test/shiroSpringBootLearn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

实现对特定角色和特定路径拦截

Browse Source
This commit is contained in:
fjy8018@qq.com
2018-07-06 15:44:45 +08:00
parent 14bdaf5989
commit 0be0ccf113
11 changed files with 226 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
sql.sql
View File

@@ -1,7 +1,10 @@
DROP DATABASE db_shiroTest;
GRANT ALL ON db_shiroTest.* TO trs@localhost IDENTIFIED BY 'shiro';
flush privileges;
CREATE DATABASE IF NOT EXISTS db_shiroTest DEFAULT CHARSET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL ON db_shiroTest.* TO trs@localhost
IDENTIFIED BY 'shiro';
FLUSH PRIVILEGES;
CREATE DATABASE IF NOT EXISTS db_shiroTest
DEFAULT CHARSET utf8mb4
COLLATE utf8mb4_general_ci;
USE db_shiroTest;
-- 权限表 --
CREATE TABLE permission (
@@ -9,7 +12,9 @@ CREATE TABLE permission (
name VARCHAR(255) NOT NULL DEFAULT '',
url VARCHAR(255) DEFAULT '',
PRIMARY KEY (pid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
)
ENGINE = InnoDB
DEFAULT CHARSET = utf8mb4;
-- 用户表 --
CREATE TABLE user (
@@ -17,14 +22,18 @@ CREATE TABLE user (
username VARCHAR(255) NOT NULL DEFAULT '',
password VARCHAR(255) NOT NULL DEFAULT '',
PRIMARY KEY (uid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
)
ENGINE = InnoDB
DEFAULT CHARSET = utf8mb4;
-- 角色表 --
CREATE TABLE role (
rid INT(11) NOT NULL AUTO_INCREMENT,
rname VARCHAR(255) NOT NULL DEFAULT '',
PRIMARY KEY (rid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
)
ENGINE = InnoDB
DEFAULT CHARSET = utf8mb4;
-- 权限角色关系表 --
CREATE TABLE permission_role (
@@ -32,7 +41,9 @@ CREATE TABLE permission_role (
pid INT(11) NOT NULL,
CONSTRAINT FK_prid FOREIGN KEY (rid) REFERENCES role (rid),
CONSTRAINT FK_pid FOREIGN KEY (pid) REFERENCES permission (pid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
)
ENGINE = InnoDB
DEFAULT CHARSET = utf8mb4;
-- 用户角色关系表 --
CREATE TABLE user_role (
@@ -40,7 +51,9 @@ CREATE TABLE user_role (
uid INT(11) NOT NULL,
CONSTRAINT FK_urid FOREIGN KEY (rid) REFERENCES role (rid),
CONSTRAINT FK_uid FOREIGN KEY (uid) REFERENCES user (uid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
)
ENGINE = InnoDB
DEFAULT CHARSET = utf8mb4;
-- 初始化数据 --
INSERT INTO permission (pid, name, url) VALUE ('1', 'add', '');
@@ -68,7 +81,10 @@ INSERT INTO permission_role (rid, pid) VALUE ('3','4');
INSERT INTO user_role (rid, uid) VALUE ('1', '1');
INSERT INTO user_role (rid, uid) VALUE ('2', '2');
SELECT u.*,r.*,p.*
SELECT
u.*,
r.*,
p.*
FROM user u
INNER JOIN user_role ur ON ur.uid = u.uid
INNER JOIN role r ON ur.uid = r.rid

12
src/main/java/top/fjy8018/shiro/config/ShiroConfiguration.java
View File

@@ -15,6 +15,7 @@ import java.util.LinkedHashMap;
/**
* shiro核心配置
*
* @author F嘉阳
* @date 2018/7/6 10:29
*/
@@ -37,6 +38,13 @@ public class ShiroConfiguration {
filterChainDefinitionMap.put("/index", "authc");
// 登录页无需拦截anon即匿名访问
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/doLogin","anon");
// 指定页面只能给指定用户访问校验角色名称类org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
filterChainDefinitionMap.put("/admin","roles[admin]");
// 用户登录后可以访问所有接口
filterChainDefinitionMap.put("/**", "user");
bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
@@ -54,6 +62,7 @@ public class ShiroConfiguration {
/**
* 自定义的Realm
*
* @param matcher
* @return
*/
@@ -66,6 +75,7 @@ public class ShiroConfiguration {
/**
* 自定义密码校验规则
*
* @return
*/
@Bean("credentialsMatcher")
@@ -75,6 +85,7 @@ public class ShiroConfiguration {
/**
* 配置spring与shiro关联指定spring使用的SecurityManager为自定义的SecurityManager
*
* @param securityManager
* @return
*/
@@ -88,6 +99,7 @@ public class ShiroConfiguration {
/**
* 代理所有servlet的过滤器链
*
* @return
*/
@Bean

9
src/main/java/top/fjy8018/shiro/controller/LoginController.java
View File

@@ -40,4 +40,13 @@ public class LoginController {
return "login";
}
}
@RequestMapping("/logout")
public String logout() {
Subject subject = SecurityUtils.getSubject();
if (subject != null) {
subject.logout();
}
return "login";
}
}

9
src/main/java/top/fjy8018/shiro/controller/NavController.java
View File

@@ -2,9 +2,11 @@ package top.fjy8018.shiro.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
/**
* 页面导航
*
* @author F嘉阳
* @date 2018/7/6 10:57
*/
@@ -15,4 +17,11 @@ public class NavController {
public String index() {
return "index";
}
@RequestMapping("/admin")
@ResponseBody
public String admin() {
return "admin success";
}
}

1
src/main/java/top/fjy8018/shiro/credentials/CredentialsMatcher.java
View File

@@ -7,6 +7,7 @@ import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
/**
* 自定义校验规则
*
* @author F嘉阳
* @date 2018/7/6 10:25
*/

1
src/main/java/top/fjy8018/shiro/form/LoginForm.java
View File

@@ -4,6 +4,7 @@ import lombok.Data;
/**
* 登录表单
*
* @author F嘉阳
* @date 2018/7/6 10:59
*/

5
src/main/java/top/fjy8018/shiro/realm/AuthRealm.java
View File

@@ -27,6 +27,7 @@ public class AuthRealm extends AuthorizingRealm {
/**
* shiro登录成功后的授权方法
*
* @param principalCollection
* @return
*/
@@ -36,10 +37,12 @@ public class AuthRealm extends AuthorizingRealm {
User user = (User) principalCollection.fromRealm(this.getClass().getName()).iterator().next();
List<String> permissionList = new ArrayList<>();
List<String> roleList = new ArrayList<>();
Set<Role> roleSet = user.getRoles();
// 取角色
if (CollectionUtils.isNotEmpty(roleSet)) {
for (Role role : roleSet) {
roleList.add(role.getRname());
// 取权限
Set<Permission> permissionSet = role.getPermissions();
if (CollectionUtils.isNotEmpty(permissionSet)) {
@@ -52,12 +55,14 @@ public class AuthRealm extends AuthorizingRealm {
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addStringPermissions(permissionList);
info.addRoles(roleList);
return info;
}
/**
* 认证登录
*
* @param authenticationToken
* @return
* @throws AuthenticationException