shiro的hello world
2016-04-03 22:04
246 查看
shiro 安全框架小型而且来说很好用,想比较spring的安全security来讲要简单很多,当然 看开涛老师的博客也能学到很多,当然看海涛老师的博客,个人觉得还是比较乱,当然当你熟悉了shiro在查看开涛老师的shiro进行手册似的查看我觉得非常nice,这里我是参照官方文档搭建的第一个demo,万事开头难,第一hello world运行起来
本项目以Maven进行构建 pom.xml
第一步:引入shiro的依赖
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.ksea.shiro</groupId>
<artifactId>shiro-web</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>shiro-web Maven Webapp</name>
<url>http://maven.apache.org</url>
<properties>
<shiro.version>1.2.4</shiro.version>
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>1.7.5</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.0.13</version>
<scope>runtime</scope>
</dependency>
<!-- Shiro dependencies: -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>shiro-web</finalName>
</build>
</project>
第二步:建立 shiro.ini 这个shiro 官网有说明,其内容以下
[main]
shiro.loginUrl = /login
[users]
zs=123
ls=123
[urls]
/admin/** = authc
/logout = logout
第三步:web.xml中配置shiro的监听
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>org.ksea.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
</web-app>
第四步:我这里是用servlet写的
package org.ksea.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/page/login.jsp").forward(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username=request.getParameter("username");
String pwd=request.getParameter("pwd");
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken upt= new UsernamePasswordToken(username, pwd);
String errMsg=null;
try {
subject.login(upt);
} catch ( UnknownAccountException uae ) {
//此处表示用户名错误
errMsg="该用户不存在!";
} catch ( IncorrectCredentialsException ice ) {
//密码错误
errMsg="该用户密码错误!";
}
catch ( AuthenticationException ae ) {
errMsg="其他错误:"+ae;
}
if(errMsg!=null){
//说明用户验证未能通过
request.setAttribute("errMsg", errMsg);
request.getRequestDispatcher("/WEB-INF/page/login.jsp").forward(request, response);
}else{
String ctx=request.getServletContext().getContextPath();
response.sendRedirect(ctx+"/index.jsp");
}
}
}
这个运行就是一个非常简单的shiro的安全登陆验证 其源码在:https://github.com/ksea55/kseaGitRepository.git
本项目以Maven进行构建 pom.xml
第一步:引入shiro的依赖
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.ksea.shiro</groupId>
<artifactId>shiro-web</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>shiro-web Maven Webapp</name>
<url>http://maven.apache.org</url>
<properties>
<shiro.version>1.2.4</shiro.version>
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>1.7.5</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.0.13</version>
<scope>runtime</scope>
</dependency>
<!-- Shiro dependencies: -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>shiro-web</finalName>
</build>
</project>
第二步:建立 shiro.ini 这个shiro 官网有说明,其内容以下
[main]
shiro.loginUrl = /login
[users]
zs=123
ls=123
[urls]
/admin/** = authc
/logout = logout
第三步:web.xml中配置shiro的监听
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>org.ksea.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
</web-app>
第四步:我这里是用servlet写的
package org.ksea.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/page/login.jsp").forward(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username=request.getParameter("username");
String pwd=request.getParameter("pwd");
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken upt= new UsernamePasswordToken(username, pwd);
String errMsg=null;
try {
subject.login(upt);
} catch ( UnknownAccountException uae ) {
//此处表示用户名错误
errMsg="该用户不存在!";
} catch ( IncorrectCredentialsException ice ) {
//密码错误
errMsg="该用户密码错误!";
}
catch ( AuthenticationException ae ) {
errMsg="其他错误:"+ae;
}
if(errMsg!=null){
//说明用户验证未能通过
request.setAttribute("errMsg", errMsg);
request.getRequestDispatcher("/WEB-INF/page/login.jsp").forward(request, response);
}else{
String ctx=request.getServletContext().getContextPath();
response.sendRedirect(ctx+"/index.jsp");
}
}
}
这个运行就是一个非常简单的shiro的安全登陆验证 其源码在:https://github.com/ksea55/kseaGitRepository.git
相关文章推荐
- LeetCode OJ刷题历程——Majority Element
- 局域网的概括
- 10.字符设备控制学习
- CentOS 7.1编译安装PHP7
- linux网络
- HDU 1114 Piggy-Bank(完全背包/二进制压缩orO(V*N)算法)
- 数据结构实验2-1
- [Queue]——面向接口编程
- 3.0-saltstack几个常用的命令
- 实体类和JSON对象之间相互转化
- 一道有趣的数学题
- 2.9-saltstack管理任务计划
- KNN算法 C++实现
- 2.8-saltstack远程执行shell脚本
- Cassandra教程(6)---- Snitch
- 一种可以避免数据迁移的分库分表scale-out扩容方式
- workbench导入 非agdb格式文件,拉伸时无imprint faces 这一项问题解决方法
- gcc命令
- 【转】java代码中实现android背景选择的selector-StateListDrawable的应用
- 2.7-saltstack远程执行命令