sping boot web.xmlmybatis融合web怎么写
点击联系发帖人
时间:2017-04-01 05:15
[摘要:本创做品,转载请标明:http://blog.csdn.net/xiejingfa/article/details/
比来有个小须要用到那几个框架,合腾了几天终究设置装备摆设出去,因而写下那篇。
原创作品,转载请标明:http://blog.csdn.net/xiejingfa/article/details/
最近有个小项目需要用到这几个框架,折腾了几天终于配置出来,于是写下这篇文章。
后端主要使用了Spring + SpringMVC + MyBatis + Shiro框架
前端是我在网上找的一个模板,主要是Bootstrap。
先来看看项目结构
配置完成后的
主要步骤:
1、Maven安装配置
(1)、下载Apache-maven-3.3.3,把它解压到某个路径,然后配置环境变量。完成之后可以在命令行中输入:mvn -来检查maven是否配置成功。
(2)、配置maven本地仓库。找到maven的安装路径,打开conf下的setting.xml文件。里面的localRepository标签即是配置本地仓库用得。先解除注释,然后配置一个本地目录,这样maven管理下得jar包就回下载到相应路径下。最后别忘了把该setting.xml文件复制一份到配置的目标目录下,方便与Eclipse集成。
(3)、再Eclipse中集成maven,在preferencs中配置以下内容:
2、创建一个名为Corwdsourcing的maven项目。注意,要把项目编码设置为utf-8。
3、配置pom.xml,引入相关jar包
&project xmlns=&http://maven.apache.org/POM/4.0.0& xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xsi:schemaLocation=&http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd&&
&modelVersion&4.0.0&/modelVersion&
&groupId&cn.edu.zju.eagle&/groupId&
&artifactId&Crowdsourcing&/artifactId&
&packaging&war&/packaging&
&version&0.0.1-SNAPSHOT&/version&
&name&Crowdsourcing Maven Webapp&/name&
&url&http://maven.apache.org&/url&
&properties&
&!-- spring --&
&spring.version&4.0.2.RELEASE&/spring.version&
&!-- mybatis版本号 --&
&mybatis.version&3.2.6&/mybatis.version&
&!-- log4j日志文件管理包版本 --&
&slf4j.version&1.7.7&/slf4j.version&
&log4j.version&1.2.17&/log4j.version&
&shiro.version&1.2.3&/shiro.version&
&/properties&
&dependencies&
&dependency&
&groupId&junit&/groupId&
&artifactId&junit&/artifactId&
&version&4.11&/version&
&!-- 表示开发的时候引入,发布的时候不会加载此包 --&
&scope&test&/scope&
&/dependency&
&!-- shiro --&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-spring&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-ehcache&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-core&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-web&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-quartz&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&!-- spring核心包 --&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-core&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-web&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-oxm&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-tx&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-jdbc&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-webmvc&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-aop&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-context-support&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-test&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&!-- mybatis核心包 --&
&dependency&
&groupId&org.mybatis&/groupId&
&artifactId&mybatis&/artifactId&
&version&${mybatis.version}&/version&
&/dependency&
&!-- mybatis/spring包 --&
&dependency&
&groupId&org.mybatis&/groupId&
&artifactId&mybatis-spring&/artifactId&
&version&1.2.2&/version&
&/dependency&
&!-- 导入 ee jar 包 --&
&dependency&
&groupId&javax&/groupId&
&artifactId&javaee-api&/artifactId&
&version&7.0&/version&
&/dependency&
&!-- 导入链接jar包 --&
&dependency&
&groupId&mysql&/groupId&
&artifactId&mysql-connector-java&/artifactId&
&version&5.1.30&/version&
&/dependency&
&!-- 导入dbcp的jar包,用来在applicationContext.xml中配置数据库 --&
&dependency&
&groupId&commons-dbcp&/groupId&
&artifactId&commons-dbcp&/artifactId&
&version&1.2.2&/version&
&/dependency&
&!-- JSTL标签类 --&
&dependency&
&groupId&jstl&/groupId&
&artifactId&jstl&/artifactId&
&version&1.2&/version&
&/dependency&
&!-- 日志文件管理包 --&
&dependency&
&groupId&log4j&/groupId&
&artifactId&log4j&/artifactId&
&version&${log4j.version}&/version&
&/dependency&
&!-- JSON工具类 --&
&dependency&
&groupId&com.alibaba&/groupId&
&artifactId&fastjson&/artifactId&
&version&1.1.41&/version&
&/dependency&
&dependency&
&groupId&org.slf4j&/groupId&
&artifactId&slf4j-api&/artifactId&
&version&${slf4j.version}&/version&
&/dependency&
&dependency&
&groupId&org.slf4j&/groupId&
&artifactId&slf4j-log4j12&/artifactId&
&version&${slf4j.version}&/version&
&/dependency&
&!-- jackson --&
&dependency&
&groupId&org.codehaus.jackson&/groupId&
&artifactId&jackson-mapper-asl&/artifactId&
&version&1.9.13&/version&
&/dependency&
&!-- 上传组件包 --&
&dependency&
&groupId&commons-fileupload&/groupId&
&artifactId&commons-fileupload&/artifactId&
&version&1.3.1&/version&
&/dependency&
&dependency&
&groupId&commons-io&/groupId&
&artifactId&commons-io&/artifactId&
&version&2.4&/version&
&/dependency&
&dependency&
&groupId&commons-codec&/groupId&
&artifactId&commons-codec&/artifactId&
&version&1.9&/version&
&/dependency&
&/dependencies&
&finalName&Crowdsourcing&/finalName&
&/project&
4、整合Spring和MyBatis
(1)、jdbc.properties文件
driver=com.mysql.jdbc.Driver
url=jdbc:mysql://10.214.52.238:3306/crowdsourcing?useUnicode=true&characterEncoding=utf-8
username=zhouyu
password=zhouyu
#定义初始连接数
initialSize=0
#定义最大连接数
maxActive=20
#定义最大空闲
maxIdle=20
#定义最小空闲
#定义最长等待时间
maxWait=60000
(2)、日志文件
#定义LOG输出级别
log4j.rootLogger=INFO,Console,File
#定义日志输出目的地为控制台
log4j.appender.Console=org.apache.log4j.ConsoleAppender
log4j.appender.Console.Target=.out
#可以灵活地指定日志输出格式,下面一行是指定具体的格式
log4j.appender.Console.layout = org.apache.log4j.PatternLayout
log4j.appender.Console.layout.ConversionPattern=[%c] - %m%n
#文件大小到达指定尺寸的时候产生一个新的文件
log4j.appender.File = org.apache.log4j.RollingFileAppender
#指定输出目录
log4j.appender.File.File = logs/ssm.log
#定义文件最大大小
log4j.appender.File.MaxFileSize = 10MB
# 输出所以日志,如果换成DEBUG表示输出DEBUG以上级别日志
log4j.appender.File.Threshold = ALL
log4j.appender.File.layout = org.apache.log4j.PatternLayout
log4j.appender.File.layout.ConversionPattern =[%p] [%d{yyyy-MM-dd HH\:mm\:ss}][%c]%m%n
(3)、applicationContex.xml文件。该文件主要用来整合Spring和MyBatis
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance& xmlns:p=&http://www.springframework.org/schema/p&
xmlns:context=&http://www.springframework.org/schema/context&
xmlns:mvc=&http://www.springframework.org/schema/mvc&
xsi:schemaLocation=&http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd&&
&!-- 自动扫描 --&
&context:component-scan base-package=&cn.edu.zju.eagle.crowdsourcing& /&
&!-- 引入配置文件 --&
&bean id=&propertyConfigurer&
class=&org.springframework.beans.factory.config.PropertyPlaceholderConfigurer&&
&property name=&location& value=/"classpath:jdbc.properties" />
(4)、创建实体类、MyBatis映射文件、DAO层和Service层接口。前三者既可以手写,也可以利用MyBatis Generator自动创建。各文件如下:
cn.edu.zju.eagle.crowdsourcing.web.
import java.util.D
public class User {
public Date createT
/** 若该属性值等于0,表示该实体未被删除,若该属性值等于1,表示该实体类已被删除。 */
public Integer isD
public User() {
public User(String username, String password) {
this.username =
this.password =
public Integer getId() {
public void setId(Integer id) {
public String getUsername() {
public void setUsername(String username) {
this.username =
public String getPassword() {
public void setPassword(String password) {
this.password =
public Date getCreateTime() {
return createT
public void setCreateTime(Date createTime) {
this.createTime = createT
public Integer getIsDelete() {
return isD
public void setIsDelete(Integer isDelete) {
this.isDelete = isD
public String toString() {
return &User [id=& + id + &, username=& + username + &, password=& + password + &, createTime=& + createTime
+ &, isDelete=& + isDelete + &]&;
UserMapper映射文件
&?xml version=&1.0& encoding=&UTF-8&?&
&!DOCTYPE mapper PUBLIC &-//mybatis.org//DTD Mapper 3.0//EN& &http://mybatis.org/dtd/mybatis-3-mapper.dtd&&
&mapper namespace=&cn.edu.zju.eagle.crowdsourcing.web.dao.UserDao&&
&resultMap id=&BaseResultMap& type=&cn.edu.zju.eagle.crowdsourcing.web.model.User&&
&id column=&id& jdbcType=&INTEGER& property=&id& /&
&result column=&username& jdbcType=&VARCHAR& property=&username& /&
&result column=&password& jdbcType=&VARCHAR& property=&password& /&
&result column=&create_time& jdbcType=&TIMESTAMP& property=&createTime& /&
&result column=&is_delete& jdbcType=&INTEGER& property=&isDelete& /&
&/resultMap&
&sql id=&Base_Column_List&&
id, username, password, create_time, is_delete
&!-- 用户登录验证查询 --&
&select id=&authenticate& resultMap=&BaseResultMap&
parameterType=&map&&
&include refid=&Base_Column_List& /&
where username = #{record.username,jdbcType=VARCHAR} and
password =
#{record.password,jdbcType=VARCHAR} and is_delete = 0
&!-- 更新用户信息 --&
& id=&updateUser& parameterType=&cn.edu.zju.eagle.crowdsourcing.web.model.User&&
update user
&if test=&record.username != null&&
username = #{record.username,jdbcType=VARCHAR},
&if test=&record.password != null&&
password = #{record.password,jdbcType=VARCHAR},
where id = #{record.id,jdbcType=INTEGER} and is_delete = 0
UserDao.java文件
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.ibatis.annotations.P
import cn.edu.zju.eagle.crowdsourcing.web.model.U
* 用户认证
* @param user 待认证用户
* @return 若认证失败,则返回User实例,否则返回null
public User authenticate(@Param(&record&) User record);
* 更新user信息
* @param record
* @return 受影响的行数
public int updateUser(@Param(&record&) User record);
UserServiceImpl.java
package cn.edu.zju.eagle.crowdsourcing.web.service.
import javax.annotation.R
import org.springframework.stereotype.S
import cn.edu.zju.eagle.crowdsourcing.web.dao.UserD
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
@Service(&userService&)
public class UserServiceImpl implements UserService {
private UserDao userD
public User authenticate(User user) {
return userDao.authenticate(user);
public int updateUser(User user) {
return userDao.updateUser(user);
5、整合SpringMVC
(1)、配置web.xml文件
&?xml version=&1.0& encoding=&UTF-8&?&
&web-app xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xmlns=&/xml/ns/javaee&
xsi:schemaLocation=&/xml/ns/javaee /xml/ns/javaee/web-app_3_0.xsd&
version=&3.0&&
&display-name&Archetype Created Web Application&/display-name&
&!-- Spring和mybatis的 --&
&context-param&
¶m-name&contextConfigLocation&/param-name&
¶m-value&
classpath:applicationContext.xml
&/param-value&
&/context-param&
&!-- 编码过滤器 --&
&filter-name&encodingFilter&/filter-name&
&filter-class&org.springframework.web.filter.CharacterEncodingFilter&/filter-class&
&async-supported&true&/async-supported&
&init-param&
¶m-name&encoding&/param-name&
¶m-value&UTF-8&/param-value&
&/init-param&
&filter-mapping&
&filter-name&encodingFilter&/filter-name&
&url-pattern&/*&/url-pattern&
&/filter-mapping&
&!-- Spring监听器 --&
&listener&
&listener-class&org.springframework.web.context.ContextLoaderListener&/listener-class&
&/listener&
&!-- 防止Spring内存溢出监听器 --&
&listener&
&listener-class&org.springframework.web.util.IntrospectorCleanupListener&/listener-class&
&/listener&
&!-- Spring MVC servlet --&
&servlet-name&SpringMVC&/servlet-name&
&servlet-class&org.springframework.web.servlet.DispatcherServlet&/servlet-class&
&init-param&
¶m-name&contextConfigLocation&/param-name&
¶m-value&classpath:spring-mvc.xml&/param-value&
&/init-param&
&load-on-startup&1&/load-on-startup&
&async-supported&true&/async-supported&
&/servlet&
&servlet-mapping&
&servlet-name&SpringMVC&/servlet-name&
&!-- 此处可以可以配置成*.do,对应struts的后缀习惯 --&
&url-pattern&/&/url-pattern&
&/servlet-mapping&
&welcome-file-list&
&welcome-file&/index&/welcome-file&
&/welcome-file-list&
&/web-app&
(2)、配置spring-mvc.xml
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance& xmlns:p=&http://www.springframework.org/schema/p&
xmlns:context=&http://www.springframework.org/schema/context&
xmlns:mvc=&http://www.springframework.org/schema/mvc&
xsi:schemaLocation=&http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd&&
&!-- 自动扫描该包,使SpringMVC认为包下用了@controller注解的类是控制器 --&
&context:component-scan base-package=&cn.edu.zju.eagle.crowdsourcing& /&
&!-- 访问静态文件 --&
&mvc:annotation-driven /&
&mvc:resources location=&/resources/& mapping=&/resources/**& /&
&!--避免IE执行AJAX时,返回JSON出现下载文件 --&
&bean id=&mappingJacksonHttpMessageConverter&
class=&org.springframework.http.converter.json.MappingJacksonHttpMessageConverter&&
&property name=&supportedMediaTypes&&
&value&text/charset=UTF-8&/value&
&/property&
&!-- 启动SpringMVC的注解功能,完成请求和注解POJO的映射 --&
class=&org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter&&
&property name=&messageConverters&&
&ref bean=&mappingJacksonHttpMessageConverter& /& &!-- JSON转换器 --&
&/property&
&!-- 定义跳转的文件的前后缀 ,视图模式配置--&
&bean class=&org.springframework.web.servlet.view.InternalResourceViewResolver&&
&!-- 这里的配置我的理解是自动给后面action的方法return的字符串加上前缀和后缀,变成一个 可用的url地址 --&
&property name=&prefix& value=/"/WEB-INF/views/" />
6、配置Shiro
(1)、applicationContex-shiro.xml
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans& xmlns:util=&http://www.springframework.org/schema/util&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xsi:schemaLocation=&
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd&&
&description&apache shiro配置&/description&
&bean id=&shiroFilter& class=&org.apache.shiro.spring.web.ShiroFilterFactoryBean&&
&property name=&securityManager& ref=&securityManager&/&
&property name=&loginUrl& value=/"/page/login"/>
/resources/** = anon
/user/login = anon
/page/login = anon
/** = authc
该文件需要用到自定义的Realm Bean完成权限检查和身份验证,这里定义为SecurityRealm.java
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.log4j.L
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.AuthenticationI
import org.apache.shiro.authc.AuthenticationT
import org.apache.shiro.authc.SimpleAuthenticationI
import org.apache.shiro.authz.AuthorizationI
import org.apache.shiro.authz.SimpleAuthorizationI
import org.apache.shiro.realm.AuthorizingR
import org.apache.shiro.subject.PrincipalC
import org.
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
* 用户身份验证,授权 Realm 组件
* @author xiejingfa
@Component(value = /"securityRealm")
public class SecurityRealm extends AuthorizingRealm {
private static Logger logger = Logger.getLogger(SecurityRealm.class);
private UserService userS
public void setUserService(UserService userService) {
this.userService = userS
* 权限检查
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String username = String.valueOf(principals.getPrimaryPrincipal());
System.out.println("doGetAuthorizationInfo username : " + username);
// 添加角色...
// 添加权限...
return authorizationI
* 登录验证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = String.valueOf(token.getPrincipal());
String password = new String((char[]) token.getCredentials());
// 通过数据库进行验证
User unauthUser = new User();
unauthUser.username =
unauthUser.password =
final User authUser = userService.authenticate(unauthUser);
("待验证用户:" + unauthUser);
("验证结果:" + authUser);
if (authUser == null) {
throw new AuthenticationException("用户名或密码错误.");
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(username, password, getName());
return authenticationI
(2)、再web.xml中配置shiro过滤器和applicationContex-shiro.xml文件
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.log4j.L
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.AuthenticationI
import org.apache.shiro.authc.AuthenticationT
import org.apache.shiro.authc.SimpleAuthenticationI
import org.apache.shiro.authz.AuthorizationI
import org.apache.shiro.authz.SimpleAuthorizationI
import org.apache.shiro.realm.AuthorizingR
import org.apache.shiro.subject.PrincipalC
import org.
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
* 用户身份验证,授权 Realm 组件
* @author xiejingfa
@Component(value = /"securityRealm")
public class SecurityRealm extends AuthorizingRealm {
private static Logger logger = Logger.getLogger(SecurityRealm.class);
private UserService userS
public void setUserService(UserService userService) {
this.userService = userS
* 权限检查
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String username = String.valueOf(principals.getPrimaryPrincipal());
System.out.println("doGetAuthorizationInfo username : " + username);
// 添加角色...
// 添加权限...
return authorizationI
* 登录验证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = String.valueOf(token.getPrincipal());
String password = new String((char[]) token.getCredentials());
// 通过数据库进行验证
User unauthUser = new User();
unauthUser.username =
unauthUser.password =
final User authUser = userService.authenticate(unauthUser);
("待验证用户:" + unauthUser);
("验证结果:" + authUser);
if (authUser == null) {
throw new AuthenticationException("用户名或密码错误.");
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(username, password, getName());
return authenticationI
(1)、编写Controller控制器类
package cn.edu.zju.eagle.crowdsourcing.web.
import javax.annotation.R
import javax.servlet.http.HttpServletR
import javax.servlet.http.HttpS
import javax.validation.V
import org.apache.log4j.L
import org.apache.shiro.SecurityU
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.UsernamePasswordT
import org.apache.shiro.subject.S
import org.springframework.stereotype.C
import org.springframework.ui.M
import org.springframework.validation.BindingR
import org.springframework.web.bind.annotation.RequestM
import org.springframework.web.bind.annotation.RequestM
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
@Controller
@RequestMapping(&/user&)
public class UserController {
private static Logger logger = Logger.getLogger(UserController.class);
private UserService userS
* 用户登录
* @param user
* @param result
@RequestMapping(value = /"/login", method = RequestMethod.POST)
public String login(@Valid User user, BindingResult result, Model model, HttpServletRequest request) {
System.out.println("login: " + user.toString());
Subject subject = SecurityUtils.getSubject();
// 已登陆则 跳到首页
if (subject.isAuthenticated()) {
(user.getUsername() + "已经登录");
return "redirect:/comm/index";
// 参数错误
if (result.hasErrors()) {
model.addAttribute("error", "参数错误!");
("参数错误");
return "redirect:/page/login";
// 身份验证
subject.login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));
// 验证成功在Session中保存用户信息
final User authUserInfo = userService.authenticate(user);
request.getSession().setAttribute("userInfo", authUserInfo);
("登录成功" + authUserInfo);
} catch (AuthenticationException e) {
// 身份验证失败
model.addAttribute("error", "用户名或密码错误!");
(user.getUsername() + "用户名或密码错误");
return "redirect:/page/login";
(user.getUsername() + "登录成功");
return "redirect:/comm/index";
* 用户登出
* @param session
@RequestMapping(value="/logout", method=RequestMethod.GET)
public String logout(HttpSession session) {
session.removeAttribute("userInfo");
// 登出操作
Subject subject = SecurityUtils.getSubject();
subject.logout();
return "redirect:/page/login";
(2)、导入数据库
-- phpMyAdmin SQL Dump
-- version 4.5.0.2
-- http://www.phpmyadmin.net
-- Generation Time:
-- 版本: 10.0.17-MariaDB
-- PHP Version: 5.6.14
SET SQL_MODE = &NO_AUTO_VALUE_ON_ZERO&;
SET time_zone = &+00:00&;
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
-- : `crowdsourcing`
-- --------------------------------------------------------
-- 表的结构 `user`
CREATE TABLE `user` (
`id` int(11) NOT NULL COMMENT '主键',
`username` varchar(128) NOT NULL COMMENT '用户名',
`password` varchar(256) NOT NULL COMMENT '密码',
`create_time` datetime NOT NULL COMMENT '注册时间',
`is_delete` int(11) NOT NULL DEFAULT '0' COMMENT '是否删除'
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='用户表';
-- 转存表中的数据 `user`
INSERT INTO `user` (`id`, `username`, `password`, `create_time`, `is_delete`) VALUES
(1, 'fred', '8d969eef6ecad3c29a3acf0c3f5d5a86aff3caadc6c92', ' 13:00:00', 0);
-- Indexes for dumped tables
-- Indexes for table `user`
ALTER TABLE `user`
ADD PRIMARY KEY (`id`);
-- AUTO_INCREMENT for dumped tables
-- AUTO_INCREMENT for table `user`
ALTER TABLE `user`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT COMMENT '主键', AUTO_INCREMENT=2;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
到这里,完成了Spring + SpringMVC + MyBatis + Shiro的整合。}
比来有个小须要用到那几个框架,合腾了几天终究设置装备摆设出去,因而写下那篇。
原创作品,转载请标明:http://blog.csdn.net/xiejingfa/article/details/
最近有个小项目需要用到这几个框架,折腾了几天终于配置出来,于是写下这篇文章。
后端主要使用了Spring + SpringMVC + MyBatis + Shiro框架
前端是我在网上找的一个模板,主要是Bootstrap。
先来看看项目结构
配置完成后的
主要步骤:
1、Maven安装配置
(1)、下载Apache-maven-3.3.3,把它解压到某个路径,然后配置环境变量。完成之后可以在命令行中输入:mvn -来检查maven是否配置成功。
(2)、配置maven本地仓库。找到maven的安装路径,打开conf下的setting.xml文件。里面的localRepository标签即是配置本地仓库用得。先解除注释,然后配置一个本地目录,这样maven管理下得jar包就回下载到相应路径下。最后别忘了把该setting.xml文件复制一份到配置的目标目录下,方便与Eclipse集成。
(3)、再Eclipse中集成maven,在preferencs中配置以下内容:
2、创建一个名为Corwdsourcing的maven项目。注意,要把项目编码设置为utf-8。
3、配置pom.xml,引入相关jar包
&project xmlns=&http://maven.apache.org/POM/4.0.0& xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xsi:schemaLocation=&http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd&&
&modelVersion&4.0.0&/modelVersion&
&groupId&cn.edu.zju.eagle&/groupId&
&artifactId&Crowdsourcing&/artifactId&
&packaging&war&/packaging&
&version&0.0.1-SNAPSHOT&/version&
&name&Crowdsourcing Maven Webapp&/name&
&url&http://maven.apache.org&/url&
&properties&
&!-- spring --&
&spring.version&4.0.2.RELEASE&/spring.version&
&!-- mybatis版本号 --&
&mybatis.version&3.2.6&/mybatis.version&
&!-- log4j日志文件管理包版本 --&
&slf4j.version&1.7.7&/slf4j.version&
&log4j.version&1.2.17&/log4j.version&
&shiro.version&1.2.3&/shiro.version&
&/properties&
&dependencies&
&dependency&
&groupId&junit&/groupId&
&artifactId&junit&/artifactId&
&version&4.11&/version&
&!-- 表示开发的时候引入,发布的时候不会加载此包 --&
&scope&test&/scope&
&/dependency&
&!-- shiro --&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-spring&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-ehcache&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-core&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-web&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&dependency&
&groupId&org.apache.shiro&/groupId&
&artifactId&shiro-quartz&/artifactId&
&version&${shiro.version}&/version&
&/dependency&
&!-- spring核心包 --&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-core&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-web&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-oxm&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-tx&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-jdbc&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-webmvc&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-aop&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-context-support&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&dependency&
&groupId&org.springframework&/groupId&
&artifactId&spring-test&/artifactId&
&version&${spring.version}&/version&
&/dependency&
&!-- mybatis核心包 --&
&dependency&
&groupId&org.mybatis&/groupId&
&artifactId&mybatis&/artifactId&
&version&${mybatis.version}&/version&
&/dependency&
&!-- mybatis/spring包 --&
&dependency&
&groupId&org.mybatis&/groupId&
&artifactId&mybatis-spring&/artifactId&
&version&1.2.2&/version&
&/dependency&
&!-- 导入 ee jar 包 --&
&dependency&
&groupId&javax&/groupId&
&artifactId&javaee-api&/artifactId&
&version&7.0&/version&
&/dependency&
&!-- 导入链接jar包 --&
&dependency&
&groupId&mysql&/groupId&
&artifactId&mysql-connector-java&/artifactId&
&version&5.1.30&/version&
&/dependency&
&!-- 导入dbcp的jar包,用来在applicationContext.xml中配置数据库 --&
&dependency&
&groupId&commons-dbcp&/groupId&
&artifactId&commons-dbcp&/artifactId&
&version&1.2.2&/version&
&/dependency&
&!-- JSTL标签类 --&
&dependency&
&groupId&jstl&/groupId&
&artifactId&jstl&/artifactId&
&version&1.2&/version&
&/dependency&
&!-- 日志文件管理包 --&
&dependency&
&groupId&log4j&/groupId&
&artifactId&log4j&/artifactId&
&version&${log4j.version}&/version&
&/dependency&
&!-- JSON工具类 --&
&dependency&
&groupId&com.alibaba&/groupId&
&artifactId&fastjson&/artifactId&
&version&1.1.41&/version&
&/dependency&
&dependency&
&groupId&org.slf4j&/groupId&
&artifactId&slf4j-api&/artifactId&
&version&${slf4j.version}&/version&
&/dependency&
&dependency&
&groupId&org.slf4j&/groupId&
&artifactId&slf4j-log4j12&/artifactId&
&version&${slf4j.version}&/version&
&/dependency&
&!-- jackson --&
&dependency&
&groupId&org.codehaus.jackson&/groupId&
&artifactId&jackson-mapper-asl&/artifactId&
&version&1.9.13&/version&
&/dependency&
&!-- 上传组件包 --&
&dependency&
&groupId&commons-fileupload&/groupId&
&artifactId&commons-fileupload&/artifactId&
&version&1.3.1&/version&
&/dependency&
&dependency&
&groupId&commons-io&/groupId&
&artifactId&commons-io&/artifactId&
&version&2.4&/version&
&/dependency&
&dependency&
&groupId&commons-codec&/groupId&
&artifactId&commons-codec&/artifactId&
&version&1.9&/version&
&/dependency&
&/dependencies&
&finalName&Crowdsourcing&/finalName&
&/project&
4、整合Spring和MyBatis
(1)、jdbc.properties文件
driver=com.mysql.jdbc.Driver
url=jdbc:mysql://10.214.52.238:3306/crowdsourcing?useUnicode=true&characterEncoding=utf-8
username=zhouyu
password=zhouyu
#定义初始连接数
initialSize=0
#定义最大连接数
maxActive=20
#定义最大空闲
maxIdle=20
#定义最小空闲
#定义最长等待时间
maxWait=60000
(2)、日志文件
#定义LOG输出级别
log4j.rootLogger=INFO,Console,File
#定义日志输出目的地为控制台
log4j.appender.Console=org.apache.log4j.ConsoleAppender
log4j.appender.Console.Target=.out
#可以灵活地指定日志输出格式,下面一行是指定具体的格式
log4j.appender.Console.layout = org.apache.log4j.PatternLayout
log4j.appender.Console.layout.ConversionPattern=[%c] - %m%n
#文件大小到达指定尺寸的时候产生一个新的文件
log4j.appender.File = org.apache.log4j.RollingFileAppender
#指定输出目录
log4j.appender.File.File = logs/ssm.log
#定义文件最大大小
log4j.appender.File.MaxFileSize = 10MB
# 输出所以日志,如果换成DEBUG表示输出DEBUG以上级别日志
log4j.appender.File.Threshold = ALL
log4j.appender.File.layout = org.apache.log4j.PatternLayout
log4j.appender.File.layout.ConversionPattern =[%p] [%d{yyyy-MM-dd HH\:mm\:ss}][%c]%m%n
(3)、applicationContex.xml文件。该文件主要用来整合Spring和MyBatis
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance& xmlns:p=&http://www.springframework.org/schema/p&
xmlns:context=&http://www.springframework.org/schema/context&
xmlns:mvc=&http://www.springframework.org/schema/mvc&
xsi:schemaLocation=&http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd&&
&!-- 自动扫描 --&
&context:component-scan base-package=&cn.edu.zju.eagle.crowdsourcing& /&
&!-- 引入配置文件 --&
&bean id=&propertyConfigurer&
class=&org.springframework.beans.factory.config.PropertyPlaceholderConfigurer&&
&property name=&location& value=/"classpath:jdbc.properties" />
(4)、创建实体类、MyBatis映射文件、DAO层和Service层接口。前三者既可以手写,也可以利用MyBatis Generator自动创建。各文件如下:
cn.edu.zju.eagle.crowdsourcing.web.
import java.util.D
public class User {
public Date createT
/** 若该属性值等于0,表示该实体未被删除,若该属性值等于1,表示该实体类已被删除。 */
public Integer isD
public User() {
public User(String username, String password) {
this.username =
this.password =
public Integer getId() {
public void setId(Integer id) {
public String getUsername() {
public void setUsername(String username) {
this.username =
public String getPassword() {
public void setPassword(String password) {
this.password =
public Date getCreateTime() {
return createT
public void setCreateTime(Date createTime) {
this.createTime = createT
public Integer getIsDelete() {
return isD
public void setIsDelete(Integer isDelete) {
this.isDelete = isD
public String toString() {
return &User [id=& + id + &, username=& + username + &, password=& + password + &, createTime=& + createTime
+ &, isDelete=& + isDelete + &]&;
UserMapper映射文件
&?xml version=&1.0& encoding=&UTF-8&?&
&!DOCTYPE mapper PUBLIC &-//mybatis.org//DTD Mapper 3.0//EN& &http://mybatis.org/dtd/mybatis-3-mapper.dtd&&
&mapper namespace=&cn.edu.zju.eagle.crowdsourcing.web.dao.UserDao&&
&resultMap id=&BaseResultMap& type=&cn.edu.zju.eagle.crowdsourcing.web.model.User&&
&id column=&id& jdbcType=&INTEGER& property=&id& /&
&result column=&username& jdbcType=&VARCHAR& property=&username& /&
&result column=&password& jdbcType=&VARCHAR& property=&password& /&
&result column=&create_time& jdbcType=&TIMESTAMP& property=&createTime& /&
&result column=&is_delete& jdbcType=&INTEGER& property=&isDelete& /&
&/resultMap&
&sql id=&Base_Column_List&&
id, username, password, create_time, is_delete
&!-- 用户登录验证查询 --&
&select id=&authenticate& resultMap=&BaseResultMap&
parameterType=&map&&
&include refid=&Base_Column_List& /&
where username = #{record.username,jdbcType=VARCHAR} and
password =
#{record.password,jdbcType=VARCHAR} and is_delete = 0
&!-- 更新用户信息 --&
& id=&updateUser& parameterType=&cn.edu.zju.eagle.crowdsourcing.web.model.User&&
update user
&if test=&record.username != null&&
username = #{record.username,jdbcType=VARCHAR},
&if test=&record.password != null&&
password = #{record.password,jdbcType=VARCHAR},
where id = #{record.id,jdbcType=INTEGER} and is_delete = 0
UserDao.java文件
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.ibatis.annotations.P
import cn.edu.zju.eagle.crowdsourcing.web.model.U
* 用户认证
* @param user 待认证用户
* @return 若认证失败,则返回User实例,否则返回null
public User authenticate(@Param(&record&) User record);
* 更新user信息
* @param record
* @return 受影响的行数
public int updateUser(@Param(&record&) User record);
UserServiceImpl.java
package cn.edu.zju.eagle.crowdsourcing.web.service.
import javax.annotation.R
import org.springframework.stereotype.S
import cn.edu.zju.eagle.crowdsourcing.web.dao.UserD
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
@Service(&userService&)
public class UserServiceImpl implements UserService {
private UserDao userD
public User authenticate(User user) {
return userDao.authenticate(user);
public int updateUser(User user) {
return userDao.updateUser(user);
5、整合SpringMVC
(1)、配置web.xml文件
&?xml version=&1.0& encoding=&UTF-8&?&
&web-app xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xmlns=&/xml/ns/javaee&
xsi:schemaLocation=&/xml/ns/javaee /xml/ns/javaee/web-app_3_0.xsd&
version=&3.0&&
&display-name&Archetype Created Web Application&/display-name&
&!-- Spring和mybatis的 --&
&context-param&
¶m-name&contextConfigLocation&/param-name&
¶m-value&
classpath:applicationContext.xml
&/param-value&
&/context-param&
&!-- 编码过滤器 --&
&filter-name&encodingFilter&/filter-name&
&filter-class&org.springframework.web.filter.CharacterEncodingFilter&/filter-class&
&async-supported&true&/async-supported&
&init-param&
¶m-name&encoding&/param-name&
¶m-value&UTF-8&/param-value&
&/init-param&
&filter-mapping&
&filter-name&encodingFilter&/filter-name&
&url-pattern&/*&/url-pattern&
&/filter-mapping&
&!-- Spring监听器 --&
&listener&
&listener-class&org.springframework.web.context.ContextLoaderListener&/listener-class&
&/listener&
&!-- 防止Spring内存溢出监听器 --&
&listener&
&listener-class&org.springframework.web.util.IntrospectorCleanupListener&/listener-class&
&/listener&
&!-- Spring MVC servlet --&
&servlet-name&SpringMVC&/servlet-name&
&servlet-class&org.springframework.web.servlet.DispatcherServlet&/servlet-class&
&init-param&
¶m-name&contextConfigLocation&/param-name&
¶m-value&classpath:spring-mvc.xml&/param-value&
&/init-param&
&load-on-startup&1&/load-on-startup&
&async-supported&true&/async-supported&
&/servlet&
&servlet-mapping&
&servlet-name&SpringMVC&/servlet-name&
&!-- 此处可以可以配置成*.do,对应struts的后缀习惯 --&
&url-pattern&/&/url-pattern&
&/servlet-mapping&
&welcome-file-list&
&welcome-file&/index&/welcome-file&
&/welcome-file-list&
&/web-app&
(2)、配置spring-mvc.xml
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance& xmlns:p=&http://www.springframework.org/schema/p&
xmlns:context=&http://www.springframework.org/schema/context&
xmlns:mvc=&http://www.springframework.org/schema/mvc&
xsi:schemaLocation=&http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd&&
&!-- 自动扫描该包,使SpringMVC认为包下用了@controller注解的类是控制器 --&
&context:component-scan base-package=&cn.edu.zju.eagle.crowdsourcing& /&
&!-- 访问静态文件 --&
&mvc:annotation-driven /&
&mvc:resources location=&/resources/& mapping=&/resources/**& /&
&!--避免IE执行AJAX时,返回JSON出现下载文件 --&
&bean id=&mappingJacksonHttpMessageConverter&
class=&org.springframework.http.converter.json.MappingJacksonHttpMessageConverter&&
&property name=&supportedMediaTypes&&
&value&text/charset=UTF-8&/value&
&/property&
&!-- 启动SpringMVC的注解功能,完成请求和注解POJO的映射 --&
class=&org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter&&
&property name=&messageConverters&&
&ref bean=&mappingJacksonHttpMessageConverter& /& &!-- JSON转换器 --&
&/property&
&!-- 定义跳转的文件的前后缀 ,视图模式配置--&
&bean class=&org.springframework.web.servlet.view.InternalResourceViewResolver&&
&!-- 这里的配置我的理解是自动给后面action的方法return的字符串加上前缀和后缀,变成一个 可用的url地址 --&
&property name=&prefix& value=/"/WEB-INF/views/" />
6、配置Shiro
(1)、applicationContex-shiro.xml
&?xml version=&1.0& encoding=&UTF-8&?&
&beans xmlns=&http://www.springframework.org/schema/beans& xmlns:util=&http://www.springframework.org/schema/util&
xmlns:xsi=&http://www.w3.org/2001/XMLSchema-instance&
xsi:schemaLocation=&
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd&&
&description&apache shiro配置&/description&
&bean id=&shiroFilter& class=&org.apache.shiro.spring.web.ShiroFilterFactoryBean&&
&property name=&securityManager& ref=&securityManager&/&
&property name=&loginUrl& value=/"/page/login"/>
/resources/** = anon
/user/login = anon
/page/login = anon
/** = authc
该文件需要用到自定义的Realm Bean完成权限检查和身份验证,这里定义为SecurityRealm.java
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.log4j.L
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.AuthenticationI
import org.apache.shiro.authc.AuthenticationT
import org.apache.shiro.authc.SimpleAuthenticationI
import org.apache.shiro.authz.AuthorizationI
import org.apache.shiro.authz.SimpleAuthorizationI
import org.apache.shiro.realm.AuthorizingR
import org.apache.shiro.subject.PrincipalC
import org.
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
* 用户身份验证,授权 Realm 组件
* @author xiejingfa
@Component(value = /"securityRealm")
public class SecurityRealm extends AuthorizingRealm {
private static Logger logger = Logger.getLogger(SecurityRealm.class);
private UserService userS
public void setUserService(UserService userService) {
this.userService = userS
* 权限检查
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String username = String.valueOf(principals.getPrimaryPrincipal());
System.out.println("doGetAuthorizationInfo username : " + username);
// 添加角色...
// 添加权限...
return authorizationI
* 登录验证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = String.valueOf(token.getPrincipal());
String password = new String((char[]) token.getCredentials());
// 通过数据库进行验证
User unauthUser = new User();
unauthUser.username =
unauthUser.password =
final User authUser = userService.authenticate(unauthUser);
("待验证用户:" + unauthUser);
("验证结果:" + authUser);
if (authUser == null) {
throw new AuthenticationException("用户名或密码错误.");
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(username, password, getName());
return authenticationI
(2)、再web.xml中配置shiro过滤器和applicationContex-shiro.xml文件
package cn.edu.zju.eagle.crowdsourcing.web.
import org.apache.log4j.L
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.AuthenticationI
import org.apache.shiro.authc.AuthenticationT
import org.apache.shiro.authc.SimpleAuthenticationI
import org.apache.shiro.authz.AuthorizationI
import org.apache.shiro.authz.SimpleAuthorizationI
import org.apache.shiro.realm.AuthorizingR
import org.apache.shiro.subject.PrincipalC
import org.
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
* 用户身份验证,授权 Realm 组件
* @author xiejingfa
@Component(value = /"securityRealm")
public class SecurityRealm extends AuthorizingRealm {
private static Logger logger = Logger.getLogger(SecurityRealm.class);
private UserService userS
public void setUserService(UserService userService) {
this.userService = userS
* 权限检查
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String username = String.valueOf(principals.getPrimaryPrincipal());
System.out.println("doGetAuthorizationInfo username : " + username);
// 添加角色...
// 添加权限...
return authorizationI
* 登录验证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = String.valueOf(token.getPrincipal());
String password = new String((char[]) token.getCredentials());
// 通过数据库进行验证
User unauthUser = new User();
unauthUser.username =
unauthUser.password =
final User authUser = userService.authenticate(unauthUser);
("待验证用户:" + unauthUser);
("验证结果:" + authUser);
if (authUser == null) {
throw new AuthenticationException("用户名或密码错误.");
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(username, password, getName());
return authenticationI
(1)、编写Controller控制器类
package cn.edu.zju.eagle.crowdsourcing.web.
import javax.annotation.R
import javax.servlet.http.HttpServletR
import javax.servlet.http.HttpS
import javax.validation.V
import org.apache.log4j.L
import org.apache.shiro.SecurityU
import org.apache.shiro.authc.AuthenticationE
import org.apache.shiro.authc.UsernamePasswordT
import org.apache.shiro.subject.S
import org.springframework.stereotype.C
import org.springframework.ui.M
import org.springframework.validation.BindingR
import org.springframework.web.bind.annotation.RequestM
import org.springframework.web.bind.annotation.RequestM
import cn.edu.zju.eagle.crowdsourcing.web.model.U
import cn.edu.zju.eagle.crowdsourcing.web.service.UserS
@Controller
@RequestMapping(&/user&)
public class UserController {
private static Logger logger = Logger.getLogger(UserController.class);
private UserService userS
* 用户登录
* @param user
* @param result
@RequestMapping(value = /"/login", method = RequestMethod.POST)
public String login(@Valid User user, BindingResult result, Model model, HttpServletRequest request) {
System.out.println("login: " + user.toString());
Subject subject = SecurityUtils.getSubject();
// 已登陆则 跳到首页
if (subject.isAuthenticated()) {
(user.getUsername() + "已经登录");
return "redirect:/comm/index";
// 参数错误
if (result.hasErrors()) {
model.addAttribute("error", "参数错误!");
("参数错误");
return "redirect:/page/login";
// 身份验证
subject.login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));
// 验证成功在Session中保存用户信息
final User authUserInfo = userService.authenticate(user);
request.getSession().setAttribute("userInfo", authUserInfo);
("登录成功" + authUserInfo);
} catch (AuthenticationException e) {
// 身份验证失败
model.addAttribute("error", "用户名或密码错误!");
(user.getUsername() + "用户名或密码错误");
return "redirect:/page/login";
(user.getUsername() + "登录成功");
return "redirect:/comm/index";
* 用户登出
* @param session
@RequestMapping(value="/logout", method=RequestMethod.GET)
public String logout(HttpSession session) {
session.removeAttribute("userInfo");
// 登出操作
Subject subject = SecurityUtils.getSubject();
subject.logout();
return "redirect:/page/login";
(2)、导入数据库
-- phpMyAdmin SQL Dump
-- version 4.5.0.2
-- http://www.phpmyadmin.net
-- Generation Time:
-- 版本: 10.0.17-MariaDB
-- PHP Version: 5.6.14
SET SQL_MODE = &NO_AUTO_VALUE_ON_ZERO&;
SET time_zone = &+00:00&;
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
-- : `crowdsourcing`
-- --------------------------------------------------------
-- 表的结构 `user`
CREATE TABLE `user` (
`id` int(11) NOT NULL COMMENT '主键',
`username` varchar(128) NOT NULL COMMENT '用户名',
`password` varchar(256) NOT NULL COMMENT '密码',
`create_time` datetime NOT NULL COMMENT '注册时间',
`is_delete` int(11) NOT NULL DEFAULT '0' COMMENT '是否删除'
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='用户表';
-- 转存表中的数据 `user`
INSERT INTO `user` (`id`, `username`, `password`, `create_time`, `is_delete`) VALUES
(1, 'fred', '8d969eef6ecad3c29a3acf0c3f5d5a86aff3caadc6c92', ' 13:00:00', 0);
-- Indexes for dumped tables
-- Indexes for table `user`
ALTER TABLE `user`
ADD PRIMARY KEY (`id`);
-- AUTO_INCREMENT for dumped tables
-- AUTO_INCREMENT for table `user`
ALTER TABLE `user`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT COMMENT '主键', AUTO_INCREMENT=2;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
到这里,完成了Spring + SpringMVC + MyBatis + Shiro的整合。}
我要回帖
更多推荐
- ·第五人格空军背景故事男女求生全名及背景故事和生日
- ·龙腾世纪审判可攻略角色3审判各队友好感度攻略
- ·玩英雄联盟卡住不动是什么原因,进游戏10多秒后卡死黑屏,怎么解决!
- ·从哪里可以查看switch在哪看已购买的游戏能玩的所以游戏?
- ·去哪里下载玩萤火突击手游挂机辅助免费版的辅助挂机脚本?
- ·急性早幼粒急性淋巴细胞白血病病维持期间可以吃花旗参吗
- ·建筑物区分所有权解释由哪些权利组成
- ·弹强的多音字组词和拼音字
- ·春天有多远到了,医学生离爱情有多远
- ·混合型痔疮大便出血的症状是什么症状我大便是有出血
- ·147忍考没有鼬消消乐147关怎么过过
- ·面对来访者的绝望废墟,作者既不绝望,也不超脱,这是哪一个作品所表达的内容
- ·一个事务可以对应两个connection开启事务吗
- ·136x17+65x17-17
- ·治疗胃酸过多法莫替丁片与奥美拉唑和拉唑哪个更好
- ·食道左边长了一砣红红火火恍恍惚惚的是什么东西
- ·井筒倒挂井壁法施工出现蜂窝麻面质量问题的主要原因是什么
- ·北京精锐教育育在北京的工作环境怎么样?
- ·17年的高校招生有什么变化天津浙江中医药大学分数线招浙江学生多少分数多少
- ·研招网没有待录取通知知为什么还没出来
- ·sping boot web.xmlmybatis融合web怎么写
- ·是胃异位胰腺要怎么注意,胰腺胃异位胰腺要怎么注意是啥意思,求解,刚才打错成导位了,
- ·什么是增塑剂生产厂家,什么是助剂,
- ·多少倍的10倍地球重力长大的人可以压碎原子
- ·在pcb布线中,要使拐角成pcb圆弧走线形,应该怎么设置
- ·数控车床编程指令用G76指令能车蜗杆吗
- ·同人世永远告别像低回温婉的小调,婉指死去 是什么成语
- ·我想问问,撒可富复合肥价格表有没有28/15/12含量的玉米复合肥
- ·怎样移动dos态密度度图DOS的费米能级Ef才是正确的呢
- ·99*9/100怎么样用99 999 199简便方法法算
- ·害人形容很厉害的词语语有那些
- ·安装和使用交流使用电焊机应注意什么么问题
- ·长船日本语学院申请加拿大留学拒签率被拒签,听说因为学校不是优良校,还可以申请
- ·看了这些,孩子小升初的语文不怕不怕不怕啦舞蹈视频
- ·请教:如何怎么才能点燃这根蜡烛让蜡烛均匀凝固。急
