bao231
- 浏览: 87253 次
- 性别:
- 来自: 杭州
-
文章分类
最新评论
-
zijinSiShaojun:
很不错的工具类。很久了,不知道有没有更新
java 如何根据线程id找到线程 -
chenxuezhou_yzl:
11111111111
java 如何根据线程id找到线程 -
qxpidt:
我运行了下,没有获取到163邮箱的主页内容,
httpclient 163邮箱登陆 -
qxpidt:
你登录成功后,能成功获取到主页的文本吗?
httpclient 163邮箱登陆 -
qxpidt:
楼主,你这个程序,你测试过了吗?
httpclient 163邮箱登陆
shiro 后台权限认证集成jdbc数据库操作
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
">
<description>apache shiro 配置</description>
<context:component-scan base-package="com.haier.uhome.hr91.util.shiro" />
<!-- 自定义shiro的realm数据库身份验证 -->
<bean id="jdbcAuthenticationRealm" class="com.haier.uhome.hr91.util.shiro.JdbcAuthenticationRealm" >
<property name="name" value="jdbcAuthentication" />
<property name="credentialsMatcher">
<bean class="com.haier.uhome.hr91.util.shiro.UhomeSecurityPasswd">
</bean>
</property>
<property name="defaultPermissionString" value="security:index,menu:list,info:list" />
</bean>
<bean id="customRememberMeManager" class="com.haier.uhome.hr91.util.shiro.CustomRememberMeManager"></bean>
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"></bean>
<!-- 使用默认的WebSecurityManager -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- realm认证和授权,从数据库读取资源 -->
<property name="realm" ref="jdbcAuthenticationRealm" />
<property name="rememberMeManager" ref="customRememberMeManager" />
<property name="sessionManager" ref="sessionManager" />
</bean>
<!-- 自定义对 shiro的连接约束,结合shiroSecurityFilter实现动态获取资源 -->
<bean id="chainDefinitionSectionMetaSource" class="com.haier.uhome.hr91.util.shiro.ChainDefinitionSectionMetaSource">
<!-- 默认的连接配置 -->
<property name="filterChainDefinitions">
<value>
/manager/login.do = captchaAuthc
/manager/logout.do = logout
/manager/css/** = anon
/manager/images/** = anon
/manager/js/** = anon
/webservice/VerificationCode = anon
/manager/index.html = perms[security:index]
/manager/changePassword = perms[security:change-password]
/manager/menu.do = perms[menu:list]
/manager/info.do = perms[info:list]
</value>
</property>
<property name="webmap">
<value>/WEB-INF/conf/webmap.xml</value>
</property>
</bean>
<!-- 将shiro与spring集合 -->
<bean id="captchaAuthenticationFilter" class="com.haier.uhome.hr91.util.shiro.CaptchaAuthenticationFilter">
<property name="usernameParam"><value>loginName</value></property>
<property name="passwordParam"><value>loginPwd</value></property>
<property name="captchaParam"><value>rand</value></property>
<property name="sessionCaptchaKeyAttribute"><value>repeatCode</value></property>
<property name="failureKeyAttribute"><value>errStr</value></property>
</bean>
<bean id="uhomeRoleFilter" class="com.haier.uhome.hr91.util.shiro.UhomeRolesAuthorizationFilter"></bean>
<bean id="logout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
<property name="redirectUrl"><value>/manager/login.do</value></property>
</bean>
<bean id="shiroSecurityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="filters">
<map>
<entry key="captchaAuthc" value-ref="captchaAuthenticationFilter" />
<entry key="uhomeRoles" value-ref="uhomeRoleFilter" />
</map>
</property>
<!-- shiro的核心安全接口 -->
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/manager/login.do" />
<property name="successUrl" value="/manager/index.html" />
<!-- shiro连接约束配置,在这里使用自定义的动态获取资源类 -->
<property name="filterChainDefinitionMap" ref="chainDefinitionSectionMetaSource" />
</bean>
<!-- shiro为集成spring -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!-- 启用shiro为spring配置的bean注释,只运行在lifecycleBeanProcessor之后 -->
<bean id="annotationProxy" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true" />
</bean>
<!-- 启用shrio授权注解拦截方式 -->
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
</beans>
JdbcAuthenticationRealm.java
public class JdbcAuthenticationRealm extends AuthorizingRealm
{
@Autowired
AdminService adminService;
@Autowired
ManagerDAO managerDAO;
@Autowired
ManagerRoleService managerRoleService;
List<String> defaultPermission = new ArrayList<String>();
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken token) throws AuthenticationException
{
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
String username = usernamePasswordToken.getUsername();
String tmpPassword = null;
if (username == null)
{
throw new AccountException("用户名不能为空");
}
Admin user = adminService.findByLoginName(username);
Manager manager = null;
CommonVariableModel model = new CommonVariableModel();
if (user == null)
{
manager = managerDAO.findByLoginName(username);
if (manager == null)
throw new UnknownAccountException("用户不存在");
else
{
tmpPassword = manager.getLoginPwd();
model.setManager(manager);
}
} else
{
tmpPassword = user.getPassword();
model.setUser(user);
}
return new SimpleAuthenticationInfo(model, tmpPassword, getName());
}
/**
*
* 当用户进行访问链接时的授权方法
*
*/
protected AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals)
{
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
CommonVariableModel model = (CommonVariableModel) principals
.getPrimaryPrincipal();
info.addStringPermissions(defaultPermission);
Manager manager = model.getManager();
Admin user = model.getUser();
if (manager != null)
{
info.addRole(manager.getRole());
} else if (user != null)
{
info.addRole(user.getRole());
}
info.addRole("zbx");
return info;
}
public void setDefaultPermissionString(String defaultPermissionString)
{
String[] perms = defaultPermissionString.split(",");
CollectionUtils.addAll(defaultPermission, perms);
}
}
CustomRememberMeManager
public class CustomRememberMeManager extends CookieRememberMeManager
{
/**
* 构造方法,不在这里对Cookie的maxAge设置值
*/
public CustomRememberMeManager()
{
Cookie cookie = new SimpleCookie(DEFAULT_REMEMBER_ME_COOKIE_NAME);
cookie.setHttpOnly(true);
setCookie(cookie);
}
/**
* 重写父类方法,写入Cookie时,先把传过来的有效时间设置到cookie里面在序列化Identity
*/
@Override
public void rememberIdentity(Subject subject, AuthenticationToken token,
AuthenticationInfo authcInfo)
{
UsernamePasswordTokeExtend tokeExtend = (UsernamePasswordTokeExtend) token;
getCookie().setMaxAge(tokeExtend.getRememberMeCookieValue());
super.rememberIdentity(subject, token, authcInfo);
}
}
ChainDefinitionSectionMetaSource
public class ChainDefinitionSectionMetaSource implements
FactoryBean<Ini.Section>
{
private String filterChainDefinitions;
private static final String BLANK_STRING = "";
private Resource webmap = null;
public void setWebmap(Resource resource)
{
this.webmap = resource;
}
public Resource getWebmap()
{
return webmap;
}
@SuppressWarnings("unchecked")
@Override
public Section getObject() throws Exception
{
Ini ini = new Ini();
// 加载默认的url
ini.load(filterChainDefinitions);
Ini.Section section = ini.getSection(Ini.DEFAULT_SECTION_NAME);
// Map<String, List<String>> url2roles = new HashMap<String, List<String>>();
Document doc = XMLUtils.loadXML(webmap.getInputStream());
NodeList groupNodes = doc.getElementsByTagName("group");
int len = groupNodes.getLength();
List<String> list = null;
for (int i = 0; i < len; i++)
{
Element group = (Element) groupNodes.item(i);
String roleStr = group.getAttribute("role");
NodeList menuNodes = group.getElementsByTagName("item");
for (int j = 0; j < menuNodes.getLength(); j++)
{
Element menu = (Element) menuNodes.item(j);
String roleStr1 = menu.getAttribute("role");
String path = BLANK_STRING;
if(menu.getAttribute("path")!=null)
path = menu.getAttribute("path");
NodeList urlNodes = menu.getElementsByTagName("url");
for (int k = 0; k < urlNodes.getLength(); k++)
{
Element url = (Element) urlNodes.item(k);
String roleStr2 = url.getAttribute("role");
String urlString = StringUtils.applyRelativePath(path,url.getTextContent());
if (isBlank(urlString))
continue;
list = null;
if (!isBlank(roleStr2))
{
list = CollectionUtils.arrayToList(StringUtils
.tokenizeToStringArray(roleStr2, ","));
} else if (!isBlank(roleStr1))
{
list = CollectionUtils.arrayToList(StringUtils
.tokenizeToStringArray(roleStr1, ","));
} else if (!isBlank(roleStr))
{
list = CollectionUtils.arrayToList(StringUtils
.tokenizeToStringArray(roleStr, ","));
} else
{
list = Collections.emptyList();
}
// url2roles.put(urlString.trim(), list);
section.put(urlString.trim(), getRoles(list));
}
}
}
return section;
}
@Override
public Class<?> getObjectType()
{
return this.getClass();
}
@Override
public boolean isSingleton()
{
return false;
}
public String getFilterChainDefinitions()
{
return filterChainDefinitions;
}
public void setFilterChainDefinitions(String filterChainDefinitions)
{
this.filterChainDefinitions = filterChainDefinitions;
}
// private
private boolean isBlank(String st)
{
if (st == null || st.trim().equals(BLANK_STRING))
return true;
return false;
}
private String getRoles(List<String> list)
{
if (list.size() == 0)
return BLANK_STRING;
StringBuilder sbBuilder = new StringBuilder();
// sbBuilder.append(",");
for (int i = 0, flag = 1; i < list.size(); i++)
{
String s = list.get(i);
sbBuilder.append("uhomeRoles[");
sbBuilder.append(s);
sbBuilder.append("]");
if (flag % list.size() != 0)
sbBuilder.append(",");
flag++;
}
return sbBuilder.toString();
}
public static void main(String[] args)
{
System.err.println(StringUtils.applyRelativePath("aa/bb/cc/aa.html","aa/bb"));
}
}
CaptchaAuthenticationFilter
public class CaptchaAuthenticationFilter extends FormAuthenticationFilter
{
/**
* 默认验证码参数名称
*/
public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
/**
* 登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key默认名称
*/
public static final String DEFAULT_SHOW_CAPTCHA_KEY_ATTRIBUTE = "showCaptcha";
/**
* 默认在session中存储的登录次数名称
*/
private static final String DEFAULT_LOGIN_NUM_KEY_ATTRIBUTE = "loginNum";
// 验证码参数名称
private String captchaParam = DEFAULT_CAPTCHA_PARAM;
// 在session中的存储验证码的key名称
private String sessionCaptchaKeyAttribute = DEFAULT_CAPTCHA_PARAM;
// 在session中存储的登录次数名称
private String loginNumKeyAttribute = DEFAULT_LOGIN_NUM_KEY_ATTRIBUTE;
// 登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
private String sessionShowCaptchaKeyAttribute = DEFAULT_SHOW_CAPTCHA_KEY_ATTRIBUTE;
// 允许登录次数,当登录次数大于该数值时,会在页面中显示验证码
private Integer allowLoginNum = 1;
@Autowired
private ManagerRoleService managerRoleService;
/**
* 重写父类方法,在shiro执行登录时先对比验证码,正确后在登录,否则直接登录失败
*/
@Override
protected boolean executeLogin(ServletRequest request,
ServletResponse response) throws Exception
{
Session session = getSubject(request, response).getSession();
// 获取登录次数
Integer number = (Integer) session
.getAttribute(getLoginNumKeyAttribute());
// 首次登录,将该数量记录在session中
if (number == null)
{
number = new Integer(1);
session.setAttribute(getLoginNumKeyAttribute(), number);
}
// 获取当前验证码
String currentCaptcha = (String) session
.getAttribute(getSessionCaptchaKeyAttribute());
// 获取用户输入的验证码
String submitCaptcha = getCaptcha(request);
// 如果验证码不匹配,登录失败
if ((submitCaptcha == null || submitCaptcha.length() == 0)
|| !currentCaptcha.equalsIgnoreCase(submitCaptcha))
{
return onLoginFailure(this.createToken(request, response),
new AccountException("验证码不正确"), request, response);
}
return super.executeLogin(request, response);
}
/**
* 设置验证码提交的参数名称
*
* @param captchaParam
* 验证码提交的参数名称
*/
public void setCaptchaParam(String captchaParam)
{
this.captchaParam = captchaParam;
}
/**
* 获取验证码提交的参数名称
*
* @return String
*/
public String getCaptchaParam()
{
return captchaParam;
}
/**
* 设置在session中的存储验证码的key名称
*
* @param sessionCaptchaKeyAttribute
* 存储验证码的key名称
*/
public void setSessionCaptchaKeyAttribute(String sessionCaptchaKeyAttribute)
{
this.sessionCaptchaKeyAttribute = sessionCaptchaKeyAttribute;
}
/**
* 获取设置在session中的存储验证码的key名称
*
* @return Sting
*/
public String getSessionCaptchaKeyAttribute()
{
return sessionCaptchaKeyAttribute;
}
/**
* 获取在session中存储的登录次数名称
*
* @return Stromg
*/
public String getLoginNumKeyAttribute()
{
return loginNumKeyAttribute;
}
/**
* 设置在session中存储的登录次数名称
*
* @param loginNumKeyAttribute
* 登录次数名称
*/
public void setLoginNumKeyAttribute(String loginNumKeyAttribute)
{
this.loginNumKeyAttribute = loginNumKeyAttribute;
}
/**
* 获取用户输入的验证码
*
* @param request
* ServletRequest
*
* @return String
*/
public String getCaptcha(ServletRequest request)
{
return WebUtils.getCleanParam(request, getCaptchaParam());
}
/**
* 获取登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
*
* @return String
*/
public String getSessionShowCaptchaKeyAttribute()
{
return sessionShowCaptchaKeyAttribute;
}
/**
* 设置登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
*
* @param sessionShowCaptchaKeyAttribute
* 是否展示验证码的key名称
*/
public void setSessionShowCaptchaKeyAttribute(
String sessionShowCaptchaKeyAttribute)
{
this.sessionShowCaptchaKeyAttribute = sessionShowCaptchaKeyAttribute;
}
/**
* 获取允许登录次数
*
* @return Integer
*/
public Integer getAllowLoginNum()
{
return allowLoginNum;
}
/**
* 设置允许登录次数,当登录次数大于该数值时,会在页面中显示验证码
*
* @param allowLoginNum
* 允许登录次数
*/
public void setAllowLoginNum(Integer allowLoginNum)
{
this.allowLoginNum = allowLoginNum;
}
/**
* 重写父类方法,当登录失败将异常信息设置到request的attribute中
*/
@Override
protected void setFailureAttribute(ServletRequest request,
AuthenticationException ae)
{
if (ae instanceof IncorrectCredentialsException)
{
request.setAttribute(getFailureKeyAttribute(), "用户名密码不正确");
} else
{
request.setAttribute(getFailureKeyAttribute(), ae.getMessage());
}
}
/**
* 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码
*/
@Override
protected boolean onLoginFailure(AuthenticationToken token,
AuthenticationException e, ServletRequest request,
ServletResponse response)
{
// try
// {
// WebUtils.issueRedirect(request, response, getLoginUrl());
// } catch (IOException e1)
// {
//
// e1.printStackTrace();
// }
Session session = getSubject(request, response).getSession(false);
Integer number = (Integer) session
.getAttribute(getLoginNumKeyAttribute());
// 如果失败登录次数大于allowLoginNum时,展示验证码
if (number > getAllowLoginNum() - 1)
{
session.setAttribute(getSessionShowCaptchaKeyAttribute(), true);
session.setAttribute(getLoginNumKeyAttribute(), ++number);
}
session.setAttribute(getLoginNumKeyAttribute(), ++number);
setFailureAttribute(request, e);
return true;
}
/**
* 重写父类方法,当登录成功后,将allowLoginNum(允许登录次)设置为0,重置下一次登录的状态
*/
@Override
protected boolean onLoginSuccess(AuthenticationToken token,
Subject subject, ServletRequest request, ServletResponse response)
throws Exception
{
Session session = subject.getSession(false);
session.removeAttribute(getLoginNumKeyAttribute());
session.removeAttribute(getSessionShowCaptchaKeyAttribute());
CommonVariableModel cvm = (CommonVariableModel) subject.getPrincipal();
String role = null;
if (cvm.getUser() != null)
{
role = cvm.getUser().getRole();
} else if (cvm.getManager() != null)
{
role = cvm.getManager().getRole();
}
HttpUser user = new HttpUser(role);
ManagerRole role1 = managerRoleService.findByCode(role);
user.appendRole(((UsernamePasswordToken) token).getUsername(),
role1.getId());
session.setAttribute(CommonAction.MANAGER_SESSION_CODE, user);
return super.onLoginSuccess(token, subject, request, response);
}
/**
* 重写父类方法,创建一个自定义的{@link UsernamePasswordTokeExtend}
*/
@Override
protected AuthenticationToken createToken(ServletRequest request,
ServletResponse response)
{
String username = getUsername(request);
String password = getPassword(request);
String host = getHost(request);
boolean rememberMe = false;
String rememberMeValue = request.getParameter(getRememberMeParam());
Integer rememberMeCookieValue = null;
// 如果提交的rememberMe参数存在值,将rememberMe设置成true
if (!(rememberMeValue == null || rememberMeValue.length() == 0))
{
rememberMe = true;
rememberMeCookieValue = CaptchaAuthenticationFilter.toInt(
rememberMeValue, 0);
}
return new UsernamePasswordTokeExtend(username, password, rememberMe,
host, rememberMeCookieValue);
}
// @Override
// protected boolean isLoginRequest(ServletRequest request, ServletResponse
// response) {
// return pathsMatch("/manager/login_submit.do", request);
// }
/**
* UsernamePasswordToke扩展,添加一个rememberMeValue字段,获取提交上来的rememberMe值
* 根据该rememberMe值去设置Cookie的有效时间。
*
* @author vincent
*
*/
@SuppressWarnings("serial")
protected class UsernamePasswordTokeExtend extends UsernamePasswordToken
{
// rememberMe cookie的有效时间
private Integer rememberMeCookieValue;
public UsernamePasswordTokeExtend()
{
}
public UsernamePasswordTokeExtend(String username, String password,
boolean rememberMe, String host, Integer rememberMeCookieValue)
{
super(username, password, rememberMe, host);
this.rememberMeCookieValue = rememberMeCookieValue;
}
/**
* 获取rememberMe cookie的有效时间
*
* @return Integer
*/
public Integer getRememberMeCookieValue()
{
return rememberMeCookieValue;
}
/**
* 设置rememberMe cookie的有效时间
*
* @param rememberMeCookieValue
* cookie的有效时间
*/
public void setRememberMeCookieValue(Integer rememberMeCookieValue)
{
this.rememberMeCookieValue = rememberMeCookieValue;
}
}
private static int toInt(String str, int defaultValue)
{
if (str == null)
{
return defaultValue;
}
try
{
return Integer.parseInt(str);
} catch (NumberFormatException nfe)
{
return defaultValue;
}
}
}
com.haier.uhome.hr91.util.shiro.UhomeRolesAuthorizationFilter
package com.haier.uhome.hr91.util.shiro;
import static org.apache.shiro.util.StringUtils.split;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;
public class UhomeRolesAuthorizationFilter extends RolesAuthorizationFilter
{
@Override
public Filter processPathConfig(String path, String config)
{
@SuppressWarnings("unchecked")
List<String[]> list = (List<String[]>) this.appliedPaths.get(path);
if (config != null)
{
if (list == null)
list = new ArrayList<String[]>();
list.add(split(config));
}
this.appliedPaths.put(path, list);
return this;
}
@SuppressWarnings("unchecked")
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response)
throws Exception
{
if (this.appliedPaths == null || this.appliedPaths.isEmpty())
{
// if (log.isTraceEnabled()) {
// log.trace("appliedPaths property is null or empty. This Filter will passthrough immediately.");
// }
return true;
}
for (String path : this.appliedPaths.keySet())
{
// If the path does match, then pass on to the subclass
// implementation for specific checks
// (first match 'wins'):
if (pathsMatch(path, request))
{
// log.trace("Current requestURI matches pattern '{}'. Determining filter chain execution...",
// path);
Object config = this.appliedPaths.get(path);
List<String[]> configList = (List<String[]>) config;
if (configList != null)
{
for (String[] arr : configList)
{
if (isFilterChainContinued(request, response, path, arr))
return true;
}
return false;
} else
return isFilterChainContinued(request, response, path,
config);
}
}
// no path matched, allow the request to go through:
return true;
}
private boolean isFilterChainContinued(ServletRequest request,
ServletResponse response, String path, Object pathConfig)
throws Exception
{
if (isEnabled(request, response, path, pathConfig))
{ // isEnabled check added in 1.2
// if (log.isTraceEnabled())
// {
// log.trace(
// "Filter '{}' is enabled for the current request under path '{}' with config [{}]. "
// +
// "Delegating to subclass implementation for 'onPreHandle' check.",
// new Object[] { getName(), path, pathConfig });
// }
// The filter is enabled for this specific request, so delegate to
// subclass implementations
// so they can decide if the request should continue through the
// chain or not:
return onPreHandle(request, response, pathConfig);
}
// if (log.isTraceEnabled())
// {
// log.trace(
// "Filter '{}' is disabled for the current request under path '{}' with config [{}]. "
// + "The next element in the FilterChain will be called immediately.",
// new Object[] { getName(), path, pathConfig });
// }
// This filter is disabled for this specific request,
// return 'true' immediately to indicate that the filter will not
// process the request
// and let the request/response to continue through the filter chain:
return true;
}
}
<?xml version="1.0" encoding="UTF-8"?> <root> <group role="manager" title="社区管理" expand="true"> <item url="comm/user_list.do" title="社区业户" path="/manager/comm/"> <url>user_list.do</url> </item> <item role="manager,admin" url="comm/user_group_list.do" title="业户群组" path="/manager/comm/"> <url>user_group_list.do</url> </item> <item url="comm/car_list.do" title="业户车辆" path="/manager/comm/"> <url>car_list.do</url> </item> <item url="comm/bodyguard_list.do" title="社区保安 " path="/manager/comm/"> <url>bodyguard_list.do</url> </item> <item url="comm/log_patrol_list.do" title="巡更记录 " path="/manager/comm/"> <url>log_patrol_list.do</url> </item> </group> <group role="admin" title="终端管理" expand="true"> <item url="device/community_list.do" title="小区结构 " path="/manager/device/"> <url>community_list.do</url> </item> <item url="device/device_model_list.do" title="终端型号 " path="/manager/device/"> <url>device_model_list.do</url> </item> <item url="device/device_list.do" title="终端设备 " path="/manager/device/"> <url>device_list.do</url> </item> <item url="device/device_scan.do" title="扫描终端 " path="/manager/device/"> <url>/manager/device/device_scan.do</url> </item> <item url="device/device_remote_control_list.do" title="终端远程控制 " path="/manager/device/"> <url>device_remote_control_list.do</url> </item> <item url="device/device_soft_list.do" title="升级软件管理 " path="/manager/device/"> <url>device_soft_list.do</url> </item> <item url="device/update_select_device.do" title="终端升级 " path="/manager/device/"> <url>update_select_device.do</url> </item> <item url="device/update_info.do" title="终端升级信息 " path="/manager/device/"> <url>update_info.do</url> </item> </group> <group role="manager" title="IC卡管理" expand="true" > <item url="card/card_add.do" title="IC卡注册 " path="/manager/card/"> <url>card_add.do</url> </item> <item url="card/card_list.do" title="IC卡列表 " path="/manager/card/"> <url>card_list.do</url> </item> <item url="card/card_send_select_dev.do" title="IC卡下发 " path="/manager/card/"> <url>card_send_select_dev.do</url> </item> <item url="card/card_imp_exp.do" title="IC卡信息维护 " path="/manager/card/"> <url>card_imp_exp.do</url> </item> </group> <group role="manager" title="门禁管理" expand="true"> <item url="pwd/pwd_comm_select_dev.do" title="设置小区门禁密码 " path="/manager/pwd/"> <url>pwd_comm_select_dev.do</url> </item> <item url="pwd/pwd_unit_select_dev.do" title="设置单元门禁密码 " path="/manager/pwd/"> <url>pwd_unit_select_dev.do</url> </item> <item url="pwd/pwd_send_select_dev.do" title="密码下发 " path="/manager/pwd/"> <url>pwd_send_select_dev.do</url> </item> </group> <group role="manager" title="社区服务" expand="true"> <item url="commserv/bill_select_user.do" title="物业收费" path="/manager/commserv/"> <url>bill_select_user.do</url> </item> <item url="commserv/weather_view.do" title="天气预报" path="/manager/commserv/"> <url>weather_view.do</url> </item> </group> <group role="manager" title="日志管理" expand="true"> <item url="log/log_startup_list.do" title="系统启动日志 " path="/manager/log/"> <url>log_startup_list.do</url> </item> <item url="log/log_device_startup_list.do" title="终端启动日志 " path="/manager/log/"> <url>log_device_startup_list.do</url> </item> <item url="log/log_callup_list.do" title="呼叫日志 " path="/manager/log/"> <url>log_callup_list.do</url> </item> <item url="log/log_alert_list.do" title="报警日志" path="/manager/log/"> <url>log_alert_list.do</url> </item> <item url="log/log_alert_turnoff_list.do" title="解除报警日志 " path="/manager/log/"> <url>log_alert_turnoff_list.do</url> </item> <item url="log/log_comm_door_list.do" title="小区开门日志 " path="/manager/log/"> <url>log_comm_door_list.do</url> </item> <item url="log/log_unit_door_list.do" title="单元开门日志 " path="/manager/log/"> <url>log_unit_door_list.do</url> </item> </group> <group role="admin" title="DVR管理" expand="true"> <item url="dvr/dvr_server_list.do" title="DVR服务器 " path="/manager/dvr/"> <url>dvr_server_list.do</url> </item> <item url="dvr/dvr_camera_list.do" title="DVR摄像头" path="/manager/dvr/"> <url>dvr_camera_list.do</url> </item> </group> <group role="admin" title="系统参数设置" expand="true"> <item url="sys/config.do" title="系统参数 " path="/manager/sys/"> <url>config.do</url> </item> <item url="sys/reg.do" title="系统注册 " path="/manager/sys/"> <url>reg.do</url> </item> <item url="sys/manager_list.do" title="系统管理员 " path="/manager/sys/"> <url>manager_list.do</url> </item> <item url="sys/db_backup_list.do" title="数据备份 " path="/manager/sys/"> <url>db_backup_list.do</url> </item> <item url="sys/update_pwd.do" title="修改密码 " path="/manager/sys/"> <url>update_pwd.do</url> </item> </group> </root>
分享到:
发表评论
相关推荐
MyBatis能够直接操作数据库,提供更灵活的数据库操作,同时避免了传统的JDBC代码繁琐和易出错的问题。 4. **Apache Shiro**:Shiro是一个强大的且易用的Java安全框架,提供了认证、授权、会话管理和加密等功能。在...
通过这个Demo,开发者可以学习到如何在Spring中集成MyBatis进行数据库操作,如定义Mapper接口、编写XML映射文件,以及如何在Service层调用这些接口实现业务逻辑。同时,Shiro的使用将涵盖用户登录认证、角色权限分配...
**MyBatis** 是一个轻量级的持久层框架,它简化了数据库操作,将SQL语句与Java代码直接结合,避免了传统的JDBC代码编写。MyBatis支持动态SQL,可以灵活地编写复杂的查询,同时通过Mapper接口,使得数据库操作与业务...
在实际项目中,这些组件协同工作,Spring MVC负责接收和转发请求,MyBatis处理数据库操作,EasyUI和UEditor负责前端展示和交互,而Shiro则负责用户的身份验证和权限控制。开发者通过集成这些组件,可以快速搭建起一...
综上所述,这个压缩包文件提供的是一套完整的后台管理系统解决方案,使用Springboot作为基础框架,Shiro处理用户权限管理,而Mybatis则负责数据库交互。这套架构适合企业级应用开发,能提高开发效率并保证系统的安全...
总的来说,这个系统是一个全面的后台权限管理系统,集成了多种技术来实现用户认证、授权、数据持久化和页面展示,为企业级后台应用提供了坚实的基础。通过学习和研究这套源码,开发者可以深入理解Spring Boot、Shiro...
可以理解为Shiro与特定数据库或服务的接口,如JDBC Realm、LDAP Realm等。 2. **SpringBoot集成Shiro步骤** - 添加依赖:在Maven的pom.xml文件中引入SpringBoot的web starter、Thymeleaf starter以及Shiro的spring...
在实际开发中,你需要根据应用的需求,配置Shiro的Realm以连接你的用户数据存储(如数据库),实现用户登录、权限验证的逻辑。同时,通过定义过滤器链,可以控制不同角色的用户对特定URL的访问权限。例如,可以创建...
在本项目中,MyBatis作为数据库操作的主要工具,负责将Java对象与数据库表之间的映射关系进行管理,实现了数据的增删改查操作,使得数据库交互更加简洁高效。 **Thymeleaf** Thymeleaf是一个现代的服务器端Java...
2. 商品管理:包括商品分类、上架、下架、库存管理等,涉及数据库操作和数据缓存策略。 3. 订单管理:处理用户的购物车、下单、支付流程,需要与支付平台如支付宝、微信支付进行集成。 4. 库存物流:管理仓库库存,...
MyBatis则在后台处理与用户相关的数据库操作,如查询、更新用户资料。 总的来说,SpringMVC、MyBatis和Shiro的组合,为Java Web开发者提供了一套强大的工具集,帮助他们构建出既高效又安全的Web应用程序。了解和...
4. **权限检查**:在需要的时候,如访问控制点,Shiro会检查用户是否拥有执行某操作所需的权限。 ### Permissions 对权限深入理解 权限可以是简单的字符串,如"file:read",也可以是复杂的对象,如URL或业务对象。...
在SSM项目中,MyBatis作为数据访问层,负责与数据库交互,执行SQL语句,实现数据的增删改查操作。 **Apache Shiro**: Apache Shiro是一个强大且易用的Java安全框架,处理认证、授权、加密和会话管理,可以非常容易...
SpringBoot、Shiro和...通过这样的整合,我们可以构建一个功能完善的后台系统,既拥有SpringBoot的便捷性,又有Shiro的安全控制,同时利用MyBatis简化数据库操作。这个项目不仅适合学习,也适用于实际的项目开发。
综上所述,"SSM+Maven+Mysql+Shiro无需重启动态权限"项目通过集成这些技术,构建了一个高效、灵活的后台管理系统,实现了动态权限控制,降低了运维成本,提升了用户体验。这样的系统设计思路和实现方式对于理解和...
1. **对象关系映射(ORM)**:将数据库表映射为Java对象,简化数据库操作。 2. **Session接口**:作为持久层与数据库交互的主要接口,负责对象的保存、更新、删除和查询。 3. **HQL(Hibernate Query Language)**:...
SSM整合Shiro是一个常见的Java Web安全框架集成实践,它结合了Spring、Spring MVC和MyBatis的优势,利用Apache Shiro来实现用户认证和授权。在这个简单学习demo中,我们将探讨如何将这三个组件与Shiro无缝对接,创建...
【标题】"springboot+shiro+ace admin+mybatis后台管理系统"是一个基于Java技术栈的后台管理系统,它集成了SpringBoot、Apache Shiro、Ace Admin框架和MyBatis持久层框架,为开发者提供了一个快速开发后台应用的基础...
通过XML或注解进行配置和原始映射,使得开发者能够将注意力集中在编写业务逻辑上,而不是数据库操作。在本系统中,MyBatis作为主要的数据访问层,实现了与数据库的高效交互。 再者,Apache Shiro是Java安全框架,...
在实际项目中,Spring MVC作为核心的控制器,接收并处理用户请求,然后调用MyBatis中的Mapper接口执行数据库操作。Shiro负责用户的身份验证和授权,确保只有合法用户才能访问特定资源。而DWZ则负责将后端处理的结果...