傲云油气装备网

让卖家找上门

发布询价单>>

微信扫一扫

傲云油气装备网二维码

热门分类
首页 > 资讯中心 > 物联网 > 物联网技术文章

shiro篇:使用Shiro对一个SSM项目进行身份加密验证

   日期:2020-10-17     浏览:91    评论:0    
核心提示:Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码和会话管理1.配置环境1.1pom依赖<?xml version="1.0" encoding="UTF-8"?><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="h

Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码和会话管理

1.配置环境

1.1pom依赖

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>org.example</groupId>
    <artifactId>1014_1_shirowebspring</artifactId>
    <version>1.0-SNAPSHOT</version>
    <packaging>war</packaging>

    <dependencies>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-all</artifactId>
            <version>1.4.0</version>
            <type>pom</type>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
            <version>1.7.12</version>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-log4j12</artifactId>
            <version>1.7.12</version>
        </dependency>
        <dependency>
            <groupId>log4j</groupId>
            <artifactId>log4j</artifactId>
            <version>1.2.16</version>
        </dependency>
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>
        <!--spring-->
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>4.3.5.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>com.fasterxml.jackson.core</groupId>
            <artifactId>jackson-databind</artifactId>
            <version>2.9.8</version>
        </dependency>
    </dependencies>
</project>

1.2web.xml配置spring+spingMVC+乱码过滤+shiroFilter过滤

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         version="3.1">
    <!--spring-->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:applicationContext*.xml</param-value>
    </context-param>
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

<!--    springMVC-->
    <servlet>
        <servlet-name>springmvc</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:springmvc-servlet.xml</param-value>
        </init-param>
    </servlet>
    <servlet-mapping>
        <servlet-name>springmvc</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>
<!--    乱码处理-->
    <!--3.处理乱码-->
    <filter>
        <filter-name>encodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>utf-8</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>encodingFilter</filter-name>
        <url-pattern>
public class MyRealm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        System.out.println("---------->授权");
        return null;
    }

    
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        System.out.println("---------->认证,登录");

        String username = (String) token.getPrincipal();
        String password = new String((char[])token.getCredentials());

        String u = "admin";//数据库的,写死
//        String p = "123";//数据库
        String p = "3cb336337a3bdceb3c0b65bdcc5f122c";
        int isLock = 1;
        if(!username.equals(u)) {//账号错误
            throw new UnknownAccountException("账号异常");
        }
        if(!password.equals(p)) {//密码错误
            throw new IncorrectCredentialsException("密码错误");
        }
        if(isLock!=1){
            throw new LockedAccountException("账户锁定");
        }

        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,password,this.getName());

        return info;
    }
}

3.创建controller

package controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;


@Controller
public class MyController {
    @RequestMapping("/doLogin")
    public String doLogin(String username,String password){
        System.out.println("登录");
        //1.shiro认证
        Subject subject = SecurityUtils.getSubject();
        //加密
        password = new Md5Hash(password, username, 2014).toString();
        System.out.println(password);
        //2.把用户输入的用户名和密码封装成一个usernamePasswordToken对象
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);
        //3.登录  查找,执行认证方法
        subject.login(token);

        System.out.println(subject.isAuthenticated()?"登录成功":"登录失败");
        return "success";
    }

}

4.写一个页面测试

login.jsp

<%--
  Created by IntelliJ IDEA.
  User: 49841
  Date: 2020/10/14
  Time: 11:40
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>

<form action="/doLogin" method="post">
    <input type="text" name="username" id="id"><br>
    <input type="text" name="password"  id="name"><br>

    <input type="submit" value="提交" id="btn">
</form>
</body>
</html>

success.jsp

<%--
  Created by IntelliJ IDEA.
  User: 49841
  Date: 2020/10/14
  Time: 11:31
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%--shiro标签--%>
<%@taglib prefix="shiro" uri="http://shiro.apache.org/tags"%>
<html>
<head>
    <title>Title</title>
</head>
<body>
success
<shiro:principal></shiro:principal>,欢迎您!!!!!!
<shiro:authenticated>success</shiro:authenticated>
<shiro:guest>guest</shiro:guest>
</body>
</html>
 
打赏
 本文转载自:网络 
所有权利归属于原作者,如文章来源标示错误或侵犯了您的权利请联系微信13520258486
更多>最近资讯中心
• Mybatis的你所不知ResultMap生成方式 • Vue微信网页微信支付
• 一个公司网站的制作流程都有哪些? • 华科软件安全实验--逆向Demo2020.exe--序列号生
• 自助建站相对传统建站有什么优势 • 江湖人称“感谢信收藏家”,三面京东(已offer
• Esp8266天猫精灵_RGB灯_非点灯平台 • STM32F103 串口1和串口3对发数据 配合蓝牙模块
• TMS570学习【1】了解什么是TMS570 • 新闻稿 | Qt公司收购froglogic公司以巩固市场领
• [Java]SpringBoot2整合mqtt服务器EMQ实现消息订 • 苹果群控投屏同步操作原理及运用的平台APP分享
更多>最新资讯中心
• Esp8266天猫精灵_RGB灯_非点灯平台 • STM32F103 串口1和串口3对发数据 配合蓝牙模块
• TMS570学习【1】了解什么是TMS570 • 新闻稿 | Qt公司收购froglogic公司以巩固市场领
• [Java]SpringBoot2整合mqtt服务器EMQ实现消息订 • 苹果群控投屏同步操作原理及运用的平台APP分享
• STM32查询式按键输入[直接用寄存器] • Ubuntu系统 USB设备端口绑定
• 2021-04-14 第四次 按键输入实验 • Flutter扫码功能完美实现
0相关评论

推荐图文
推荐资讯中心
点击排行
最新信息
新手指南
采购商服务
供应商服务
交易安全
关注我们
手机网站:
新浪微博:
微信关注:

13520258486

周一至周五 9:00-18:00
(其他时间联系在线客服)

24小时在线客服