shiro教程-第十六章

pom.xml

@@ -25,6 +25,7 @@
         <module>shiro-example-chapter15-server</module>
         <module>shiro-example-chapter15-client</module>
         <module>shiro-example-chapter17</module>
+        <module>shiro-example-chapter16-server</module>
     </modules>
 
 

shiro-example-chapter16-server/pom.xml

@@ -0,0 +1,157 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+        <artifactId>shiro-example</artifactId>
+        <groupId>com.github.zhangkaitao</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>shiro-example-chapter16-server</artifactId>
+    <packaging>war</packaging>
+    <name>shiro-example-chapter16-server</name>
+    <url>http://maven.apache.org</url>
+    <dependencies>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>3.8.1</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.oltu.oauth2</groupId>
+            <artifactId>org.apache.oltu.oauth2.common</artifactId>
+            <version>0.31</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.oltu.oauth2</groupId>
+            <artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
+            <version>0.31</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.oltu.oauth2</groupId>
+            <artifactId>org.apache.oltu.oauth2.resourceserver</artifactId>
+            <version>0.31</version>
+        </dependency>
+
+
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>3.0.1</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet.jsp</groupId>
+            <artifactId>jsp-api</artifactId>
+            <version>2.2</version>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>jstl</artifactId>
+            <version>1.2</version>
+        </dependency>
+
+
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>1.2.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-ehcache</artifactId>
+            <version>1.2.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-web</artifactId>
+            <version>1.2.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-quartz</artifactId>
+            <version>1.2.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-spring</artifactId>
+            <version>1.2.2</version>
+        </dependency>
+
+
+        <!-- aspectj相关jar包-->
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjrt</artifactId>
+            <version>1.7.4</version>
+        </dependency>
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjweaver</artifactId>
+            <version>1.7.4</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+            <version>4.0.0.RELEASE</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-jdbc</artifactId>
+            <version>4.0.0.RELEASE</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-tx</artifactId>
+            <version>4.0.0.RELEASE</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-webmvc</artifactId>
+            <version>4.0.0.RELEASE</version>
+        </dependency>
+
+        <!--jackson -->
+        <dependency>
+            <groupId>com.fasterxml.jackson.core</groupId>
+            <artifactId>jackson-databind</artifactId>
+            <version>2.2.3</version>
+        </dependency>
+
+    </dependencies>
+    <build>
+        <finalName>chapter16-server</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.mortbay.jetty</groupId>
+                <artifactId>jetty-maven-plugin</artifactId>
+                <version>8.1.8.v20121106</version>
+                <configuration>
+                    <webAppConfig>
+                        <contextPath>/${project.build.finalName}</contextPath>
+                    </webAppConfig>
+                </configuration>
+            </plugin>
+
+
+            <plugin>
+                <groupId>org.apache.tomcat.maven</groupId>
+                <artifactId>tomcat7-maven-plugin</artifactId>
+                <version>2.2</version>
+                <configuration>
+                    <path>/${project.build.finalName}</path>
+                </configuration>
+
+            </plugin>
+        </plugins>
+
+
+    </build>
+</project>

shiro-example-chapter16-server/src/main/java/com/github/zhangkaitao/shiro/chapter16/Constants.java

@@ -0,0 +1,12 @@
+package com.github.zhangkaitao.shiro.chapter16;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-2-17
+ * <p>Version: 1.0
+ */
+public class Constants {
+
+    public static String RESOURCE_SERVER_NAME = "resource";
+    public static final String ACCESS_TOKEN_VALID = "access_token_valid";
+}

shiro-example-chapter16-server/src/main/java/com/github/zhangkaitao/shiro/chapter16/credentials/RetryLimitHashedCredentialsMatcher.java

@@ -0,0 +1,46 @@
+package com.github.zhangkaitao.shiro.chapter16.credentials;
+
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.ExcessiveAttemptsException;
+import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+import org.apache.shiro.cache.Cache;
+import org.apache.shiro.cache.CacheManager;
+
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-1-28
+ * <p>Version: 1.0
+ */
+public class RetryLimitHashedCredentialsMatcher extends HashedCredentialsMatcher {
+
+    private Cache<String, AtomicInteger> passwordRetryCache;
+
+    public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) {
+        passwordRetryCache = cacheManager.getCache("passwordRetryCache");
+    }
+
+    @Override
+    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
+        String username = (String)token.getPrincipal();
+        //retry count + 1
+        AtomicInteger retryCount = passwordRetryCache.get(username);
+        if(retryCount == null) {
+            retryCount = new AtomicInteger(0);
+            passwordRetryCache.put(username, retryCount);
+        }
+        if(retryCount.incrementAndGet() > 5) {
+            //if retry count > 5 throw
+            throw new ExcessiveAttemptsException();
+        }
+
+        boolean matches = super.doCredentialsMatch(token, info);
+        if(matches) {
+            //clear retry count
+            passwordRetryCache.remove(username);
+        }
+        return matches;
+    }
+}

shiro-example-chapter16-server/src/main/java/com/github/zhangkaitao/shiro/chapter16/dao/ClientDao.java

@@ -0,0 +1,24 @@
+package com.github.zhangkaitao.shiro.chapter16.dao;
+
+import com.github.zhangkaitao.shiro.chapter16.entity.Client;
+
+import java.util.List;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-1-28
+ * <p>Version: 1.0
+ */
+public interface ClientDao {
+
+    public Client createClient(Client client);
+    public Client updateClient(Client client);
+    public void deleteClient(Long clientId);
+
+    Client findOne(Long clientId);
+
+    List<Client> findAll();
+
+    Client findByClientId(Long clientId);
+
+}

shiro-example-chapter16-server/src/main/java/com/github/zhangkaitao/shiro/chapter16/dao/ClientDaoImpl.java

@@ -0,0 +1,86 @@
+package com.github.zhangkaitao.shiro.chapter16.dao;
+
+import com.github.zhangkaitao.shiro.chapter16.entity.Client;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.jdbc.core.PreparedStatementCreator;
+import org.springframework.jdbc.support.GeneratedKeyHolder;
+import org.springframework.stereotype.Repository;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.SQLException;
+import java.util.List;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-1-28
+ * <p>Version: 1.0
+ */
+@Repository
+public class ClientDaoImpl implements ClientDao {
+
+    @Autowired
+    private JdbcTemplate jdbcTemplate;
+
+    public Client createClient(final Client client) {
+        final String sql = "insert into oauth2_client(client_name, client_id, client_secret) values(?,?,?)";
+
+        GeneratedKeyHolder keyHolder = new GeneratedKeyHolder();
+        jdbcTemplate.update(new PreparedStatementCreator() {
+            @Override
+            public PreparedStatement createPreparedStatement(Connection connection) throws SQLException {
+                PreparedStatement psst = connection.prepareStatement(sql, new String[]{"id"});
+                int count = 1;
+                psst.setString(count++, client.getClientName());
+                psst.setString(count++, client.getClientId());
+                psst.setString(count++, client.getClientSecret());
+                return psst;
+            }
+        }, keyHolder);
+
+        client.setId(keyHolder.getKey().longValue());
+        return client;
+    }
+
+    public Client updateClient(Client client) {
+        String sql = "update oauth2_client set client_name=?, client_id=?, client_secret=? where id=?";
+        jdbcTemplate.update(
+                sql,
+                client.getClientName(), client.getClientId(), client.getClientSecret());
+        return client;
+    }
+
+    public void deleteClient(Long clientId) {
+        String sql = "delete from oauth2_client where id=?";
+        jdbcTemplate.update(sql, clientId);
+    }
+
+    @Override
+    public Client findOne(Long clientId) {
+        String sql = "select id, client_name, client_id, client_secret from oauth2_client where id=?";
+        List<Client> clientList = jdbcTemplate.query(sql, new BeanPropertyRowMapper(Client.class), clientId);
+        if(clientList.size() == 0) {
+            return null;
+        }
+        return clientList.get(0);
+    }
+
+    @Override
+    public List<Client> findAll() {
+        String sql = "select id, client_name, client_id, client_secret from oauth2_client";
+        return jdbcTemplate.query(sql, new BeanPropertyRowMapper(Client.class));
+    }
+
+
+    @Override
+    public Client findByClientId(Long clientId) {
+        String sql = "select id, client_name, client_id, client_secret from oauth2_client where client_id=?";
+        List<Client> clientList = jdbcTemplate.query(sql, new BeanPropertyRowMapper(Client.class), clientId);
+        if(clientList.size() == 0) {
+            return null;
+        }
+        return clientList.get(0);
+    }
+}

shiro-example-chapter16-server/src/main/java/com/github/zhangkaitao/shiro/chapter16/dao/UserDao.java

@@ -0,0 +1,24 @@
+package com.github.zhangkaitao.shiro.chapter16.dao;
+
+import com.github.zhangkaitao.shiro.chapter16.entity.User;
+
+import java.util.List;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-1-28
+ * <p>Version: 1.0
+ */
+public interface UserDao {
+
+    public User createUser(User user);
+    public User updateUser(User user);
+    public void deleteUser(Long userId);
+
+    User findOne(Long userId);
+
+    List<User> findAll();
+
+    User findByUsername(String username);
+
+}