《shiro学习(11):servelet实现权限认证二.docx》由会员分享,可在线阅读,更多相关《shiro学习(11):servelet实现权限认证二.docx(14页珍藏版)》请在金锄头文库上搜索。
1、shiro学习(11):servelet实现权限认证二工具idea先看看数据库shiro_role_permission数据shiro_usershiro_user_role数据在pom.xml里面添加 org.apache.shiro shiro-web 1.2.3 javax.servlet javax.servlet-api 3.0.1 provided 看看目录结构shiro-web.iniusersroot = secret,adminguest = guest,guesttest = 123456,guest,testrolesadmin = *guest=user:listtes
2、t=menu:list,menu:addurls/login.html=anon/index.html=authc/role.html=authc,rolesadmin/menu/*=authc,rolesadmin,permsmenu:*com.javawebIndexServletpackage com.javaweb;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.UsernamePasswor
3、dToken;import org.apache.shiro.subject.Subject;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;WebServlet(name
4、= indexServlet,urlPatterns = /index.html)public class IndexServlet extends HttpServlet Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException this.doPost(req,resp); Override protected void doPost(HttpServletRequest req, HttpServletRespons
5、e resp) throws ServletException, IOException req.getRequestDispatcher(/index.jsp).forward(req, resp); LoginSevletpackage com.javaweb;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro
6、.subject.Subject;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;WebServlet(name = loginServlet,urlPatterns = /
7、login.html)public class LoginServlet extends HttpServlet Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException this.doPost(req,resp); Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletExceptio
8、n, IOException String username=req.getParameter(username); String password=req.getParameter(password); Subject subject= SecurityUtils.getSubject(); UsernamePasswordToken token=new UsernamePasswordToken(username,password); try subject.login(token); resp.sendRedirect(/index.html); catch (Authenticatio
9、nException e) e.printStackTrace(); req.setAttribute(error,用户名或者密码错误); req.getRequestDispatcher(/login.jsp).forward(req,resp); logoutServletpackage com.javaweb;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.UsernamePasswordTok
10、en;import org.apache.shiro.subject.Subject;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;WebServlet(name = Lo
11、goutServlet,urlPatterns = /logout.html)public class LogoutServlet extends HttpServlet Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException this.doPost(req,resp); Override protected void doPost(HttpServletRequest req, HttpServletResponse
12、 resp) throws ServletException, IOException Subject subject = SecurityUtils.getSubject(); subject.logout(); req.getRequestDispatcher(/login.jsp).forward(req,resp); RoleServltpackage com.javaweb;import org.apache.shiro.SecurityUtils;import org.apache.shiro.subject.Subject;import javax.servlet.Servlet
13、Exception;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;WebServlet(name = RoleServlet,urlPatterns = /role.html)public class RoleServlet extends HttpServlet Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException this.doPost(req,resp); Override protected void doPost(HttpServletRequest req, HttpServletResp
