SpringBoot 2.0 集成 Shiro

学习了一下Shrio,简单的做一下笔记

推荐三篇文章,有需要可以看看:

30分钟学会如何使用Shiro

SpringBoot2.0集成Shiro

SpringBoot整合Shiro,通过用户、角色、权限三者关联实现权限管理

Shiro 关于

Apache Shiro 是一个强大易用的 Java 安全框架,提供了认证、授权、加密和会话管理等功能,对于任何一个应用程序,Shiro 都可以提供全面的安全管理服务。相比较 Spring Security,Shiro 要小巧、简单的多。

一、准备

本文使用的SpringBoot + MyBatis + thymeleaf

先看看项目结构

SpringBoot 2.0 集成 Shiro

SpringBoot 2.0 集成 Shiro

1.pom.xml

<dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.4.1</version>
        </dependency>

        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.1</version>
        </dependency>

        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>druid</artifactId>
            <version>1.1.16</version>
        </dependency>

值贴出来关键依赖,其他可自行Maven

2.数据库 sql

-- 权限表--
CREATE TABLE permission(
  pid INT(11) NOT NULL AUTO_INCREMENT,
  name VARCHAR(255) NOT NULL DEFAULT '',
  url VARCHAR (255) DEFAULT '',
  PRIMARY KEY (pid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8;

INSERT INTO permission VALUES ('1','add','');
INSERT INTO permission VALUES ('2','delete','');
INSERT INTO permission VALUES ('3','edit','');
INSERT INTO permission VALUES ('4','query','');


-- 用户表 --
CREATE TABLE user(
  uid INT(11) NOT NULL AUTO_INCREMENT,
  username VARCHAR(255) NOT NULL DEFAULT '',
  password VARCHAR(255) NOT NULL DEFAULT '',
  PRIMARY KEY (uid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8;


INSERT INTO user VALUES ('1','admin','123');
INSERT INTO user VALUES ('2','demo','123');



-- 角色表 --
CREATE TABLE role(
  rid INT(11) NOT NULL AUTO_INCREMENT,
  rname VARCHAR(255) NOT NULL DEFAULT '',
  PRIMARY KEY (rid)
) ENGINE=  InnoDB DEFAULT CHARSET = utf8;

INSERT INTO role VALUES ('1','admin');
INSERT INTO role VALUES ('2','customer');


-- 权限 角色 关系表 --
CREATE TABLE permission_role(
  rid INT(11) NOT NULL,
  pid INT(11) NOT NULL,
  KEY idx_rid (rid),
  KEY idx_pid(pid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8;


INSERT INTO permission_role VALUES ('1','1');
INSERT INTO permission_role VALUES ('1','2');
INSERT INTO permission_role VALUES ('1','3');
INSERT INTO permission_role VALUES ('1','4');

INSERT INTO permission_role VALUES ('2','1');
INSERT INTO permission_role VALUES ('2','4');

-- 用户 角色 关系表 --
CREATE TABLE user_role(
  uid INT(11) NOT NULL,
  rid INT(11) NOT NULL,
  KEY idx_uid (uid),
  KEY idx_rid (rid)
) ENGINE = InnoDB DEFAULT CHARSET = utf8;

INSERT INTO user_role VALUES ('1','1');
INSERT INTO user_role VALUES ('2','2');

二、基础代码(Model,Dao和Service层)

1.Model 实体

User.java

package com.scitc.shiro.model;

import java.util.HashSet;
import java.util.Set;

public class User {
    private Integer uid;
    private String username;
    private String  password;
    private Set<Role> roles = new HashSet<>();

    public Integer getUid() {
        return uid;
    }

    public void setUid(Integer uid) {
        this.uid = uid;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public Set<Role> getRoles() {
        return roles;
    }

    public void setRoles(Set<Role> roles) {
        this.roles = roles;
    }

    @Override
    public String toString() {
        return "User{" +
                "uid=" + uid +
                ", username='" + username + '/'' +
                ", password='" + password + '/'' +
                ", roles=" + roles +
                '}';
    }
}

Role.java

package com.scitc.shiro.model;

import java.util.HashSet;
import java.util.Set;

public class Role {
    private Integer rid;
    private String rname;
    private Set<Permission>  permissions = new HashSet<>();
    private Set<User> users =  new HashSet<>();

    public Integer getRid() {
        return rid;
    }

    public void setRid(Integer rid) {
        this.rid = rid;
    }

    public String getRname() {
        return rname;
    }

    public void setRname(String rname) {
        this.rname = rname;
    }

    public Set<Permission> getPermissions() {
        return permissions;
    }

    public void setPermissions(Set<Permission> permissions) {
        this.permissions = permissions;
    }

    public Set<User> getUsers() {
        return users;
    }

    public void setUsers(Set<User> users) {
        this.users = users;
    }

    @Override
    public String toString() {
        return "Role{" +
                "rid=" + rid +
                ", rname='" + rname + '/'' +
                ", permissions=" + permissions +
                ", users=" + users +
                '}';
    }
}

Permission.java

package com.scitc.shiro.model;

public class Permission {

    private Integer pid;
    private  String name;
    private String url;

    public Integer getPid() {
        return pid;
    }

    public void setPid(Integer pid) {
        this.pid = pid;
    }

    public String getName() {
        return name;
    }

    public void setName(String name) {
        this.name = name;
    }

    public String getUrl() {
        return url;
    }

    public void setUrl(String url) {
        this.url = url;
    }

    @Override
    public String toString() {
        return "Permission{" +
                "pid=" + pid +
                ", name='" + name + '/'' +
                ", url='" + url + '/'' +
                '}';
    }
}

2.mapper

UserMapper.java

public interface UserMapper {
   User findByUsername(@Param("username") String username);
}

UserMapper.xml

<?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE mapper
            PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
            "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
    <mapper namespace="com.scitc.shiro.mapper.UserMapper">
    
        <resultMap id="userMap" type="com.scitc.shiro.model.User">
            <id column="uid" property="uid"/>
            <result column="username" property="username"/>
            <result column="password" property="password"/>
            <collection property="roles" ofType="com.scitc.shiro.model.Role">
                <id column="rid" property="rid"/>
                <result column="rname" property="rname"/>
                <collection property="permissions" ofType="com.scitc.shiro.model.Permission">
                    <id column="pid" property="pid"/>
                    <result column="name" property="name"/>
                    <result column="url" property="url"/>
                </collection>
            </collection>
        </resultMap>
    
        <select id="findByUsername" parameterType="String" resultMap="userMap">
          SELECT u.*,r.*,p.*
          FROM user u
            INNER JOIN user_role ur ON ur.uid  = u.uid
            INNER JOIN role r ON r.rid=  ur.rid
            INNER JOIN permission_role pr ON pr.rid = r.rid
            INNER JOIN permission p ON pr.pid = p.pid
          WHERE u.username = #{username}
        </select>
    </mapper>
    
    //用户表--->用户角色表--->角色表--->角色权限表--->权限表

UserService.java

public interface UserService {
    User  findByUsername(String username);
}

UserServiceImpl.java

@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserMapper userMapper;
    @Override
    public User findByUsername(String username) {
       return userMapper.findByUsername(username);
    }
}

原文 

https://segmentfault.com/a/1190000020248665

本站部分文章源于互联网,本着传播知识、有益学习和研究的目的进行的转载,为网友免费提供。如有著作权人或出版方提出异议,本站将立即删除。如果您对文章转载有任何疑问请告之我们,以便我们及时纠正。

PS:推荐一个微信公众号: askHarries 或者qq群:474807195,里面会分享一些资深架构师录制的视频录像:有Spring,MyBatis,Netty源码分析,高并发、高性能、分布式、微服务架构的原理,JVM性能优化这些成为架构师必备的知识体系。还能领取免费的学习资源,目前受益良多

转载请注明原文出处:Harries Blog™ » SpringBoot 2.0 集成 Shiro

赞 (0)
分享到:更多 ()

评论 0

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址