学习了一下Shrio,简单的做一下笔记
推荐三篇文章,有需要可以看看:
30分钟学会如何使用Shiro
SpringBoot2.0集成Shiro
SpringBoot整合Shiro,通过用户、角色、权限三者关联实现权限管理
Shiro 关于
Apache Shiro 是一个强大易用的 Java 安全框架,提供了认证、授权、加密和会话管理等功能,对于任何一个应用程序,Shiro 都可以提供全面的安全管理服务。相比较 Spring Security,Shiro 要小巧、简单的多。
一、准备
本文使用的SpringBoot + MyBatis + thymeleaf
先看看项目结构
1.pom.xml
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.1</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.1</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.16</version> </dependency>
值贴出来关键依赖,其他可自行Maven
2.数据库 sql
-- 权限表-- CREATE TABLE permission( pid INT(11) NOT NULL AUTO_INCREMENT, name VARCHAR(255) NOT NULL DEFAULT '', url VARCHAR (255) DEFAULT '', PRIMARY KEY (pid) ) ENGINE = InnoDB DEFAULT CHARSET = utf8; INSERT INTO permission VALUES ('1','add',''); INSERT INTO permission VALUES ('2','delete',''); INSERT INTO permission VALUES ('3','edit',''); INSERT INTO permission VALUES ('4','query',''); -- 用户表 -- CREATE TABLE user( uid INT(11) NOT NULL AUTO_INCREMENT, username VARCHAR(255) NOT NULL DEFAULT '', password VARCHAR(255) NOT NULL DEFAULT '', PRIMARY KEY (uid) ) ENGINE = InnoDB DEFAULT CHARSET = utf8; INSERT INTO user VALUES ('1','admin','123'); INSERT INTO user VALUES ('2','demo','123'); -- 角色表 -- CREATE TABLE role( rid INT(11) NOT NULL AUTO_INCREMENT, rname VARCHAR(255) NOT NULL DEFAULT '', PRIMARY KEY (rid) ) ENGINE= InnoDB DEFAULT CHARSET = utf8; INSERT INTO role VALUES ('1','admin'); INSERT INTO role VALUES ('2','customer'); -- 权限 角色 关系表 -- CREATE TABLE permission_role( rid INT(11) NOT NULL, pid INT(11) NOT NULL, KEY idx_rid (rid), KEY idx_pid(pid) ) ENGINE = InnoDB DEFAULT CHARSET = utf8; INSERT INTO permission_role VALUES ('1','1'); INSERT INTO permission_role VALUES ('1','2'); INSERT INTO permission_role VALUES ('1','3'); INSERT INTO permission_role VALUES ('1','4'); INSERT INTO permission_role VALUES ('2','1'); INSERT INTO permission_role VALUES ('2','4'); -- 用户 角色 关系表 -- CREATE TABLE user_role( uid INT(11) NOT NULL, rid INT(11) NOT NULL, KEY idx_uid (uid), KEY idx_rid (rid) ) ENGINE = InnoDB DEFAULT CHARSET = utf8; INSERT INTO user_role VALUES ('1','1'); INSERT INTO user_role VALUES ('2','2');
二、基础代码(Model,Dao和Service层)
1.Model 实体
User.java
package com.scitc.shiro.model;
import java.util.HashSet;
import java.util.Set;
public class User {
private Integer uid;
private String username;
private String password;
private Set<Role> roles = new HashSet<>();
public Integer getUid() {
return uid;
}
public void setUid(Integer uid) {
this.uid = uid;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Set<Role> getRoles() {
return roles;
}
public void setRoles(Set<Role> roles) {
this.roles = roles;
}
@Override
public String toString() {
return "User{" +
"uid=" + uid +
", username='" + username + '/'' +
", password='" + password + '/'' +
", roles=" + roles +
'}';
}
}
Role.java
package com.scitc.shiro.model; import java.util.HashSet; import java.util.Set; public class Role { private Integer rid; private String rname; private Set<Permission> permissions = new HashSet<>(); private Set<User> users = new HashSet<>(); public Integer getRid() { return rid; } public void setRid(Integer rid) { this.rid = rid; } public String getRname() { return rname; } public void setRname(String rname) { this.rname = rname; } public Set<Permission> getPermissions() { return permissions; } public void setPermissions(Set<Permission> permissions) { this.permissions = permissions; } public Set<User> getUsers() { return users; } public void setUsers(Set<User> users) { this.users = users; } @Override public String toString() { return "Role{" + "rid=" + rid + ", rname='" + rname + '/'' + ", permissions=" + permissions + ", users=" + users + '}'; } }
Permission.java
package com.scitc.shiro.model; public class Permission { private Integer pid; private String name; private String url; public Integer getPid() { return pid; } public void setPid(Integer pid) { this.pid = pid; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getUrl() { return url; } public void setUrl(String url) { this.url = url; } @Override public String toString() { return "Permission{" + "pid=" + pid + ", name='" + name + '/'' + ", url='" + url + '/'' + '}'; } }
2.mapper
UserMapper.java
public interface UserMapper {
User findByUsername(@Param("username") String username);
}
UserMapper.xml
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.scitc.shiro.mapper.UserMapper"> <resultMap id="userMap" type="com.scitc.shiro.model.User"> <id column="uid" property="uid"/> <result column="username" property="username"/> <result column="password" property="password"/> <collection property="roles" ofType="com.scitc.shiro.model.Role"> <id column="rid" property="rid"/> <result column="rname" property="rname"/> <collection property="permissions" ofType="com.scitc.shiro.model.Permission"> <id column="pid" property="pid"/> <result column="name" property="name"/> <result column="url" property="url"/> </collection> </collection> </resultMap> <select id="findByUsername" parameterType="String" resultMap="userMap"> SELECT u.*,r.*,p.* FROM user u INNER JOIN user_role ur ON ur.uid = u.uid INNER JOIN role r ON r.rid= ur.rid INNER JOIN permission_role pr ON pr.rid = r.rid INNER JOIN permission p ON pr.pid = p.pid WHERE u.username = #{username} </select> </mapper> //用户表--->用户角色表--->角色表--->角色权限表--->权限表
UserService.java
public interface UserService { User findByUsername(String username); }
UserServiceImpl.java
@Service public class UserServiceImpl implements UserService { @Autowired private UserMapper userMapper; @Override public User findByUsername(String username) { return userMapper.findByUsername(username); } }
原文
https://segmentfault.com/a/1190000020248665
本站部分文章源于互联网,本着传播知识、有益学习和研究的目的进行的转载,为网友免费提供。如有著作权人或出版方提出异议,本站将立即删除。如果您对文章转载有任何疑问请告之我们,以便我们及时纠正。PS:推荐一个微信公众号: askHarries 或者qq群:474807195,里面会分享一些资深架构师录制的视频录像:有Spring,MyBatis,Netty源码分析,高并发、高性能、分布式、微服务架构的原理,JVM性能优化这些成为架构师必备的知识体系。还能领取免费的学习资源,目前受益良多

转载请注明原文出处:Harries Blog™ » SpringBoot 2.0 集成 Shiro