先介绍下登陆的思路:
1.在登陆页面首先前端验证用户名和密码是否正确,如果验证通过,则ajax的方式向后台提交数据。
2.在controller层,将得到的用户名名和密码封装进shiro的token,在提交token过程中如果成功则登陆成功,如果出现异常则登陆失败,并且把登陆情况发送回登陆页面
3.controller层执行subject时候调用realm,realm里面有俩个函数,一个验证权限一个验证身份,在此调用验证身份的函数。在token中得到传过来的用户名,根据用户名查询与该用户名对应的数据,
把查询得到的数据与token做对比,如果正确则登陆成功,如果失败则登陆失败,最后将信息存放在session中
---------------------------------------------------------------------
1.login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!doctype html>
<html lang="en" class="login-content" data-ng-app="materialAdmin">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="Generator" content="EditPlus®">
<meta name="Author" content="">
<meta name="Keywords" content="">
<meta name="Description" content="">
<title>管理员登录界面</title>
<!-- Vendor CSS -->
<link href="${pageContext.request.contextPath}/static/login/css/material-design-iconic-font/css/material-design-iconic-font.min.css" rel="stylesheet" type="text/css">
<!-- CSS -->
<link href="${pageContext.request.contextPath}/static/login/css/app.min.1.css" rel="stylesheet" type="text/css">
<script type="text/javascript">
function submitData(){
var userName=$("#userName").val();
var password=$("#password").val();
if(userName==""){
alert("请输入用户名!");
return;
}
if(password==""){
alert("请输入密码!");
return;
}
$.post("${pageContext.request.contextPath}/manager2/login.do",{userName:userName,password:password},function(result){
if(result.success){
alert("登录成功");
}else{
alert(result.errorInfo);
}
},"json");
}
</script>
</head>
<body class="login-content" data-ng-controller="loginCtrl as lctrl">
<div class="lc-block" id="l-login" data-ng-class="{'toggled':lctrl.login === 1}">
<h1 class="lean">Login</h1>
<div class="input-group m-b-20">
<span class="input-group-addon">
<i class="zmdi zmdi-account"></i>
</span>
<div class="fg-line">
<input type="text" id="userName" name="userName" class="form-control" placeholder="userName" regex="^\w{3,16}$"/>
</div>
</div>
<div class="input-group m-b-20">
<span class="input-group-addon">
<i class="zmdi zmdi-male"></i>
</span>
<div class="fg-line">
<input type="password" id="password" name="password" class="form-control" placeholder="password" regex="^\w+"/>
</div>
</div>
<div class="clearfix"></div>
<div >
成都金广通科技有限公司版本所有 2012-2016
</div>
<a href="javascript:submitData()" class="btn btn-login btn-danger btn-float">
<i class="zmdi zmdi-arrow-forward"></i>
</a>
</div>
</body>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/jquery/dist/jquery.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/log.js"></script>
<!-- Angular -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular/angular.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-resource/angular-resource.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-animate/angular-animate.min.js"></script>
<!-- Angular Modules -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-ui-router/release/angular-ui-router.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-loading-bar/src/loading-bar.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/oclazyload/dist/ocLazyLoad.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-bootstrap/ui-bootstrap-tpls.min.js"></script>
<!-- Common js -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-nouislider/src/nouislider.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/ng-table/dist/ng-table.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/app.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/controllers/main.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/controllers/ui-bootstrap.js"></script>
<!-- Template Modules -->
<script src="${pageContext.request.contextPath}/static/login/js/modules/form.js"></script>
</html>
------------------------------------------------------------------------------------
controller
package com.open1111.controller;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;
import com.open1111.util.Md5Util;
import com.open1111.util.ResponseUtil;
import net.sf.json.JSONObject;
/**
* 管理员Controller层
* @author user
*
*/
@Controller
@RequestMapping("/manager2")
public class ManagerController {
@Resource
private ManagerService managerService;
/**
* 用户登录
* @param manager
* @param response
* @return
* @throws Exception
*/
@RequestMapping("/login")
public String login(Manager manager,HttpServletResponse response)throws Exception{
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(manager.getUserName(), Md5Util.md5(manager.getPassword(), Md5Util.SALT));
JSONObject result=new JSONObject();
try{
subject.login(token);
result.put("success", true);
}catch(Exception e){
result.put("success", false);
result.put("errorInfo", "用户名或者密码错误!");
e.printStackTrace();
}
ResponseUtil.write(response, result);
return null;
}
}
-------------------------------------------------------------------------------------------------------------
util
package com.open1111.util;
import org.apache.shiro.crypto.hash.Md5Hash;
/**
* Md5加密工具类
* @author user
*
*/
public class Md5Util {
public static final String SALT="open1111";
/**
* Md5加密
* @param str
* @param salt
* @return
*/
public static String md5(String str,String salt){
return new Md5Hash(str, salt).toString();
}
public static void main(String[] args) {
String password="123456";
System.out.println("Md5加密后:"+Md5Util.md5(password, Md5Util.SALT));
}
}
package com.open1111.util;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletResponse;
/**
* ajax返回输出流工具类
* @author user
*
*/
public class ResponseUtil {
/**
* 页面输出
* @param response
* @param o
* @throws Exception
*/
public static void write(HttpServletResponse response,Object o)throws Exception{
response.setContentType("text/html;charset=utf-8");
PrintWriter out=response.getWriter();
out.println(o.toString());
out.flush();
out.close();
}
}
----------------------------------------------------------------------------------------------
realm
package com.open1111.realm;
import javax.annotation.Resource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;
/**
* 自定义Reaml
* @author user
*
*/
public class MyRealm extends AuthorizingRealm{
@Resource
private ManagerService managerService;
/**
* 为当前登录用户授予角色和权限
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// TODO Auto-generated method stub
return null;
}
/**
* 验证当前登录的用户
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName=(String) token.getPrincipal();
Manager manager=managerService.getByUserName(userName);
if(manager!=null){
SecurityUtils.getSubject().getSession().setAttribute("currentUser", manager);
AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(manager.getUserName(), manager.getPassword(), "xxx");
return authcInfo;
}else{
return null;
}
}
}
------------------------------------------------------------------------------
service
package com.open1111.service.impl;
import javax.annotation.Resource;
import org.springframework.stereotype.Service;
import com.open1111.dao.ManagerDao;
import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;
/**
* 管理员Service实现类
* @author user
*
*/
@Service("managerService")
public class ManagerServiceImpl implements ManagerService{
@Resource
private ManagerDao managerDao;
public Manager getByUserName(String userName) {
return managerDao.getByUserName(userName);
}
}
--------------------------------------------------------------------
dao
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.open1111.dao.ManagerDao">
<resultMap type="Manager" id="ManagerResult">
<result property="id" column="id"/>
<result property="userName" column="userName"/>
<result property="password" column="password"/>
</resultMap>
<select id="getByUserName" parameterType="String" resultMap="ManagerResult">
select * from t_manager where userName=#{userName}
</select>
</mapper>