9.8 shiro整合mybatis
- 在上一节springboot整合shiro工程的基础上导入整合数据库的依赖
<!--springboot整合shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.9.1</version>
</dependency>
<!--springboot整合thymeleaf-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!--springboot-web启动-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--热部署-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.17.2</version>
</dependency>
<!--整合数据库-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jdbc</artifactId>
<version>2.7.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
<version>2.7.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.29</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.2.11</version>
</dependency>
<!--非spring-boot官方-->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.2.2</version>
</dependency>
注意:父工程是普通maven项目中导入的依赖,在子项目springboot中无法沿用
- 将之前整合mybatis的那一套直接搬过来(pojo/User,mapper/UserMapper,resource/mybatis/mapper/UserMapper.xml,),需要注意的是配置文件application.yml中配置项和UserMapper.xml路径的变动
- 项目结构图,-本demo的静态资源可以访问SpringBoot整合shiro项目静态资源下载
- 整合好后可以先测试一下,没问题后进行下面步骤
@SpringBootTest
class ShiroSpringbootApplicationTests {
@Autowired
UserMapper userMapper;
@Test
void contextLoads() {
Map<String,String> map = new HashMap(15);
map.put("id","20");
User user = userMapper.getUser(map);
System.out.println(user.toString());
}
}
//User(id=20, name=李云, password=123456, email=123456@qq.com, birthday=Wed Aug 03 00:00:00 CST 2022)
- 然后需要改变自定义UserRealm类中的授权方法,将其改为从数据库查询后的结果
package com.example.config;
import com.example.mapper.UserMapper;
import com.example.pojo.User;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import java.util.HashMap;
import java.util.Map;
/**
* @author CNCLUKZK
* @create 2022/8/5-19:45
*/
//自定义UserRealm extends AuthorizingRealm
public class UserRealm extends AuthorizingRealm {
@Autowired
UserMapper userMapper;
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执行了授权doGetAuthorizationInfo方法!");
return null;
}
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("执行了认证doGetAuthenticationInfo方法!");
//连接真实数据库
UsernamePasswordToken userToken = (UsernamePasswordToken) token;
Map<String,String> map = new HashMap(15);
/*(String)userToken.getPrincipal() == userToken.getUsername()*/
map.put("name",userToken.getUsername());
User user = userMapper.getUser(map);
if (user==null) {
return null; //抛出UnknownAccountException异常
}
/*可以加密:
MD5加密:e10adc3949ba59abbe56e057f20f883e
MD5盐值加密(密码混合账户): e10adc3949ba59abbe56e057f20f883eusername*/
//密码认证,shiro做,加密了,默认是简单验证new SimpleCredentialsMatcher()明文验证
return new SimpleAuthenticationInfo("",user.getPassword(),"");
}
}
连接真实数据库后登陆时,如果账号是重名,那么生成token失败登陆失败
- 设置默认的密码加密规则在ShiroConfiguration配置类的第一步,注册自定义UserRealm指定密码验证规则
密码认证,shiro做,加密了,默认是简单验证new SimpleCredentialsMatcher()的明文验证
//第一步:创建Realm对象,需要自定义类
@Bean
public UserRealm userRealm(){
UserRealm userRealm = new UserRealm();
userRealm.setCredentialsMatcher(new Md5CredentialsMatcher());
return userRealm;
}
- 测试访问http://127.0.0.1:8080/点击登录,输入错误的密码admin/123
- 输入正确密码后转到首页
下一篇:SpringBoot-33-shiro请求授权的实现
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/123839.html