(一)shiro之第一個項目
阿新 • • 發佈:2017-11-05
ner ppi ttr pid sta 等號 res ctype tco
一、創建maven的web工程,引入shiro依賴
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.shyroke.www</groupId> <artifactId>firstShiro</artifactId> <packaging>war</packaging> <version>0.0.1-SNAPSHOT</version> <name>firstShiro Maven Webapp</name> <url>http://maven.apache.org</url> <properties> <shiro.version>1.3.2</shiro.version> </properties> <dependencies> <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> <version>2.5</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> <version>1.7.21</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>jcl-over-slf4j</artifactId> <version>1.7.21</version> <scope>runtime</scope> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> <version>1.1.7</version> <scope>runtime</scope> </dependency> <!-- Shiro dependencies: --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>${shiro.version}</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-web</artifactId> <version>${shiro.version}</version> </dependency> </dependencies> <build> <finalName>firstShiro</finalName> </build> </project>
二、web.xml中配置shiro監聽器
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5"> <welcome-file-list> <welcome-file>/index.jsp</welcome-file> </welcome-file-list> <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <filter> <filter-name>ShiroFilter</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> </filter> <filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping> <servlet> <description></description> <display-name>LoginServlet</display-name> <servlet-name>LoginServlet</servlet-name> <servlet-class>servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/login</url-pattern> </servlet-mapping> </web-app>
三、創建shiro配置文件shiro.ini
- shiro默認配置文件名為shiro.ini且位於WEB-INFO目錄下
[main]
authc.loginUrl = /login
[users]
admin=123
user1=456
[urls]
/admin/** = authc
/index.jsp = authc
/=authc
/login.jsp = anon
-
[users]下註冊的是用戶名和密碼用等號隔開。 -
/admin/** = authc 和 /index.jsp = authc 表示在admin目錄下的資源和index.jsp被訪問時都需要驗證(用戶名和密碼)
-
/=authc 和 /login.jsp = anon 表示訪問url為“/”的路徑和/login.jsp不需要驗證即可訪問,/=authc 一定要加,因為“/”路徑
默認訪問index.jsp,這樣 /login.jsp = anon 沒有效果了。
四、創建登錄頁面
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <%String path=request.getContextPath(); %> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <h2>${emsg}</h2> <form method="post"> username:<input type="text" name="username"><br> password:<input type="password" name="password"><br> <input type="submit" value="登錄"> </form> </body> </html>
五、編寫LoginServlet
package servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; /** * Servlet implementation class LoginServlet */ public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse * response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.getRequestDispatcher("/commons/login.jsp").forward(request, response); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse * response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String userName = request.getParameter("username"); String passWord = request.getParameter("password"); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(userName, passWord); String emsg = null; try { subject.login(token); } catch (UnknownAccountException e) { emsg = "用戶名錯誤"; } catch (IncorrectCredentialsException e) { emsg = "密碼錯誤"; } catch (AuthenticationException e) { emsg = "其他異常=" + e.getMessage(); } if (emsg != null) { // 說明有異常 request.setAttribute("emsg", emsg); request.getRequestDispatcher("/commons/login.jsp").forward(request, response); }else{
request.getRequestDispatcher("/index.jsp").forward(request, response);
} } }
六、目錄結構
七、結果
(一)shiro之第一個項目