-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 90db3bf
Showing
14 changed files
with
429 additions
and
0 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package com.zhidi.dao; | ||
|
||
import com.zhidi.entity.User; | ||
import com.zhidi.util.DBUitl; | ||
|
||
import java.sql.PreparedStatement; | ||
import java.sql.ResultSet; | ||
import java.sql.SQLException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class LoginDao { | ||
|
||
public User login(String username) throws SQLException { | ||
PreparedStatement ps = DBUitl.getConnection().prepareStatement("select * from tb_users where user_name = ?"); | ||
ps.setString(1, username); | ||
ResultSet rs = ps.executeQuery(); | ||
User user = null; | ||
while (rs.next()) { | ||
Integer id = rs.getInt("id"); | ||
String userName = rs.getString("user_name"); | ||
String password = rs.getString("password"); | ||
String phone = rs.getString("phone"); | ||
user = new User(id, userName, password, phone); | ||
} | ||
return user; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
package com.zhidi.entity; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class User { | ||
|
||
private Integer id; | ||
private String username; | ||
private String password; | ||
private String phone; | ||
|
||
public User(Integer id, String username, String password, String phone) { | ||
this.id = id; | ||
this.username = username; | ||
this.password = password; | ||
this.phone = phone; | ||
} | ||
|
||
public Integer getId() { | ||
return id; | ||
} | ||
|
||
public void setId(Integer id) { | ||
this.id = id; | ||
} | ||
|
||
public String getUsername() { | ||
return username; | ||
} | ||
|
||
public void setUsername(String username) { | ||
this.username = username; | ||
} | ||
|
||
public String getPassword() { | ||
return password; | ||
} | ||
|
||
public void setPassword(String password) { | ||
this.password = password; | ||
} | ||
|
||
public String getPhone() { | ||
return phone; | ||
} | ||
|
||
public void setPhone(String phone) { | ||
this.phone = phone; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package com.zhidi.filter; | ||
|
||
import org.apache.log4j.Logger; | ||
|
||
import javax.servlet.*; | ||
import javax.servlet.annotation.WebFilter; | ||
import java.io.IOException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class MyFilter1 implements Filter { | ||
|
||
private static final Logger log = Logger.getLogger(MyFilter1.class); | ||
|
||
@Override | ||
public void init(FilterConfig filterConfig) throws ServletException { | ||
|
||
} | ||
|
||
@Override | ||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { | ||
log.info("这是Filter1"); | ||
filterChain.doFilter(servletRequest,servletResponse); | ||
} | ||
|
||
@Override | ||
public void destroy() { | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
package com.zhidi.filter; | ||
|
||
import org.apache.log4j.Logger; | ||
|
||
import javax.servlet.*; | ||
import java.io.IOException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class MyFilter2 implements Filter { | ||
|
||
private static final Logger log = Logger.getLogger(MyFilter2.class); | ||
|
||
@Override | ||
public void init(FilterConfig filterConfig) throws ServletException { | ||
|
||
} | ||
|
||
@Override | ||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { | ||
log.info("这是Filter2"); | ||
filterChain.doFilter(servletRequest,servletResponse); | ||
} | ||
|
||
@Override | ||
public void destroy() { | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
package com.zhidi.realm; | ||
|
||
import com.zhidi.dao.LoginDao; | ||
import com.zhidi.entity.User; | ||
import org.apache.shiro.authc.AuthenticationException; | ||
import org.apache.shiro.authc.AuthenticationInfo; | ||
import org.apache.shiro.authc.AuthenticationToken; | ||
import org.apache.shiro.authc.SimpleAuthenticationInfo; | ||
import org.apache.shiro.authz.AuthorizationInfo; | ||
import org.apache.shiro.authz.SimpleAuthorizationInfo; | ||
import org.apache.shiro.realm.AuthorizingRealm; | ||
import org.apache.shiro.subject.PrincipalCollection; | ||
|
||
import java.sql.SQLException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class LoginRealm extends AuthorizingRealm { | ||
|
||
@Override | ||
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { | ||
return null; | ||
} | ||
|
||
@Override | ||
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { | ||
|
||
String username = String.valueOf(authenticationToken.getPrincipal()); | ||
String password = String.valueOf((char[]) authenticationToken.getCredentials()); | ||
User user = null; | ||
try { | ||
user = new LoginDao().login(username); | ||
} catch (SQLException e) { | ||
e.printStackTrace(); | ||
} | ||
if (user == null) { | ||
return null; | ||
} | ||
if (!password.equals(user.getPassword())) { | ||
return null; | ||
} | ||
AuthenticationInfo info = new SimpleAuthenticationInfo(username, password, this.getName()); | ||
return info; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
package com.zhidi.servlet; | ||
|
||
import org.apache.log4j.Logger; | ||
import org.apache.shiro.SecurityUtils; | ||
import org.apache.shiro.authc.*; | ||
import org.apache.shiro.mgt.SecurityManager; | ||
import org.apache.shiro.subject.Subject; | ||
import org.apache.shiro.web.env.WebEnvironment; | ||
import org.apache.shiro.web.util.WebUtils; | ||
|
||
import javax.servlet.ServletException; | ||
import javax.servlet.annotation.WebServlet; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
@WebServlet("/login") | ||
public class LoginServlet extends HttpServlet { | ||
|
||
private static final transient Logger log = Logger.getLogger(LoginServlet.class); | ||
|
||
@Override | ||
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { | ||
doPost(req, resp); | ||
} | ||
|
||
@Override | ||
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { | ||
String username = req.getParameter("username"); | ||
String password = req.getParameter("password"); | ||
Boolean rememberMe = Boolean.valueOf(req.getParameter("rememberMe")); | ||
|
||
WebEnvironment webEnvironment = WebUtils.getRequiredWebEnvironment(req.getServletContext()); | ||
SecurityManager securityManager = webEnvironment.getSecurityManager(); | ||
SecurityUtils.setSecurityManager(securityManager); | ||
Subject currentUser = SecurityUtils.getSubject(); | ||
if (!currentUser.isAuthenticated()) { | ||
UsernamePasswordToken token = new UsernamePasswordToken(username, password); | ||
token.setRememberMe(rememberMe); | ||
try { | ||
currentUser.login(token); | ||
} catch (UnknownAccountException un) { | ||
log.info("用户不存在"); | ||
return; | ||
}catch ( IncorrectCredentialsException ice ) { | ||
//password didn't match, try again? | ||
log.info("密码错误"); | ||
} catch ( LockedAccountException lae ) { | ||
//account for that username is locked - can't login. Show them a message? | ||
log.info("账户被锁定,无法登录"); | ||
} catch ( AuthenticationException ae ) { | ||
//unexpected condition - error? | ||
log.info("未知错误..."); | ||
} | ||
|
||
} | ||
resp.sendRedirect(req.getContextPath() + "/index.jsp"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package com.zhidi.util; | ||
|
||
import java.sql.Connection; | ||
import java.sql.DriverManager; | ||
import java.sql.SQLException; | ||
|
||
/** | ||
* Created by Administrator on 2018/1/14/014. | ||
*/ | ||
public class DBUitl { | ||
|
||
private static final String username = "root"; | ||
private static final String password = "root"; | ||
private static final String url = "jdbc:mysql://localhost:3306/db_hibernate"; | ||
|
||
static { | ||
try { | ||
Class.forName("com.mysql.jdbc.Driver"); | ||
|
||
} catch (ClassNotFoundException e) { | ||
e.printStackTrace(); | ||
} | ||
} | ||
|
||
public static Connection getConnection() throws SQLException { | ||
Connection conn = DriverManager.getConnection(url, username, password); | ||
return conn; | ||
} | ||
|
||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
### direct log messages to stdout ### | ||
log4j.appender.stdout=org.apache.log4j.ConsoleAppender | ||
log4j.appender.stdout.Target=System.out | ||
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout | ||
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n | ||
|
||
### direct messages to file hibernate.log ### | ||
#log4j.appender.file=org.apache.log4j.FileAppender | ||
#log4j.appender.file.File=hibernate.log | ||
#log4j.appender.file.layout=org.apache.log4j.PatternLayout | ||
#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n | ||
|
||
### set log levels - for more verbose logging change 'info' to 'debug' ### | ||
|
||
log4j.rootLogger=warn, stdout,info | ||
|
||
#log4j.logger.org.hibernate=info | ||
log4j.logger.org.apache.shiro=debug | ||
log4j.logger.com.zhidi=debug |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
|
||
[main] | ||
#自定义过滤器 | ||
myFilter1 = com.zhidi.filter.MyFilter1 | ||
myFilter2 = com.zhidi.filter.MyFilter2 | ||
|
||
loginRealm = com.zhidi.realm.LoginRealm | ||
securityManager.realm = $loginRealm | ||
|
||
#默认过滤器 | ||
authc.loginUrl = /login.jsp | ||
|
||
[users] | ||
mjj = 123,sysadmin,Guest | ||
|
||
|
||
[roles] | ||
sysadmin = * | ||
|
||
|
||
[urls] | ||
#/index.jsp = myFilter1, myFilter2 | ||
/login.jsp = authc | ||
/user/* = authc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
<?xml version="1.0" encoding="utf-8" ?> | ||
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee | ||
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" | ||
version="3.1"> | ||
|
||
<!--Shiro 1.2或更高版本使用如下配置,该监听器会初始化一个WebEnvironment实例(包含了Shiro中需要执行的任何东西以及SecurityManager) | ||
如果想要在任何时候都可以获取到WebEnvironment实例(实际上是创建的IniWebEnvironment实例,IniWebEnvironment对象读取的是/WEB-INF/shiro.ini文件), | ||
可以通过WebUtils.getRequiredWebEnvironment(servletContext)获取 | ||
--> | ||
<!--如果需要通过自定义WebEnvironment来读取配置,可以将自定义的WebEnvironment设置到EnvironmentLoaderListener中--> | ||
<!--<context-param> | ||
<param-name>shiroEnvironmentClass</param-name> | ||
<param-value>com.zhidi.shiro.MyWebEnvironment</param-value> | ||
</context-param>--> | ||
|
||
<listener> | ||
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> | ||
</listener> | ||
|
||
<!--ShiroFilter会通过WebUtils.getRequiredWebEnvironment(servletContext)获取WebEnvironment实例,来执行所有必要的安全操作--> | ||
<filter> | ||
<filter-name>ShiroFilter</filter-name> | ||
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> | ||
</filter> | ||
|
||
<filter-mapping> | ||
<filter-name>ShiroFilter</filter-name> | ||
<url-pattern>/*</url-pattern> | ||
<dispatcher>REQUEST</dispatcher> | ||
<dispatcher>FORWARD</dispatcher> | ||
<dispatcher>INCLUDE</dispatcher> | ||
<dispatcher>ERROR</dispatcher> | ||
</filter-mapping> | ||
|
||
<!--Shiro 1.1或更早版本--> | ||
<!--<MyFilter1> | ||
<MyFilter1-name>iniShiroFilter</MyFilter1-name> | ||
<MyFilter1-class>org.apache.shiro.web.servlet.IniShiroFilter</MyFilter1-class> | ||
<init-param> | ||
<param-name>configPath</param-name> | ||
<param-value>classpath:xml/shiro.ini</param-value> | ||
</init-param> | ||
</MyFilter1> | ||
<MyFilter1-mapping> | ||
<MyFilter1-name>iniShiroFilter</MyFilter1-name> | ||
<url-pattern>/*</url-pattern> | ||
</MyFilter1-mapping>--> | ||
|
||
</web-app> |
Oops, something went wrong.