Shiro03

1. Shiro authorization roles and permissions

2. Shiro’s annotation development

shiro permission ideas

span>

share picture

authorization

Define two methods in ShiroUserMapper

// Query role by user ID

Set getRolesByUserId(Integer userId);
// Query permissions by user ID
Set getPersByUserId(Integer userId);

Add new content in ShiroUserMapper.xml

 <select id="getRolesByUserId" resultType= "java.lang.String" parameterType="java.lang.Integer" >

select r.roleid from t_shiro_user u,t_shiro_user_role ur,t_shiro_role r
where u.userid = ur.userid and ur.roleid = r .roleid
and u.userid
= #{userId}
select>
<select id="getPersByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
select p.permission from t_shiro_user u,t_shiro_user_role ur,t_shiro_role_permission rp,t_shiro_permission p
where u.userid = ur.userid and ur.roleid = rp.roleid and rp.perid = p.perid
and u.userid
= #{userId}
select>

Service layer

package com.liuwenwu.service.impl;


import com.liuwenwu.mapper.ShiroUserMapper;
import com.liuwenwu.model.ShiroUser;
import com.liuwenwu.service.ShiroUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.Set;

/**
* @author LWW
* @site www.lww.com
* @company
* @create 2019-10-13 16:14
*/
@Service(
"shiroUserService")
public class ShiroUserServiceImpl implements ShiroUserService {
@Autowired
private ShiroUserMapper shiroUserMapper;

@Override
public ShiroUser queryByName(String uname) {

return shiroUserMapper.queryByName(uname);
}

/**
* Add user
* @param record
* @return
*/
@Override
public int insert(ShiroUser record) {

return shiroUserMapper.insert(record);
}

/**
* Query role by user ID
* @param userId
* @return
*/
@Override
public Set getRolesByUserId(Integer userId) {
return shiroUserMapper.getRolesByUserId(userId);
}

/**
* Query permissions by user ID
* @param userId
* @return
*/
@Override
public Set getPersByUserId(Integer userId) {
return
shiroUserMapper.getPersByUserId(userId); }
}

ShiroUserServiceImpl

< div class="code">

package com.liuwenwu.service.impl;


import com.liuwenwu.mapper.ShiroUserMapper;
import com.liuwenwu.model.ShiroUser;
import com.liuwenwu.service.ShiroUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.Set;

/**
* @author LWW
* @site www.lww.com
* @company
* @create 2019-10-13 16:14
*/
@Service(
"shiroUserService")
public class ShiroUserServiceImpl implements ShiroUserService {
@Autowired
private ShiroUserMapper shiroUserMapper;

@Override
public ShiroUser queryByName(String uname) {

return shiroUserMapper.queryByName(uname);
}

/**
* Add user
* @param record
* @return
*/
@Override
public int insert(ShiroUser record) {

return shiroUserMapper.insert(record);
}

/**
* Query role by user ID
* @param userId
* @return
*/
@Override
public Set getRolesByUserId(Integer userId) {
return shiroUserMapper.getRolesByUserId(userId);
}

/**
* Query permissions by user ID
* @param userId
* @return
*/
@Override
public Set getPersByUserId(Integer userId) {
return
shiroUserMapper.getPersByUserId(userId); }
}

Rewrite custom authorization method in MyRealm

 /**

* Authorization
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// currently logged in user
ShiroUser shiroUser = this.shiroUserService.queryByName(principals.getPrimaryPrincipal().toString() );
Set
rolrids = this.shiroUserService.getRolesByUserId(shiroUser. getUserid());
Set
perdis = this.shiroUserService.getPersByUserId(shiroUser. getUserid());

SimpleAuthorizationInfo info
=new SimpleAuthorizationInfo();
info.setRoles(rolrids);
info.setStringPermissions(perdis);
return info;
}

Annotation development

Introduction to common annotations< /strong>

@RequiresAuthenthentication: Indicates that the current Subject has been authenticated by login; that is, Subject. isAuthenticated() returns true

@RequiresUser: indicates that the current subject has been authenticated or logged in through remember me< /p>

@RequiresGuest: indicates that the current subject has no identity verification or has logged in by remembering me, that is, it is a tourist identity

@RequiresRoles(value = {“admin”,”user”},logical = Logical.AND): Indicates that the current Subject needs the roles admin and user p>

@RequiresPermissions(value = {“user:delete”,”user:b”},logical = Logical.OR): Indicates that the current Subject needs permission user :delete or user:b

ShiroUserController

 /**

* Notes on identity authentication
* @param req
* @param resp
* @return
*/
@RequiresUser
@RequestMapping(
"/passUser")
public String passUser(HttpServletRequest req, HttpServletResponse resp){
return "admin/addUser";
}

/**
* Notes on role authentication
* @param req
* @param resp
* @return
* The current method must have a role ID of 1, 4 at the same time to be accessed
*/
@RequiresRoles(value
= {"1","4 "},logical = Logical.OR)
@RequestMapping(
"/passRole")
public String passPole(HttpServletRequest req, HttpServletResponse resp){
return "admin/listUser";
}

/**
* Notes on authorization
* @param req
* @param resp
* @return
*/
@RequiresPermissions(value
= {"user:update ","user:view "},logical = Logical.OR)
@RequestMapping(
"/passPer")
public String passPer(HttpServletRequest req, HttpServletResponse resp){
return "admin/resetPwd";
}

springmvc-servlet.xml

 class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator "

depends
-on="lifecycleBeanPostProcessor">
"proxyTargetClass" value="true">

class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
"securityManager" ref="securityManager"/>



"exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
"exceptionMappings">

"org.apache.shiro.authz.UnauthorizedException ">
unauthorized



"defaultErrorView" value="unauthorized"/>

main.jsp

Effect: If the verification fails, it will jump to the unauthorized.jsp page pre> 

share picture

Passed verification:

share picture

// Query role by user ID

Set getRolesByUserId(Integer userId);
// Query permissions by user ID
Set getPersByUserId(Integer userId);

 <select id="getRolesByUserId" resultType ="java.lang.String" parameterType="java.lang.Integer">

select r.roleid from t_shiro_user u,t_shiro_user_role ur,t_shiro_role r
where u.userid = ur.userid and ur.roleid = r .roleid
and u.userid
= #{userId}
select>
<select id="getPersByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
select p.permission from t_shiro_user u,t_shiro_user_role ur,t_shiro_role_permission rp,t_shiro_permission p
where u.userid = ur.userid and ur.roleid = rp.roleid and rp.perid = p.perid
and u.userid
= #{userId}
select>

package com.liuwenwu.service.impl;


import com.liuwenwu.mapper.ShiroUserMapper;
import com.liuwenwu.model.ShiroUser;
import com.liuwenwu.service.ShiroUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.Set;

/**
* @author LWW
* @site www.lww.com
* @company
* @create 2019-10-13 16:14
*/
@Service(
"shiroUserService")
public class ShiroUserServiceImpl implements ShiroUserService {
@Autowired
private ShiroUserMapper shiroUserMapper;

@Override
public ShiroUser queryByName(String uname) {

return shiroUserMapper.queryByName(uname);
}

/**
* Add user
* @param record
* @return
*/
@Override
public int insert(ShiroUser record) {

return shiroUserMapper.insert(record);
}

/**
* Query role by user ID
* @param userId
* @return
*/
@Override
public Set getRolesByUserId(Integer userId) {
return shiroUserMapper.getRolesByUserId(userId);
}

/**
* Query permissions by user ID
* @param userId
* @return
*/
@Override
public Set getPersByUserId(Integer userId) {
return
shiroUserMapper.getPersByUserId(userId); }
}

package com.liuwenwu.service.impl;


import com.liuwenwu.mapper.ShiroUserMapper;
import com.liuwenwu.model.ShiroUser;
import com.liuwenwu.service.ShiroUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.Set;

/**
* @author LWW
* @site www.lww.com
* @company
* @create 2019-10-13 16:14
*/
@Service(
"shiroUserService")
public class ShiroUserServiceImpl implements ShiroUserService {
@Autowired
private ShiroUserMapper shiroUserMapper;

@Override
public ShiroUser queryByName(String uname) {

return shiroUserMapper.queryByName(uname);
}

/**
* Add user
* @param record
* @return
*/
@Override
public int insert(ShiroUser record) {

return shiroUserMapper.insert(record);
}

/**
* Query role by user ID
* @param userId
* @return
*/
@Override
public Set getRolesByUserId(Integer userId) {
return shiroUserMapper.getRolesByUserId(userId);
}

/**
* Query permissions by user ID
* @param userId
* @return
*/
@Override
public Set getPersByUserId(Integer userId) {
return
shiroUserMapper.getPersByUserId(userId); }
}

 /**

* Authorization
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// currently logged in user
ShiroUser shiroUser = this.shiroUserService.queryByName(principals.getPrimaryPrincipal().toString() );
Set
rolrids = this.shiroUserService.getRolesByUserId(shiroUser. getUserid());
Set
perdis = this.shiroUserService.getPersByUserId(shiroUser. getUserid());

SimpleAuthorizationInfo info
=new SimpleAuthorizationInfo();
info.setRoles(rolrids);
info.setStringPermissions(perdis);
return info;
}

 /**

* Notes on identity authentication
* @param req
* @param resp
* @return
*/
@RequiresUser
@RequestMapping(
"/passUser")
public String passUser(HttpServletRequest req, HttpServletResponse resp){
return "admin/addUser";
}

/**
* Notes on role authentication
* @param req
* @param resp
* @return
* The current method must have a role ID of 1, 4 at the same time to be accessed
*/
@RequiresRoles(value
= {"1","4 "},logical = Logical.OR)
@RequestMapping(
"/passRole")
public String passPole(HttpServletRequest req, HttpServletResponse resp){
return "admin/listUser";
}

/**
* Notes on authorization
* @param req
* @param resp
* @return
*/
@RequiresPermissions(value
= {"user:update ","user:view "},logical = Logical.OR)
@RequestMapping(
"/passPer")
public String passPer(HttpServletRequest req, HttpServletResponse resp){
return "admin/resetPwd";
}

 class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"

depends
-on="lifecycleBeanPostProcessor">
"proxyTargetClass" value="true">

class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
"securityManager" ref="securityManager"/>



"exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
"exceptionMappings">

"org.apache.shiro.authz.UnauthorizedException">
unauthorized



"defaultErrorView" value="unauthorized"/>

WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 5999 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

Leave a Comment

Your email address will not be published.