当前位置：首页 >Java技术 > springboot与shiro和mybatis和mysql

springboot与shiro和mybatis和mysql

测试项目已上传到GitHub：https://github.com/xiaostudy/springboot_shiro_test1

1、创建springboot项目

 1 <!-- 数据库连接池 --> 2 <dependency> 3 <groupId>com.alibaba</groupId> 4 <artifactId>druid</artifactId> 5 <version>1.1.10</version> 6 </dependency> 7 <!-- Shiro --> 8 <dependency> 9 <groupId>org.apache.shiro</groupId>10 <artifactId>shiro-spring</artifactId>11 <version>1.3.2</version>12 </dependency>13 <!-- log4j -->14 <dependency>15 <groupId>log4j</groupId>16 <artifactId>log4j</artifactId>17 <version>1.2.17</version>18 </dependency>

src\main\webapp\

2、创建实体类

PermissionEntity.java

 1 package com.xiaostudy.shiro_test1.entity; 2  3 import java.io.Serializable; 4  5 /** 6  * 权限实体类 7  * Created with IntelliJ IDEA. 8  * User: Administrator 9  * Date: 2019/6/810  * Time: 14:2111  * Description: No Description12  */13 public class PermissionEntity implements Serializable {14 private String id;15 private String name;16 private String url;17 18 public String getId() {19 retu id;20 }21 22 public void setId(String id) {23 this.id = id;24 }25 26 public String getName() {27 retu name;28 }29 30 public void setName(String name) {31 this.name = name;32 }33 34 public String getUrl() {35 retu url;36 }37 38 public void setUrl(String url) {39 this.url = url;40 }41 }

 1 package com.xiaostudy.shiro_test1.entity; 2  3 import java.io.Serializable; 4 import java.util.HashSet; 5 import java.util.Set; 6  7 /** 8  * 角色实体类 9  * Created with IntelliJ IDEA.10  * User: Administrator11  * Date: 2019/6/812  * Time: 14:2413  * Description: No Description14  */15 public class RoleEntity implements Serializable {16 private String id;17 private String name;18 private Set<PermissionEntity> permissions = new HashSet<>();19 20 public String getId() {21 retu id;22 }23 24 public void setId(String id) {25 this.id = id;26 }27 28 public String getName() {29 retu name;30 }31 32 public void setName(String name) {33 this.name = name;34 }35 36 public Set<PermissionEntity> getPermissions() {37 retu permissions;38 }39 40 public void setPermissions(Set<PermissionEntity> permissions) {41 this.permissions = permissions;42 }43 }

 1 package com.xiaostudy.shiro_test1.entity; 2  3 import java.io.Serializable; 4 import java.util.HashSet; 5 import java.util.Set; 6  7 /** 8  * 用户实体类 9  * Created with IntelliJ IDEA.10  * User: Administrator11  * Date: 2019/6/812  * Time: 14:2613  * Description: No Description14  */15 public class UserEntity implements Serializable {16 private String id;17 private String name;18 private String password;19 private Set<RoleEntity> roles = new HashSet<>();20 21 public String getId() {22 retu id;23 }24 25 public void setId(String id) {26 this.id = id;27 }28 29 public String getName() {30 retu name;31 }32 33 public void setName(String name) {34 this.name = name;35 }36 37 public String getPassword() {38 retu password;39 }40 41 public void setPassword(String password) {42 this.password = password;43 }44 45 public Set<RoleEntity> getRoles() {46 retu roles;47 }48 49 public void setRoles(Set<RoleEntity> roles) {50 this.roles = roles;51 }52 }

实体类entity，也可以叫bean、domain，具体叫什可以根据自己的喜欢选取

3、数据库创建表和添加数据

 1  DROP TABLE IF EXISTS `role_permission`; 2  DROP TABLE IF EXISTS `permission`; 3  DROP TABLE IF EXISTS `user_role`; 4  DROP TABLE IF EXISTS `role`; 5  DROP TABLE IF EXISTS `user`; 6  7  CREATE TABLE `user` ( 8  `id` VARCHAR(255) PRIMARY KEY, 9  `name` VARCHAR(255),10  `password` VARCHAR(255)11  ) engine = InnoDB default charset = utf8 comment = '用户表';12 13  CREATE TABLE `role` (14  `id` VARCHAR(255) PRIMARY KEY,15  `name` VARCHAR(255)16  ) engine = InnoDB default charset = utf8 comment = '角色表';17 18  CREATE TABLE `user_role` (19  `id` VARCHAR(255) PRIMARY KEY,20  `user_id` VARCHAR(255),21  `role_id` VARCHAR(255),22  FOREIGN KEY (`user_id`) REFERENCES `user`(id),23  FOREIGN KEY (`role_id`) REFERENCES `role`(id)24  ) engine = InnoDB default charset = utf8 comment = '用户与角色多对多表';25 26  CREATE TABLE `permission` (27  `id` VARCHAR(255) PRIMARY KEY,28  `name` VARCHAR(255),29  `url` VARCHAR(255)30  ) engine = InnoDB default charset = utf8 comment = '权限表';31 32  CREATE TABLE `role_permission` (33  `id` VARCHAR(255) PRIMARY KEY,34  `role_id` VARCHAR(255),35  `permission_id` VARCHAR(255),36  FOREIGN KEY (`role_id`) REFERENCES `role`(id),37  FOREIGN KEY (`permission_id`) REFERENCES `permission`(id)38  ) engine = InnoDB default charset = utf8 comment = '角色与权限多对多表';39 40 insert into `user` (`id`, `name`, `password`) values('1','admin','123456');41 insert into `user` (`id`, `name`, `password`) values('2','vip','123456');42 insert into `user` (`id`, `name`, `password`) values('3','svip','1234');43 44 insert into `role` (`id`, `name`) values('1','user');45 insert into `role` (`id`, `name`) values('2','vip');46 insert into `role` (`id`, `name`) values('3','svip');47 48 insert into `permission` (`id`, `name`, `url`) values('1','user','user');49 insert into `permission` (`id`, `name`, `url`) values('2','vip','vip');50 insert into `permission` (`id`, `name`, `url`) values('3','svip','svip');51 52 insert into `user_role` (`id`, `user_id`, `role_id`) values('1','1','1');53 insert into `user_role` (`id`, `user_id`, `role_id`) values('2','2','1');54 insert into `user_role` (`id`, `user_id`, `role_id`) values('3','2','2');55 insert into `user_role` (`id`, `user_id`, `role_id`) values('4','3','1');56 insert into `user_role` (`id`, `user_id`, `role_id`) values('5','3','2');57 insert into `user_role` (`id`, `user_id`, `role_id`) values('6','3','3');58 59 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('1','1','1');60 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('2','2','1');61 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('3','2','2');62 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('4','3','1');63 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('5','3','2');64 insert into `role_permission` (`id`, `role_id`, `permission_id`) values('6','3','3');

4、接下来写mapper，也叫dao

 1 package com.xiaostudy.shiro_test1.mapper; 2  3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import org.apache.ibatis.annotations.Mapper; 5  6 /** 7  * Created with IntelliJ IDEA. 8  * User: Administrator 9  * Date: 2019/6/810  * Time: 14:4511  * Description: No Description12  */13 @Mapper14 public interface UserMapper {15 16 // 根据用户名称，查询用户信息17 public UserEntity findByName(String name);18 19 // 根据用户id，查询用户信息、角色、权限20 public UserEntity findById(String id);21 }

@Mapper后面再讲，这里也可以不用@Mapper

 1 <?xml version="1.0" encoding="UTF-8"?> 2 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> 3 <mapper namespace="com.xiaostudy.shiro_test1.mapper.UserMapper"> 4  5 <resultMap id="userMap" type="com.xiaostudy.shiro_test1.entity.UserEntity"> 6 <id property="id" column="id"/> 7 <result property="name" column="name"/> 8 <result property="password" column="password"/> 9 <collection property="roles" ofType="com.xiaostudy.shiro_test1.entity.RoleEntity">10 <id property="id" column="roleId"/>11 <result property="name" column="roleName"/>12 <collection property="permissions" ofType="com.xiaostudy.shiro_test1.entity.PermissionEntity">13 <id property="id" column="permissionId"/>14 <result property="name" column="permissionName"/>15 <result property="url" column="permissionUrl"/>16 </collection>17 </collection>18 </resultMap>19 20 <select id="findByName" parameterType="java.lang.String" resultType="com.xiaostudy.shiro_test1.entity.UserEntity">21   SELECT id, name, password22 FROM user23   WHERE name = #{name}24 </select>25 26 <select id="findById" parameterType="java.lang.String" resultMap="userMap">27   SELECT user.id, user.name, user.password,28 role.id as roleId, role.name as roleName,29 permission.id as permissionId,30 permission.name as permissionName,31 permission.url as permissionUrl32 FROM user, user_role, role, role_permission, permission33   WHERE user.id = #{id}34 AND user.id = user_role.user_id35 AND user_role.role_id = role.id36 AND role.id = role_permission.role_id37 AND role_permission.permission_id = permission.id38 </select>39 40 </mapper>

5、下面写service

 1 package com.xiaostudy.shiro_test1.service; 2  3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4  5 /** 6  * Created with IntelliJ IDEA. 7  * User: Administrator 8  * Date: 2019/6/8 9  * Time: 14:5510  * Description: No Description11  */12 public interface UserService {13 14 UserEntity findByName(String name);15 16 UserEntity findById(String id);17 }

 1 package com.xiaostudy.shiro_test1.service.impl; 2  3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import com.xiaostudy.shiro_test1.mapper.UserMapper; 5 import com.xiaostudy.shiro_test1.service.UserService; 6 import org.springframework.beans.factory.annotation.Autowired; 7 import org.springframework.stereotype.Service; 8  9 /**10  * Created with IntelliJ IDEA.11  * User: Administrator12  * Date: 2019/6/813  * Time: 14:5614  * Description: No Description15  */16 @Service17 public class UserServiceImpl implements UserService {18 19 @Autowired20 private UserMapper userMapper;21 22 @Override23 public UserEntity findByName(String name) {24 retu userMapper.findByName(name);25 }26 27 @Override28 public UserEntity findById(String id) {29 retu userMapper.findById(id);30 }31 }

6、下面写自定义Realm的UserRealm.java

 1 package com.xiaostudy.shiro_test1.realm; 2  3 import com.xiaostudy.shiro_test1.entity.PermissionEntity; 4 import com.xiaostudy.shiro_test1.entity.RoleEntity; 5 import com.xiaostudy.shiro_test1.entity.UserEntity; 6 import com.xiaostudy.shiro_test1.service.UserService; 7 import org.apache.shiro.SecurityUtils; 8 import org.apache.shiro.authc.*; 9 import org.apache.shiro.authz.AuthorizationInfo;10 import org.apache.shiro.authz.SimpleAuthorizationInfo;11 import org.apache.shiro.realm.AuthorizingRealm;12 import org.apache.shiro.subject.PrincipalCollection;13 import org.apache.shiro.subject.Subject;14 import org.apache.shiro.util.ByteSource;15 import org.springframework.beans.factory.annotation.Autowired;16 17 import java.util.Collection;18 import java.util.HashSet;19 import java.util.Set;20 21 /**22  * 自定义Realm，实现授权与认证23  * Created with IntelliJ IDEA.24  * User: Administrator25  * Date: 2019/6/826  * Time: 15:0127  * Description: No Description28  */29 public class UserRealm extends AuthorizingRealm {30 31 @Autowired32 private UserService userService;33 34 /**35  * 用户授权36  **/37 @Override38 protected AuthorizationInfo doGetAuthorizationInfo(39 PrincipalCollection principalCollection) {40 41 System.out.println("===执行授权===");42 43 Subject subject = SecurityUtils.getSubject();44 UserEntity user = (UserEntity)subject.getPrincipal();45 if(user != null){46 SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();47 // 角色字符串集合48 Collection<String> rolesCollection = new HashSet<>();49 // 权限字符串集合50 Collection<String> premissionCollection = new HashSet<>();51 // 读取并赋值用户角色与权限52 Set<RoleEntity> roles = user.getRoles();53 for(RoleEntity role : roles){54 rolesCollection.add(role.getName());55 Set<PermissionEntity> permissions = role.getPermissions();56 for (PermissionEntity permission : permissions){57 // 权限名称为PermissionEntity为字段url58 premissionCollection.add(permission.getUrl());59 }60 info.addStringPermissions(premissionCollection);61 }62 info.addRoles(rolesCollection);63 retu info;64 }65 retu null;66 }67 68 /**69  * 用户认证70  **/71 @Override72 protected AuthenticationInfo doGetAuthenticationInfo(73 AuthenticationToken authenticationToken) throws AuthenticationException {74 75 System.out.println("===执行认证===");76 77 UseamePasswordToken token = (UseamePasswordToken)authenticationToken;78 UserEntity bean = userService.findByName(token.getUseame());79 80 if(bean == null){81 // 用户不存在82 throw new UnknownAccountException();83 } else {84 bean = userService.findById(bean.getId());85 if(null == bean) {86 // 认证失败87 throw new AuthenticationException();88 }89 }90 91 ByteSource credentialsSalt = ByteSource.Util.bytes(bean.getName());92 93 retu new SimpleAuthenticationInfo(bean, bean.getPassword(),94 credentialsSalt, getName());95 }96 }

7、下面写shiro配置类

 1 package com.xiaostudy.shiro_test1.config; 2  3 import com.xiaostudy.shiro_test1.realm.UserRealm; 4 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; 5 import org.apache.shiro.spring.web.ShiroFilterFactoryBean; 6 import org.apache.shiro.web.mgt.DefaultWebSecurityManager; 7 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; 8 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; 9 import org.springframework.context.annotation.Bean;10 import org.springframework.context.annotation.Configuration;11 12 import java.util.HashMap;13 import java.util.Map;14 15 /**16  * Shiro配置类17  * Created with IntelliJ IDEA.18  * User: Administrator19  * Date: 2019/6/820  * Time: 15:0621  * Description: No Description22  */23 @Configuration24 public class ShiroConfig {25 26 // 创建自定义 realm27 @Bean28 public UserRealm userRealm() {29 UserRealm userRealm = new UserRealm();30 retu userRealm;31 }32 33 // 创建 SecurityManager 对象34 @Bean35 public DefaultWebSecurityManager securityManager() {36 DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();37 securityManager.setRealm(userRealm());38 retu securityManager;39 }40 41 // Filter工厂，设置对应的过滤条件和跳转条件42 @Bean43 public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {44 ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();45 shiroFilterFactoryBean.setSecurityManager(securityManager);46 /**47  * anon：匿名用户可访问48  * authc：认证用户可访问49  * user：使用rememberMe可访问50  * perms：对应权限可访问51  * role：对应角色权限可访问52  */53 Map<String, String> map = new HashMap<>();54 // 开放登录接口55 map.put("/login", "anon");56 //map.put("/login", "authc");57 // 对登录跳转接口进行释放58 map.put("/error", "anon");59 // 对所有用户认证60 map.put("/**", "authc");61 // 登出62 map.put("/logout", "logout");63 // 登录64 // 注意：这里配置的 /login 是指到 @RequestMapping(value="/login")中的 /login65 shiroFilterFactoryBean.setLoginUrl("/login");66 // 首页67 shiroFilterFactoryBean.setSuccessUrl("/index");68 // 错误页面，认证不通过跳转69 shiroFilterFactoryBean.setUnauthorizedUrl("/error/unAuth");70 shiroFilterFactoryBean.setFilterChainDefinitionMap(map);71 retu shiroFilterFactoryBean;72 }73 74 // 加入注解的使用，不加这个，注解不生效75 @Bean76 public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {77 AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();78 authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);79 retu authorizationAttributeSourceAdvisor;80 }81 82 // 跟上面的注解配置搭配使用，有时候加了上面的配置后注解不生效，需要加入下面的配置83 @Bean84 @ConditionalOnMissingBean85 public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {86 DefaultAdvisorAutoProxyCreator app = new DefaultAdvisorAutoProxyCreator();87 app.setProxyTargetClass(true);88 retu app;89 }90 }

8、下面写没有权限异常处理类

 1 package com.xiaostudy.shiro_test1.exception; 2  3 import org.apache.shiro.authz.AuthorizationException; 4 import org.apache.shiro.authz.UnauthorizedException; 5 import org.springframework.stereotype.Component; 6 import org.springframework.web.bind.annotation.ControllerAdvice; 7 import org.springframework.web.bind.annotation.ExceptionHandler; 8 import org.springframework.web.bind.annotation.ResponseBody; 9 10 /**11  * Created with IntelliJ IDEA.12  * User: Administrator13  * Date: 2019/6/814  * Time: 15:1315  * Description: No Description16  */17 @ControllerAdvice18 public class NoPermissionException {19 // 授权失败，就是说没有该权限20 @ExceptionHandler(UnauthorizedException.class)21 public String handleShiroException(Exception ex) {22 retu "/error/unAuth";23 }24 25 @ResponseBody26 @ExceptionHandler(AuthorizationException.class)27 public String AuthorizationException(Exception ex) {28 retu "权限认证失败";29 }30 }

9、下面写controller

 1 package com.xiaostudy.shiro_test1.web.controller; 2  3 import org.apache.shiro.SecurityUtils; 4 import org.apache.shiro.authc.AuthenticationException; 5 import org.apache.shiro.authc.IncorrectCredentialsException; 6 import org.apache.shiro.authc.UnknownAccountException; 7 import org.apache.shiro.authc.UseamePasswordToken; 8 import org.apache.shiro.subject.Subject; 9 import org.springframework.stereotype.Controller;10 import org.springframework.web.bind.annotation.RequestMapping;11 12 import javax.servlet.http.HttpServletRequest;13 import javax.servlet.http.HttpServletResponse;14 15 /**16  * 用户登录、登出、错误页面跳转控制器17  * Created with IntelliJ IDEA.18  * User: Administrator19  * Date: 2019/6/820  * Time: 15:1521  * Description: No Description22  */23 @Controller24 public class MainController {25 26 @RequestMapping("/index")27 public String index(HttpServletRequest request, HttpServletResponse response){28 response.setHeader("root", request.getContextPath());29 retu "index";30 }31 32 @RequestMapping("/login")33 public String login(HttpServletRequest request, HttpServletResponse response){34 response.setHeader("root", request.getContextPath());35 String userName = request.getParameter("useame");36 String password = request.getParameter("password");37 38 // 等于null说明用户没有登录，只是拦截所有请求到这里，那就直接让用户去登录页面，就不认证了。39 // 如果这里不处理，那个会返回用户名不存在，逻辑上不合理，用户还没登录怎么就用户名不存在？40 if(null == userName) {41 retu "login";42 }43 44 // 1.获取Subject45 Subject subject = SecurityUtils.getSubject();46 // 2.封装用户数据47 UseamePasswordToken token = new UseamePasswordToken(userName, password);48 // 3.执行登录方法49 try{50 subject.login(token);51 retu "redirect:/index";52 } catch (UnknownAccountException e){53 // 这里是捕获自定义Realm的用户名不存在异常54 request.setAttribute("msg","用户名不存在！");55 } catch (IncorrectCredentialsException e){56 request.setAttribute("userName",userName);57 request.setAttribute("msg","密码错误！");58 } catch (AuthenticationException e) {59 // 这里是捕获自定义Realm的认证失败异常60 request.setAttribute("msg","认证失败！");61 }62 63 retu "login";64 }65 66 @RequestMapping("/logout")67 public String logout(){68 Subject subject = SecurityUtils.getSubject();69 if (subject != null) {70 subject.logout();71 }72 //retu "redirect:/main";73 retu "login";74 }75 76 @RequestMapping("/error/unAuth")77 public String unAuth(){78 retu "/error/unAuth";79 }80 81 @RequestMapping("/err")82 public String err(){83 retu "/error/unAuth";84 }85 }

 1 package com.xiaostudy.shiro_test1.web.controller; 2  3 import com.xiaostudy.shiro_test1.entity.UserEntity; 4 import org.apache.shiro.SecurityUtils; 5 import org.apache.shiro.authz.annotation.RequiresPermissions; 6 import org.springframework.stereotype.Controller; 7 import org.springframework.web.bind.annotation.RequestMapping; 8  9 import javax.servlet.http.HttpServletRequest;10 11 /**12  * 用户页面跳转13  * Created with IntelliJ IDEA.14  * User: Administrator15  * Date: 2019/6/816  * Time: 15:2117  * Description: No Description18  */19 @Controller20 public class UserController {21 22 /**23  * 个人中心，需认证可访问24  */25 @RequestMapping("/user/index")26 @RequiresPermissions(value = "user")// 这里的user，就是对应权限实体类PermissionEntity的字段url，自定义Realm类UserRealm里是用这个字段27 public String add(HttpServletRequest request){28 UserEntity bean = (UserEntity) SecurityUtils.getSubject().getPrincipal();29 request.setAttribute("userName", bean.getName());30 retu "/user/index";31 }32 33 /**34  * 会员中心，需认证且角色为vip可访问35  */36 @RequestMapping("/vip/index")37 @RequiresPermissions(value = "vip")38 public String update(){39 retu "/vip/index";40 }41 }

10、下面写spring-mvc.xml

 1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:mvc="http://www.springframework.org/schema/mvc" 4 xmlns:aop="http://www.springframework.org/schema/aop" 5 xmlns:tx="http://www.springframework.org/schema/tx" 6 xmlns:context="http://www.springframework.org/schema/context" 7 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 8 xsi:schemaLocation="http://www.springframework.org/schema/beans 9 http://www.springframework.org/schema/beans/spring-beans-3.2.xsd10 http://www.springframework.org/schema/mvc11 http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd12 http://www.springframework.org/schema/context13 http://www.springframework.org/schema/context/spring-context-3.2.xsd14 http://www.springframework.org/schema/aop15 http://www.springframework.org/schema/aop/spring-aop-3.2.xsd16 http://www.springframework.org/schema/tx17 http://www.springframework.org/schema/tx/spring-tx-3.2.xsd">18 19 <!-- 把Controller交给spring管理 -->20 <context:component-scan base-package="com.xiaostudy"/>21 22 <!-- 配置注解处理器映射器 功能：寻找执行类Controller -->23 <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping"/>24 25 <!-- 配置注解处理器适配器 功能：调用controller方法，执行controller -->26 <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter"/>27 28 <!-- 配置sprigmvc视图解析器：解析逻辑试图29  后台返回逻辑试图：index30 视图解析器解析出真正物理视图：前缀+逻辑试图+后缀====/WEB-INF/index.jsp -->31 <!--<bean class="org.springframework.web.servlet.view.IntealResourceViewResolver">32 <property name="prefix" value="/WEB-INF/"/>33 <property name="suffix" value=".jsp"/>34 </bean>-->35 </beans>

11、下面写web.xml

 1 <?xml version="1.0" encoding="UTF-8"?> 2 <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" 3  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 4  xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" 5  version="4.0"> 6 <display-name>Archetype Created Web Application</display-name> 7  8 <!--请求编码设置--> 9 <filter>10 <filter-name>encodingFilter</filter-name>11 <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>12 <init-param>13 <param-name>encoding</param-name>14 <param-value>UTF-8</param-value>15 </init-param>16 <init-param>17 <param-name>forceEncoding</param-name>18 <param-value>true</param-value>19 </init-param>20 </filter>21 <filter-mapping>22 <filter-name>encodingFilter</filter-name>23 <url-patte>/*</url-patte>24 </filter-mapping>25 26 <listener>27 <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>28 </listener>29 <listener>30 <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>31 </listener>32 <servlet>33 <servlet-name>SpringMVC</servlet-name>34 <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>35 <init-param>36 <param-name>contextConfigLocation</param-name>37 <param-value>classpath:spring-mvc.xml</param-value>38 </init-param>39 <load-on-startup>1</load-on-startup>40 <async-supported>true</async-supported>41 </servlet>42 <servlet-mapping>43 <servlet-name>SpringMVC</servlet-name>44 <url-patte>/</url-patte>45 </servlet-mapping>46 <welcome-file-list>47 <welcome-file>/index</welcome-file>48 </welcome-file-list>49 </web-app>

12、下面写application.yml

 1 spring: 2 datasource: 3 url: jdbc:mysql://localhost:3306/shiro_test?useUnicode=true&characterEncoding=UTF-8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC 4 useame: root 5 password: root 6 driver-class-name: com.mysql.cj.jdbc.Driver 7 type: com.alibaba.druid.pool.DruidDataSource 8 # 初始化时建立物理连接连接的个数 9 initialSize: 510 # 最小连接池数量11 minIdle: 512 # 最大连接池数量13 maxActive: 2014 # 获取连接时最大等待时间(ms)，即60s15 maxWait: 6000016 # 1.Destroy线程会检测连接的间隔时间；2.testWhileIdle的判断依据17 timeBetweenEvictionRunsMillis: 6000018 # 最小生存时间ms19 minEvictableIdleTimeMillis: 60000020 maxEvictableIdleTimeMillis: 90000021 # 用来检测连接是否有效的sql22 validationQuery: SELECT 1 FROM DUAL23 # 申请连接时执行validationQuery检测连接是否有效，启用会降低性能24 testOnBorrow: false25 # 归还连接时执行validationQuery检测连接是否有效，启用会降低性能26 testOnRetu: false27 # 申请连接的时候检测，如果空闲时间大于timeBetweenEvictionRunsMillis，28 # 执行validationQuery检测连接是否有效，不会降低性能29 testWhileIdle: true30 # 是否缓存preparedStatement，mysql建议关闭31 poolPreparedStatements: false32 # 配置监控统计拦截的filters，去掉后监控界面sql无法统计，'wall'用于防火墙33 filters: stat,wall,log4j34 thymeleaf:35 suffix: .html36 charset: utf-837 mvc:38 # 配置静态资源映射路径，/public、/resources路径失效39 static-path-patte: templates/**40 mybatis:41 mapper-locations: classpath:mapper/*.xml42 #mapperLocations: classpath:mapper/*.xml43 # 虽然可以配置这项来进行pojo包扫描，但其实我更倾向于在mapper.xml写全类名44 #type-aliases-package: com.xiaostudy.shiro_test1.entity

13、下面写html

 1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <meta charset="UTF-8"> 5 <title>登录</title> 6 </head> 7 <body> 8 <h1>用户登录</h1> 9 <hr>10 <form id="from" action="/login" method="post">11 <table>12 <tr>13 <td>用户名</td>14 <td>15 <input type="text" name="useame" placeholder="请输入账户名" value="" th:value="${userName }"/>16 </td>17 </tr>18 <tr>19 <td>密码</td>20 <td>21 <input type="password" name="password" placeholder="请输入密码"/>22 </td>23 </tr>24 <tr>25 <td colspan="2">26 <span style="color: red;">[[${msg }]]</span>27 </td>28 </tr>29 <tr>30 <td colspan="2">31 <input type="submit" value="登录"/>32 <input type="reset" value="重置"/>33 </td>34 </tr>35 </table>36 </form>37 </body>38 </html>

 1 <!DOCTYPE html> 2 <html lang="en"> 3  4 <head> 5 <title>首页</title> 6 </head> 7 <body> 8 <h1>首页</h1> 9 <hr>10 <ul>11 <li><a href="user/index">个人中心</a></li>12 <li><a href="vip/index">会员中心</a></li>13 <li><a href="logout">退出登录</a></li>14 </ul>15 </body>16 </html>

 1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <title>用户中心</title> 5 </head> 6 <body> 7 <h1>用户中心</h1> 8 <hr> 9 <h1>欢迎[[${userName }]],这里是用户中心</h1>10 </body>11 </html>

 1 <!DOCTYPE html> 2 <html lang="en" xmlns:th="http://www.thymeleaf.org"> 3 <head> 4 <title>会员中心</title> 5 </head> 6 <body> 7 <h1>会员中心</h1> 8 <hr> 9 <h1>欢迎来到<span style="color: red;">会员中心</span></h1>10 </body>11 </html>

1 <!DOCTYPE html>2 <html lang="en">3 <head>4 <title>未授权提示</title>5 </head>6 <body>7 <h1>您还不是<span style="color: red;">会员</span> ，没有权限访问这个页面！</h1>8 </body>9 </html>