dao/LoginDao.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
package com.zhidi.dao;

import com.zhidi.entity.User;
import com.zhidi.util.DBUitl;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class LoginDao {

public User login(String username) throws SQLException {
PreparedStatement ps = DBUitl.getConnection().prepareStatement("select * from tb_users where user_name = ?");
ps.setString(1, username);
ResultSet rs = ps.executeQuery();
User user = null;
while (rs.next()) {
Integer id = rs.getInt("id");
String userName = rs.getString("user_name");
String password = rs.getString("password");
String phone = rs.getString("phone");
user = new User(id, userName, password, phone);
}
return user;
}
}
51 changes: 51 additions & 0 deletions src/main/java/com/zhidi/entity/User.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package com.zhidi.entity;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class User {

private Integer id;
private String username;
private String password;
private String phone;

public User(Integer id, String username, String password, String phone) {
this.id = id;
this.username = username;
this.password = password;
this.phone = phone;
}

public Integer getId() {
return id;
}

public void setId(Integer id) {
this.id = id;
}

public String getUsername() {
return username;
}

public void setUsername(String username) {
this.username = username;
}

public String getPassword() {
return password;
}

public void setPassword(String password) {
this.password = password;
}

public String getPhone() {
return phone;
}

public void setPhone(String phone) {
this.phone = phone;
}
}
31 changes: 31 additions & 0 deletions src/main/java/com/zhidi/filter/MyFilter1.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package com.zhidi.filter;

import org.apache.log4j.Logger;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class MyFilter1 implements Filter {

private static final Logger log = Logger.getLogger(MyFilter1.class);

@Override
public void init(FilterConfig filterConfig) throws ServletException {

}

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
log.info("这是Filter1");
filterChain.doFilter(servletRequest,servletResponse);
}

@Override
public void destroy() {

}
}
30 changes: 30 additions & 0 deletions src/main/java/com/zhidi/filter/MyFilter2.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
package com.zhidi.filter;

import org.apache.log4j.Logger;

import javax.servlet.*;
import java.io.IOException;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class MyFilter2 implements Filter {

private static final Logger log = Logger.getLogger(MyFilter2.class);

@Override
public void init(FilterConfig filterConfig) throws ServletException {

}

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
log.info("这是Filter2");
filterChain.doFilter(servletRequest,servletResponse);
}

@Override
public void destroy() {

}
}
46 changes: 46 additions & 0 deletions src/main/java/com/zhidi/realm/LoginRealm.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
package com.zhidi.realm;

import com.zhidi.dao.LoginDao;
import com.zhidi.entity.User;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.sql.SQLException;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class LoginRealm extends AuthorizingRealm {

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

String username = String.valueOf(authenticationToken.getPrincipal());
String password = String.valueOf((char[]) authenticationToken.getCredentials());
User user = null;
try {
user = new LoginDao().login(username);
} catch (SQLException e) {
e.printStackTrace();
}
if (user == null) {
return null;
}
if (!password.equals(user.getPassword())) {
return null;
}
AuthenticationInfo info = new SimpleAuthenticationInfo(username, password, this.getName());
return info;
}
}
63 changes: 63 additions & 0 deletions src/main/java/com/zhidi/servlet/LoginServlet.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
package com.zhidi.servlet;

import org.apache.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.env.WebEnvironment;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
* Created by Administrator on 2018/1/14/014.
*/
@WebServlet("/login")
public class LoginServlet extends HttpServlet {

private static final transient Logger log = Logger.getLogger(LoginServlet.class);

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}

@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
Boolean rememberMe = Boolean.valueOf(req.getParameter("rememberMe"));

WebEnvironment webEnvironment = WebUtils.getRequiredWebEnvironment(req.getServletContext());
SecurityManager securityManager = webEnvironment.getSecurityManager();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(rememberMe);
try {
currentUser.login(token);
} catch (UnknownAccountException un) {
log.info("用户不存在");
return;
}catch ( IncorrectCredentialsException ice ) {
//password didn't match, try again?
log.info("密码错误");
} catch ( LockedAccountException lae ) {
//account for that username is locked - can't login. Show them a message?
log.info("账户被锁定,无法登录");
} catch ( AuthenticationException ae ) {
//unexpected condition - error?
log.info("未知错误...");
}

}
resp.sendRedirect(req.getContextPath() + "/index.jsp");
}
}
31 changes: 31 additions & 0 deletions src/main/java/com/zhidi/util/DBUitl.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package com.zhidi.util;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;

/**
* Created by Administrator on 2018/1/14/014.
*/
public class DBUitl {

private static final String username = "root";
private static final String password = "root";
private static final String url = "jdbc:mysql://localhost:3306/db_hibernate";

static {
try {
Class.forName("com.mysql.jdbc.Driver");

} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}

public static Connection getConnection() throws SQLException {
Connection conn = DriverManager.getConnection(url, username, password);
return conn;
}


}
19 changes: 19 additions & 0 deletions src/main/resources/log4j.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### direct messages to file hibernate.log ###
#log4j.appender.file=org.apache.log4j.FileAppender
#log4j.appender.file.File=hibernate.log
#log4j.appender.file.layout=org.apache.log4j.PatternLayout
#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### set log levels - for more verbose logging change 'info' to 'debug' ###

log4j.rootLogger=warn, stdout,info

#log4j.logger.org.hibernate=info
log4j.logger.org.apache.shiro=debug
log4j.logger.com.zhidi=debug
24 changes: 24 additions & 0 deletions src/main/webapp/WEB-INF/shiro.ini
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@

[main]
#自定义过滤器
myFilter1 = com.zhidi.filter.MyFilter1
myFilter2 = com.zhidi.filter.MyFilter2

loginRealm = com.zhidi.realm.LoginRealm
securityManager.realm = $loginRealm

#默认过滤器
authc.loginUrl = /login.jsp

[users]
mjj = 123,sysadmin,Guest


[roles]
sysadmin = *


[urls]
#/index.jsp = myFilter1, myFilter2
/login.jsp = authc
/user/* = authc
52 changes: 52 additions & 0 deletions src/main/webapp/WEB-INF/web.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
<?xml version="1.0" encoding="utf-8" ?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">

<!--Shiro 1.2或更高版本使用如下配置,该监听器会初始化一个WebEnvironment实例(包含了Shiro中需要执行的任何东西以及SecurityManager)
如果想要在任何时候都可以获取到WebEnvironment实例(实际上是创建的IniWebEnvironment实例,IniWebEnvironment对象读取的是/WEB-INF/shiro.ini文件),
可以通过WebUtils.getRequiredWebEnvironment(servletContext)获取
-->
<!--如果需要通过自定义WebEnvironment来读取配置,可以将自定义的WebEnvironment设置到EnvironmentLoaderListener中-->
<!--<context-param>
<param-name>shiroEnvironmentClass</param-name>
<param-value>com.zhidi.shiro.MyWebEnvironment</param-value>
</context-param>-->

<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>

<!--ShiroFilter会通过WebUtils.getRequiredWebEnvironment(servletContext)获取WebEnvironment实例,来执行所有必要的安全操作-->
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>

<!--Shiro 1.1或更早版本-->
<!--<MyFilter1>
<MyFilter1-name>iniShiroFilter</MyFilter1-name>
<MyFilter1-class>org.apache.shiro.web.servlet.IniShiroFilter</MyFilter1-class>
<init-param>
<param-name>configPath</param-name>
<param-value>classpath:xml/shiro.ini</param-value>
</init-param>
</MyFilter1>
<MyFilter1-mapping>
<MyFilter1-name>iniShiroFilter</MyFilter1-name>
<url-pattern>/*</url-pattern>
</MyFilter1-mapping>-->

</web-app>
Loading

0 comments on commit 90db3bf

Please sign in to comment.