工具idea

先看看數據庫

shiro_role_permission

數據

shiro_user

shiro_user_role

數據

在pom.xml里面添加

<dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-web</artifactId><version>1.2.3</version></dependency><dependency><groupId>javax.servlet</groupId><artifactId>javax.servlet-api</artifactId><version>3.0.1</version><scope>provided</scope></dependency>

看看目錄結構

shiro-web.ini

[users] root = secret,admin guest = guest,guest test = 123456,guest,test[roles] admin = * guest=user:list test=menu:list,menu:add[urls] /login.html=anon /index.html=authc /role.html=authc,roles[admin] /menu/**=authc,roles[admin],perms[menu：*]

com.javaweb

IndexServlet

package com.javaweb;import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject;import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebServlet(name = "indexServlet",urlPatterns = "/index.html") public class IndexServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doPost(req,resp);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {req.getRequestDispatcher("/index.jsp").forward(req, resp);} }

LoginSevlet

package com.javaweb;import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject;import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException;@WebServlet(name = "loginServlet",urlPatterns = "/login.html") public class LoginServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doPost(req,resp);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {String username=req.getParameter("username");String password=req.getParameter("password");Subject subject= SecurityUtils.getSubject();UsernamePasswordToken token=new UsernamePasswordToken(username,password);try {subject.login(token);resp.sendRedirect("/index.html");}catch (AuthenticationException e){e.printStackTrace();req.setAttribute("error","用戶名或者密碼錯誤");req.getRequestDispatcher("/login.jsp").forward(req,resp);}} }

logoutServlet

package com.javaweb;import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject;import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException;@WebServlet(name = "LogoutServlet",urlPatterns = "/logout.html") public class LogoutServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doPost(req,resp);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {Subject subject = SecurityUtils.getSubject();subject.logout();req.getRequestDispatcher("/login.jsp").forward(req,resp);} }

RoleServlt

package com.javaweb;import org.apache.shiro.SecurityUtils; import org.apache.shiro.subject.Subject;import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException;@WebServlet(name = "RoleServlet",urlPatterns = "/role.html") public class RoleServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doPost(req,resp);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {Subject subject = SecurityUtils.getSubject();subject.logout();req.getRequestDispatcher("/role.jsp").forward(req,resp);} }

index.jsp

<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <body> <h2>Hello World!</h2> <a href="logout.html">退出登錄</a> <shiro:hasPermission name="menu:list"> <a herf="">menu</a> </shiro:hasPermission> <shiro:hasRole name="admin"> <a herf="">role</a> </shiro:hasRole> </body> </html>

login.jsp

<%--Created by IntelliJ IDEA.User: geyaoDate: 2019/11/29Time: 21:09To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head><title>Title</title> </head> <body> <form action="login.html" method="post">用戶名:<input type="text" name="username"/><br/>密碼:<input type="password" name="password"/><br/><input type="submit" value="登錄"/>${error} </form> </body> </html>

role.jsp

<%--Created by IntelliJ IDEA.User: geyaoDate: 2019/11/30Time: 13:08To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head><title>Title</title> </head> <body>role.jsp </body> </html>

web.xml

<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://java.sun.com/xml/ns/javaeehttp://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <context-param><param-name>shiroEnvirinmentClass</param-name><param-value>org.apache.shiro.web.env.IniWebEnvironment</param-value> </context-param><context-param><param-name>shiroConfigLocations</param-name><param-value>classpath:shiro-web.ini</param-value></context-param><listener><listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class></listener><filter><filter-name>ShiroFilter</filter-name><filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class></filter><filter-mapping><filter-name>ShiroFilter</filter-name><url-pattern>*.html</url-pattern></filter-mapping> </web-app>

運行結果 輸入網址

會跳轉到

登錄錯誤

登錄成功

設置權限，對應用戶看到對應功能 root用戶

test用戶

guest用戶

?

總結

以上是生活随笔為你收集整理的shiro学习(11)：servelet实现权限认证二的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。