`
bao231
  • 浏览: 87428 次
  • 性别: Icon_minigender_1
  • 来自: 杭州
文章分类
社区版块
存档分类
最新评论

shiro 后台权限认证集成jdbc数据库操作

阅读更多

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="
	http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
	http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
	">
	
	<description>apache shiro 配置</description>
    <context:component-scan base-package="com.haier.uhome.hr91.util.shiro" />
    <!-- 自定义shiro的realm数据库身份验证 -->
	<bean id="jdbcAuthenticationRealm" class="com.haier.uhome.hr91.util.shiro.JdbcAuthenticationRealm" >
		<property name="name" value="jdbcAuthentication" />
		<property name="credentialsMatcher">
			<bean class="com.haier.uhome.hr91.util.shiro.UhomeSecurityPasswd">
			</bean>
		</property>
		<property name="defaultPermissionString" value="security:index,menu:list,info:list" />
	</bean>
	

    <bean id="customRememberMeManager" class="com.haier.uhome.hr91.util.shiro.CustomRememberMeManager"></bean>
     <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"></bean>
    <!-- 使用默认的WebSecurityManager -->
	<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
		<!-- realm认证和授权,从数据库读取资源 -->
		<property name="realm" ref="jdbcAuthenticationRealm" />
		<property name="rememberMeManager" ref="customRememberMeManager" />
		<property name="sessionManager" ref="sessionManager" />
	</bean>
	
	<!-- 自定义对 shiro的连接约束,结合shiroSecurityFilter实现动态获取资源 -->
	<bean id="chainDefinitionSectionMetaSource" class="com.haier.uhome.hr91.util.shiro.ChainDefinitionSectionMetaSource">
		<!-- 默认的连接配置 -->
		<property name="filterChainDefinitions">
			<value>
				/manager/login.do = captchaAuthc
				/manager/logout.do = logout
				/manager/css/** = anon
				/manager/images/** = anon
				/manager/js/** = anon
				/webservice/VerificationCode = anon
				/manager/index.html = perms[security:index]
				/manager/changePassword = perms[security:change-password]
				/manager/menu.do = perms[menu:list]
				/manager/info.do = perms[info:list]
			</value>
		</property>
		
		
		<property name="webmap">
		<value>/WEB-INF/conf/webmap.xml</value>
		</property>
	</bean>
	 
	<!-- 将shiro与spring集合 -->
	<bean id="captchaAuthenticationFilter" class="com.haier.uhome.hr91.util.shiro.CaptchaAuthenticationFilter">
	<property name="usernameParam"><value>loginName</value></property>
	<property name="passwordParam"><value>loginPwd</value></property>
	<property name="captchaParam"><value>rand</value></property>
	<property name="sessionCaptchaKeyAttribute"><value>repeatCode</value></property>
	<property name="failureKeyAttribute"><value>errStr</value></property>
	</bean>
	<bean id="uhomeRoleFilter" class="com.haier.uhome.hr91.util.shiro.UhomeRolesAuthorizationFilter"></bean>
	
	<bean id="logout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
	<property name="redirectUrl"><value>/manager/login.do</value></property>
	</bean>
	<bean id="shiroSecurityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
		<property name="filters">
			<map>
				<entry key="captchaAuthc" value-ref="captchaAuthenticationFilter" />
				<entry key="uhomeRoles" value-ref="uhomeRoleFilter" />
			</map>
		</property>
		<!-- shiro的核心安全接口 -->
    	<property name="securityManager" ref="securityManager" />
    
	    <property name="loginUrl" value="/manager/login.do" />
	  
	    <property name="successUrl" value="/manager/index.html" />
	    <!-- shiro连接约束配置,在这里使用自定义的动态获取资源类 -->
	    <property name="filterChainDefinitionMap" ref="chainDefinitionSectionMetaSource" />
	</bean>
	
	<!-- shiro为集成spring -->
	<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
	
	<!-- 启用shiro为spring配置的bean注释,只运行在lifecycleBeanProcessor之后  -->
    <bean id="annotationProxy" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
		<property name="proxyTargetClass" value="true" />
    </bean>
    
    <!-- 启用shrio授权注解拦截方式 -->
	<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
	    <property name="securityManager" ref="securityManager" />
	</bean>
	
</beans>



JdbcAuthenticationRealm.java
public class JdbcAuthenticationRealm extends AuthorizingRealm
{

	@Autowired
	AdminService adminService;

	@Autowired
	ManagerDAO managerDAO;

	@Autowired
	ManagerRoleService managerRoleService;

	List<String> defaultPermission = new ArrayList<String>();

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException
	{
		UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;

		String username = usernamePasswordToken.getUsername();
		String tmpPassword = null;
		if (username == null)
		{
			throw new AccountException("用户名不能为空");
		}

		Admin user = adminService.findByLoginName(username);
		Manager manager = null;
		CommonVariableModel model = new CommonVariableModel();
		if (user == null)
		{
			manager = managerDAO.findByLoginName(username);
			if (manager == null)
				throw new UnknownAccountException("用户不存在");
			else
			{
				tmpPassword = manager.getLoginPwd();
				model.setManager(manager);
			}
		} else
		{
			tmpPassword = user.getPassword();
			model.setUser(user);
		}

		return new SimpleAuthenticationInfo(model, tmpPassword, getName());
	}

	/**
	 * 
	 * 当用户进行访问链接时的授权方法
	 * 
	 */

	protected AuthorizationInfo doGetAuthorizationInfo(
			PrincipalCollection principals)
	{

		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

		CommonVariableModel model = (CommonVariableModel) principals
				.getPrimaryPrincipal();

		info.addStringPermissions(defaultPermission);
		Manager manager = model.getManager();
		Admin user = model.getUser();
		if (manager != null)
		{
			info.addRole(manager.getRole());
		} else if (user != null)
		{
			info.addRole(user.getRole());
		}
		info.addRole("zbx");
		return info;
	}

	public void setDefaultPermissionString(String defaultPermissionString)
	{
		String[] perms = defaultPermissionString.split(",");
		CollectionUtils.addAll(defaultPermission, perms);

	}

}



CustomRememberMeManager



public class CustomRememberMeManager extends CookieRememberMeManager
{

	/**
	 * 构造方法,不在这里对Cookie的maxAge设置值
	 */
	public CustomRememberMeManager()
	{
		Cookie cookie = new SimpleCookie(DEFAULT_REMEMBER_ME_COOKIE_NAME);
		cookie.setHttpOnly(true);
		setCookie(cookie);
	}

	/**
	 * 重写父类方法,写入Cookie时,先把传过来的有效时间设置到cookie里面在序列化Identity
	 */
	@Override
	public void rememberIdentity(Subject subject, AuthenticationToken token,
			AuthenticationInfo authcInfo)
	{
		UsernamePasswordTokeExtend tokeExtend = (UsernamePasswordTokeExtend) token;

		getCookie().setMaxAge(tokeExtend.getRememberMeCookieValue());

		super.rememberIdentity(subject, token, authcInfo);
	}
}



ChainDefinitionSectionMetaSource

public class ChainDefinitionSectionMetaSource implements
		FactoryBean<Ini.Section>
{

	private String filterChainDefinitions;
	private static final String BLANK_STRING = "";

	private Resource webmap = null;

	public void setWebmap(Resource resource)
	{
		this.webmap = resource;
	}

	public Resource getWebmap()
	{
		return webmap;
	}

	@SuppressWarnings("unchecked")
	@Override
	public Section getObject() throws Exception
	{

		Ini ini = new Ini();
		// 加载默认的url
		ini.load(filterChainDefinitions);
		Ini.Section section = ini.getSection(Ini.DEFAULT_SECTION_NAME);
//		Map<String, List<String>> url2roles = new HashMap<String, List<String>>();

		Document doc = XMLUtils.loadXML(webmap.getInputStream());
		NodeList groupNodes = doc.getElementsByTagName("group");
		int len = groupNodes.getLength();
		List<String> list = null;
		for (int i = 0; i < len; i++)
		{
			Element group = (Element) groupNodes.item(i);
			String roleStr = group.getAttribute("role");
			NodeList menuNodes = group.getElementsByTagName("item");
			for (int j = 0; j < menuNodes.getLength(); j++)
			{
				Element menu = (Element) menuNodes.item(j);
				String roleStr1 = menu.getAttribute("role");
				String path = BLANK_STRING;
				if(menu.getAttribute("path")!=null)
					path = menu.getAttribute("path");
				
				NodeList urlNodes = menu.getElementsByTagName("url");

				for (int k = 0; k < urlNodes.getLength(); k++)
				{
					Element url = (Element) urlNodes.item(k);
					String roleStr2 = url.getAttribute("role");
					String urlString = StringUtils.applyRelativePath(path,url.getTextContent());
					if (isBlank(urlString))
						continue;
					list = null;
					if (!isBlank(roleStr2))
					{
						list = CollectionUtils.arrayToList(StringUtils
								.tokenizeToStringArray(roleStr2, ","));
					} else if (!isBlank(roleStr1))
					{
						list = CollectionUtils.arrayToList(StringUtils
								.tokenizeToStringArray(roleStr1, ","));
					} else if (!isBlank(roleStr))
					{
						list = CollectionUtils.arrayToList(StringUtils
								.tokenizeToStringArray(roleStr, ","));
					} else
					{
						list = Collections.emptyList();
					}

	//				url2roles.put(urlString.trim(), list);
					section.put(urlString.trim(), getRoles(list));
				}
			}
		}

		return section;
	}

	@Override
	public Class<?> getObjectType()
	{

		return this.getClass();
	}

	@Override
	public boolean isSingleton()
	{
		return false;
	}

	public String getFilterChainDefinitions()
	{
		return filterChainDefinitions;
	}

	public void setFilterChainDefinitions(String filterChainDefinitions)
	{
		this.filterChainDefinitions = filterChainDefinitions;
	}

	// private

	private boolean isBlank(String st)
	{
		if (st == null || st.trim().equals(BLANK_STRING))
			return true;
		return false;
	}

	private String getRoles(List<String> list)
	{

		if (list.size() == 0)
			return BLANK_STRING;
		StringBuilder sbBuilder = new StringBuilder();
		// sbBuilder.append(",");
		for (int i = 0, flag = 1; i < list.size(); i++)
		{
			String s = list.get(i);
			sbBuilder.append("uhomeRoles[");
			sbBuilder.append(s);
			sbBuilder.append("]");
			if (flag % list.size() != 0)
				sbBuilder.append(",");
			flag++;
		}
		return sbBuilder.toString();

	}
	
	
	public static void main(String[] args)
	{
		System.err.println(StringUtils.applyRelativePath("aa/bb/cc/aa.html","aa/bb"));
	}

}









CaptchaAuthenticationFilter


public class CaptchaAuthenticationFilter extends FormAuthenticationFilter
{

	/**
	 * 默认验证码参数名称
	 */
	public static final String DEFAULT_CAPTCHA_PARAM = "captcha";

	/**
	 * 登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key默认名称
	 */
	public static final String DEFAULT_SHOW_CAPTCHA_KEY_ATTRIBUTE = "showCaptcha";

	/**
	 * 默认在session中存储的登录次数名称
	 */
	private static final String DEFAULT_LOGIN_NUM_KEY_ATTRIBUTE = "loginNum";
	// 验证码参数名称
	private String captchaParam = DEFAULT_CAPTCHA_PARAM;
	// 在session中的存储验证码的key名称
	private String sessionCaptchaKeyAttribute = DEFAULT_CAPTCHA_PARAM;
	// 在session中存储的登录次数名称
	private String loginNumKeyAttribute = DEFAULT_LOGIN_NUM_KEY_ATTRIBUTE;
	// 登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
	private String sessionShowCaptchaKeyAttribute = DEFAULT_SHOW_CAPTCHA_KEY_ATTRIBUTE;
	// 允许登录次数,当登录次数大于该数值时,会在页面中显示验证码
	private Integer allowLoginNum = 1;

	@Autowired
	private ManagerRoleService managerRoleService;

	/**
	 * 重写父类方法,在shiro执行登录时先对比验证码,正确后在登录,否则直接登录失败
	 */
	@Override
	protected boolean executeLogin(ServletRequest request,
			ServletResponse response) throws Exception
	{

		Session session = getSubject(request, response).getSession();
		// 获取登录次数
		Integer number = (Integer) session
				.getAttribute(getLoginNumKeyAttribute());

		// 首次登录,将该数量记录在session中
		if (number == null)
		{
			number = new Integer(1);
			session.setAttribute(getLoginNumKeyAttribute(), number);
		}

		// 获取当前验证码
		String currentCaptcha = (String) session
				.getAttribute(getSessionCaptchaKeyAttribute());
		// 获取用户输入的验证码
		String submitCaptcha = getCaptcha(request);
		// 如果验证码不匹配,登录失败
		if ((submitCaptcha == null || submitCaptcha.length() == 0)
				|| !currentCaptcha.equalsIgnoreCase(submitCaptcha))
		{
			return onLoginFailure(this.createToken(request, response),
					new AccountException("验证码不正确"), request, response);
		}

		return super.executeLogin(request, response);
	}

	/**
	 * 设置验证码提交的参数名称
	 * 
	 * @param captchaParam
	 *            验证码提交的参数名称
	 */
	public void setCaptchaParam(String captchaParam)
	{
		this.captchaParam = captchaParam;
	}

	/**
	 * 获取验证码提交的参数名称
	 * 
	 * @return String
	 */
	public String getCaptchaParam()
	{
		return captchaParam;
	}

	/**
	 * 设置在session中的存储验证码的key名称
	 * 
	 * @param sessionCaptchaKeyAttribute
	 *            存储验证码的key名称
	 */
	public void setSessionCaptchaKeyAttribute(String sessionCaptchaKeyAttribute)
	{
		this.sessionCaptchaKeyAttribute = sessionCaptchaKeyAttribute;
	}

	/**
	 * 获取设置在session中的存储验证码的key名称
	 * 
	 * @return Sting
	 */
	public String getSessionCaptchaKeyAttribute()
	{
		return sessionCaptchaKeyAttribute;
	}

	/**
	 * 获取在session中存储的登录次数名称
	 * 
	 * @return Stromg
	 */
	public String getLoginNumKeyAttribute()
	{
		return loginNumKeyAttribute;
	}

	/**
	 * 设置在session中存储的登录次数名称
	 * 
	 * @param loginNumKeyAttribute
	 *            登录次数名称
	 */
	public void setLoginNumKeyAttribute(String loginNumKeyAttribute)
	{
		this.loginNumKeyAttribute = loginNumKeyAttribute;
	}

	/**
	 * 获取用户输入的验证码
	 * 
	 * @param request
	 *            ServletRequest
	 * 
	 * @return String
	 */
	public String getCaptcha(ServletRequest request)
	{
		return WebUtils.getCleanParam(request, getCaptchaParam());
	}

	/**
	 * 获取登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
	 * 
	 * @return String
	 */
	public String getSessionShowCaptchaKeyAttribute()
	{
		return sessionShowCaptchaKeyAttribute;
	}

	/**
	 * 设置登录次数超出allowLoginNum时,存储在session记录是否展示验证码的key名称
	 * 
	 * @param sessionShowCaptchaKeyAttribute
	 *            是否展示验证码的key名称
	 */
	public void setSessionShowCaptchaKeyAttribute(
			String sessionShowCaptchaKeyAttribute)
	{
		this.sessionShowCaptchaKeyAttribute = sessionShowCaptchaKeyAttribute;
	}

	/**
	 * 获取允许登录次数
	 * 
	 * @return Integer
	 */
	public Integer getAllowLoginNum()
	{
		return allowLoginNum;
	}

	/**
	 * 设置允许登录次数,当登录次数大于该数值时,会在页面中显示验证码
	 * 
	 * @param allowLoginNum
	 *            允许登录次数
	 */
	public void setAllowLoginNum(Integer allowLoginNum)
	{
		this.allowLoginNum = allowLoginNum;
	}

	/**
	 * 重写父类方法,当登录失败将异常信息设置到request的attribute中
	 */
	@Override
	protected void setFailureAttribute(ServletRequest request,
			AuthenticationException ae)
	{
		if (ae instanceof IncorrectCredentialsException)
		{
			request.setAttribute(getFailureKeyAttribute(), "用户名密码不正确");
		} else
		{
			request.setAttribute(getFailureKeyAttribute(), ae.getMessage());
		}

	}

	/**
	 * 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码
	 */
	@Override
	protected boolean onLoginFailure(AuthenticationToken token,
			AuthenticationException e, ServletRequest request,
			ServletResponse response)
	{
		// try
		// {
		// WebUtils.issueRedirect(request, response, getLoginUrl());
		// } catch (IOException e1)
		// {
		//
		// e1.printStackTrace();
		// }

		Session session = getSubject(request, response).getSession(false);

		Integer number = (Integer) session
				.getAttribute(getLoginNumKeyAttribute());

		// 如果失败登录次数大于allowLoginNum时,展示验证码
		if (number > getAllowLoginNum() - 1)
		{
			session.setAttribute(getSessionShowCaptchaKeyAttribute(), true);
			session.setAttribute(getLoginNumKeyAttribute(), ++number);
		}

		session.setAttribute(getLoginNumKeyAttribute(), ++number);
		setFailureAttribute(request, e);

		return true;
	}

	/**
	 * 重写父类方法,当登录成功后,将allowLoginNum(允许登录次)设置为0,重置下一次登录的状态
	 */
	@Override
	protected boolean onLoginSuccess(AuthenticationToken token,
			Subject subject, ServletRequest request, ServletResponse response)
			throws Exception
	{
		Session session = subject.getSession(false);

		session.removeAttribute(getLoginNumKeyAttribute());
		session.removeAttribute(getSessionShowCaptchaKeyAttribute());

		CommonVariableModel cvm = (CommonVariableModel) subject.getPrincipal();
		String role = null;
		if (cvm.getUser() != null)
		{
			role = cvm.getUser().getRole();
		} else if (cvm.getManager() != null)
		{
			role = cvm.getManager().getRole();
		}
		HttpUser user = new HttpUser(role);
		ManagerRole role1 = managerRoleService.findByCode(role);
		user.appendRole(((UsernamePasswordToken) token).getUsername(),
				role1.getId());
		session.setAttribute(CommonAction.MANAGER_SESSION_CODE, user);

		return super.onLoginSuccess(token, subject, request, response);
	}

	/**
	 * 重写父类方法,创建一个自定义的{@link UsernamePasswordTokeExtend}
	 */
	@Override
	protected AuthenticationToken createToken(ServletRequest request,
			ServletResponse response)
	{

		String username = getUsername(request);
		String password = getPassword(request);
		String host = getHost(request);

		boolean rememberMe = false;
		String rememberMeValue = request.getParameter(getRememberMeParam());
		Integer rememberMeCookieValue = null;
		// 如果提交的rememberMe参数存在值,将rememberMe设置成true
		if (!(rememberMeValue == null || rememberMeValue.length() == 0))
		{
			rememberMe = true;
			rememberMeCookieValue = CaptchaAuthenticationFilter.toInt(
					rememberMeValue, 0);
		}

		return new UsernamePasswordTokeExtend(username, password, rememberMe,
				host, rememberMeCookieValue);
	}

	// @Override
	// protected boolean isLoginRequest(ServletRequest request, ServletResponse
	// response) {
	// return pathsMatch("/manager/login_submit.do", request);
	// }

	/**
	 * UsernamePasswordToke扩展,添加一个rememberMeValue字段,获取提交上来的rememberMe值
	 * 根据该rememberMe值去设置Cookie的有效时间。
	 * 
	 * @author vincent
	 * 
	 */
	@SuppressWarnings("serial")
	protected class UsernamePasswordTokeExtend extends UsernamePasswordToken
	{

		// rememberMe cookie的有效时间
		private Integer rememberMeCookieValue;

		public UsernamePasswordTokeExtend()
		{

		}

		public UsernamePasswordTokeExtend(String username, String password,
				boolean rememberMe, String host, Integer rememberMeCookieValue)
		{
			super(username, password, rememberMe, host);
			this.rememberMeCookieValue = rememberMeCookieValue;
		}

		/**
		 * 获取rememberMe cookie的有效时间
		 * 
		 * @return Integer
		 */
		public Integer getRememberMeCookieValue()
		{
			return rememberMeCookieValue;
		}

		/**
		 * 设置rememberMe cookie的有效时间
		 * 
		 * @param rememberMeCookieValue
		 *            cookie的有效时间
		 */
		public void setRememberMeCookieValue(Integer rememberMeCookieValue)
		{
			this.rememberMeCookieValue = rememberMeCookieValue;
		}

	}

	private static int toInt(String str, int defaultValue)
	{
		if (str == null)
		{
			return defaultValue;
		}
		try
		{
			return Integer.parseInt(str);
		} catch (NumberFormatException nfe)
		{
			return defaultValue;
		}
	}
}

com.haier.uhome.hr91.util.shiro.UhomeRolesAuthorizationFilter
package com.haier.uhome.hr91.util.shiro;

import static org.apache.shiro.util.StringUtils.split;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;

public class UhomeRolesAuthorizationFilter extends RolesAuthorizationFilter
{

	@Override
	public Filter processPathConfig(String path, String config)
	{

		@SuppressWarnings("unchecked")
		List<String[]> list = (List<String[]>) this.appliedPaths.get(path);
		if (config != null)
		{
			if (list == null)
				list = new ArrayList<String[]>();

			list.add(split(config));
		}
		this.appliedPaths.put(path, list);
		return this;
	}
	@SuppressWarnings("unchecked")
	@Override
	protected boolean preHandle(ServletRequest request, ServletResponse response)
			throws Exception
	{

		if (this.appliedPaths == null || this.appliedPaths.isEmpty())
		{
			// if (log.isTraceEnabled()) {
			// log.trace("appliedPaths property is null or empty.  This Filter will passthrough immediately.");
			// }
			return true;
		}

		for (String path : this.appliedPaths.keySet())
		{
			// If the path does match, then pass on to the subclass
			// implementation for specific checks
			// (first match 'wins'):
			if (pathsMatch(path, request))
			{
				// log.trace("Current requestURI matches pattern '{}'.  Determining filter chain execution...",
				// path);
				Object config = this.appliedPaths.get(path);
				
				List<String[]> configList = (List<String[]>) config;
				if (configList != null)
				{
					for (String[] arr : configList)
					{
						if (isFilterChainContinued(request, response, path, arr))
							return true;
					}
					return false;

				} else
					return isFilterChainContinued(request, response, path,
							config);
			}
		}

		// no path matched, allow the request to go through:
		return true;
	}

	private boolean isFilterChainContinued(ServletRequest request,
			ServletResponse response, String path, Object pathConfig)
			throws Exception
	{

		if (isEnabled(request, response, path, pathConfig))
		{ // isEnabled check added in 1.2
			// if (log.isTraceEnabled())
			// {
			// log.trace(
			// "Filter '{}' is enabled for the current request under path '{}' with config [{}].  "
			// +
			// "Delegating to subclass implementation for 'onPreHandle' check.",
			// new Object[] { getName(), path, pathConfig });
			// }
			// The filter is enabled for this specific request, so delegate to
			// subclass implementations
			// so they can decide if the request should continue through the
			// chain or not:
			return onPreHandle(request, response, pathConfig);
		}

		// if (log.isTraceEnabled())
		// {
		// log.trace(
		// "Filter '{}' is disabled for the current request under path '{}' with config [{}].  "
		// + "The next element in the FilterChain will be called immediately.",
		// new Object[] { getName(), path, pathConfig });
		// }
		// This filter is disabled for this specific request,
		// return 'true' immediately to indicate that the filter will not
		// process the request
		// and let the request/response to continue through the filter chain:
		return true;
	}

}




<?xml version="1.0" encoding="UTF-8"?>
<root>
	<group role="manager" title="社区管理" expand="true">
		<item url="comm/user_list.do" title="社区业户" path="/manager/comm/">
			<url>user_list.do</url>
		</item>
		<item  role="manager,admin" url="comm/user_group_list.do" title="业户群组" path="/manager/comm/">
	    	<url>user_group_list.do</url>
		</item>
		<item url="comm/car_list.do" title="业户车辆" path="/manager/comm/">
		<url>car_list.do</url>
		</item>
		<item url="comm/bodyguard_list.do"  title="社区保安 " path="/manager/comm/">
			<url>bodyguard_list.do</url>
		</item>
		<item url="comm/log_patrol_list.do" title="巡更记录 " path="/manager/comm/">
			<url>log_patrol_list.do</url>
		</item>
	</group>
	<group role="admin" title="终端管理" expand="true">
		<item url="device/community_list.do" title="小区结构 " path="/manager/device/">
			<url>community_list.do</url>
		</item>
		<item url="device/device_model_list.do" title="终端型号 "  path="/manager/device/">
			<url>device_model_list.do</url>
		</item>
		<item url="device/device_list.do" title="终端设备 " path="/manager/device/">
		<url>device_list.do</url>
		</item>
		<item url="device/device_scan.do" title="扫描终端 " path="/manager/device/">
			<url>/manager/device/device_scan.do</url>
		</item>
		<item url="device/device_remote_control_list.do"  title="终端远程控制 " path="/manager/device/">
			<url>device_remote_control_list.do</url>
		</item>
		<item url="device/device_soft_list.do" title="升级软件管理 " path="/manager/device/">
			<url>device_soft_list.do</url>
		</item>
		<item url="device/update_select_device.do" title="终端升级 " path="/manager/device/">
			<url>update_select_device.do</url>
		</item>
		<item url="device/update_info.do" title="终端升级信息 " path="/manager/device/">
			<url>update_info.do</url>
		</item>
	</group>
	<group role="manager" title="IC卡管理" expand="true" >
		<item url="card/card_add.do" title="IC卡注册 " path="/manager/card/">
			<url>card_add.do</url>
		</item>
		<item url="card/card_list.do" title="IC卡列表 " path="/manager/card/">
			<url>card_list.do</url>
		</item>
		<item url="card/card_send_select_dev.do" title="IC卡下发 " path="/manager/card/">
			<url>card_send_select_dev.do</url>
		</item>
		<item url="card/card_imp_exp.do" title="IC卡信息维护 " path="/manager/card/">
			<url>card_imp_exp.do</url>
		</item>
	</group>
	<group role="manager" title="门禁管理" expand="true">
		<item url="pwd/pwd_comm_select_dev.do" title="设置小区门禁密码 " path="/manager/pwd/">
			<url>pwd_comm_select_dev.do</url>
		</item>
		<item url="pwd/pwd_unit_select_dev.do" title="设置单元门禁密码 " path="/manager/pwd/">
		<url>pwd_unit_select_dev.do</url>
		</item>
		<item url="pwd/pwd_send_select_dev.do" title="密码下发 "  path="/manager/pwd/">
			<url>pwd_send_select_dev.do</url>
		</item>
	</group>
	<group role="manager" title="社区服务" expand="true">
		<item url="commserv/bill_select_user.do" title="物业收费" path="/manager/commserv/">
		<url>bill_select_user.do</url>
		</item>
		<item url="commserv/weather_view.do" title="天气预报" path="/manager/commserv/">
		<url>weather_view.do</url>
		</item>

	</group>
	<group role="manager" title="日志管理" expand="true">
		<item url="log/log_startup_list.do" title="系统启动日志 " path="/manager/log/">
		<url>log_startup_list.do</url>
		</item>
		<item url="log/log_device_startup_list.do" title="终端启动日志 " path="/manager/log/">
		<url>log_device_startup_list.do</url>
		</item>
		<item url="log/log_callup_list.do" title="呼叫日志 " path="/manager/log/">
		<url>log_callup_list.do</url>
		</item>
		<item url="log/log_alert_list.do" title="报警日志" path="/manager/log/">
		<url>log_alert_list.do</url>
		</item>
		<item url="log/log_alert_turnoff_list.do" title="解除报警日志 " path="/manager/log/">
		<url>log_alert_turnoff_list.do</url>
		</item>
		<item url="log/log_comm_door_list.do" title="小区开门日志 " path="/manager/log/">
			<url>log_comm_door_list.do</url>
		</item>
		<item url="log/log_unit_door_list.do" title="单元开门日志 " path="/manager/log/">
			<url>log_unit_door_list.do</url>
		</item>
	</group>
	<group role="admin" title="DVR管理" expand="true">
		<item url="dvr/dvr_server_list.do" title="DVR服务器 " path="/manager/dvr/">
		  <url>dvr_server_list.do</url>
		</item>
		<item url="dvr/dvr_camera_list.do" title="DVR摄像头" path="/manager/dvr/">
		   <url>dvr_camera_list.do</url>
		</item>
	</group>
	<group role="admin" title="系统参数设置" expand="true">
		<item url="sys/config.do" title="系统参数 " path="/manager/sys/">
		<url>config.do</url>
		</item>
		<item url="sys/reg.do" title="系统注册 " path="/manager/sys/">
		<url>reg.do</url>
		</item>
		<item url="sys/manager_list.do" title="系统管理员 " path="/manager/sys/">
		<url>manager_list.do</url>
		</item>
		<item url="sys/db_backup_list.do" title="数据备份 " path="/manager/sys/">
		<url>db_backup_list.do</url>
		</item>
		<item url="sys/update_pwd.do" title="修改密码 "  path="/manager/sys/">
		<url>update_pwd.do</url>
		</item>
	</group>
	
</root>

分享到:
评论

相关推荐

    Java SSM+Shiro权限框架

    MyBatis能够直接操作数据库,提供更灵活的数据库操作,同时避免了传统的JDBC代码繁琐和易出错的问题。 4. **Apache Shiro**:Shiro是一个强大的且易用的Java安全框架,提供了认证、授权、会话管理和加密等功能。在...

    spring+mybatis+shiro的基本权限管理后台Demo

    通过这个Demo,开发者可以学习到如何在Spring中集成MyBatis进行数据库操作,如定义Mapper接口、编写XML映射文件,以及如何在Service层调用这些接口实现业务逻辑。同时,Shiro的使用将涵盖用户登录认证、角色权限分配...

    基于Spring MVC+MyBatis+Shiro+Dubbo开发的分布式后台管理系统(含数据库文件).zip

    **MyBatis** 是一个轻量级的持久层框架,它简化了数据库操作,将SQL语句与Java代码直接结合,避免了传统的JDBC代码编写。MyBatis支持动态SQL,可以灵活地编写复杂的查询,同时通过Mapper接口,使得数据库操作与业务...

    Spring MVC+mybatis+easyui+ueditor+shiro权限框架管理系统

    在实际项目中,这些组件协同工作,Spring MVC负责接收和转发请求,MyBatis处理数据库操作,EasyUI和UEditor负责前端展示和交互,而Shiro则负责用户的身份验证和权限控制。开发者通过集成这些组件,可以快速搭建起一...

    1.JAVA后台管理系统,企业开发首选脚手架2.后台采用Springboot框架+ Shiro权限+ Mybatis.zip

    综上所述,这个压缩包文件提供的是一套完整的后台管理系统解决方案,使用Springboot作为基础框架,Shiro处理用户权限管理,而Mybatis则负责数据库交互。这套架构适合企业级应用开发,能提高开发效率并保证系统的安全...

    基于Spring Boot+Apache Shiro+Thymeleaf+MyBatis开发的网站后台权限管理系统源码.rar

    总的来说,这个系统是一个全面的后台权限管理系统,集成了多种技术来实现用户认证、授权、数据持久化和页面展示,为企业级后台应用提供了坚实的基础。通过学习和研究这套源码,开发者可以深入理解Spring Boot、Shiro...

    【SpringBoot】廿三、SpringBoot中整合Shiro实现权限管理.docx

    可以理解为Shiro与特定数据库或服务的接口,如JDBC Realm、LDAP Realm等。 2. **SpringBoot集成Shiro步骤** - 添加依赖:在Maven的pom.xml文件中引入SpringBoot的web starter、Thymeleaf starter以及Shiro的spring...

    【SpringBoot】廿三、SpringBoot中整合Shiro实现权限管理.pdf

    在实际开发中,你需要根据应用的需求,配置Shiro的Realm以连接你的用户数据存储(如数据库),实现用户登录、权限验证的逻辑。同时,通过定义过滤器链,可以控制不同角色的用户对特定URL的访问权限。例如,可以创建...

    spring boot+mybatis+thymeleaf+apache shiro开发面向学习型的后台管理系统

    在本项目中,MyBatis作为数据库操作的主要工具,负责将Java对象与数据库表之间的映射关系进行管理,实现了数据的增删改查操作,使得数据库交互更加简洁高效。 **Thymeleaf** Thymeleaf是一个现代的服务器端Java...

    SSM电商平台后台管理系统带数据库.rar

    2. 商品管理:包括商品分类、上架、下架、库存管理等,涉及数据库操作和数据缓存策略。 3. 订单管理:处理用户的购物车、下单、支付流程,需要与支付平台如支付宝、微信支付进行集成。 4. 库存物流:管理仓库库存,...

    学习视频 springmvc mybatis shiro

    MyBatis则在后台处理与用户相关的数据库操作,如查询、更新用户资料。 总的来说,SpringMVC、MyBatis和Shiro的组合,为Java Web开发者提供了一套强大的工具集,帮助他们构建出既高效又安全的Web应用程序。了解和...

    Shiro自学笔记

    4. **权限检查**:在需要的时候,如访问控制点,Shiro会检查用户是否拥有执行某操作所需的权限。 ### Permissions 对权限深入理解 权限可以是简单的字符串,如"file:read",也可以是复杂的对象,如URL或业务对象。...

    ssm+shiro+easyui权限管理系统

    在SSM项目中,MyBatis作为数据访问层,负责与数据库交互,执行SQL语句,实现数据的增删改查操作。 **Apache Shiro**: Apache Shiro是一个强大且易用的Java安全框架,处理认证、授权、加密和会话管理,可以非常容易...

    springboot与shiro,mybatis的整合项目

    SpringBoot、Shiro和...通过这样的整合,我们可以构建一个功能完善的后台系统,既拥有SpringBoot的便捷性,又有Shiro的安全控制,同时利用MyBatis简化数据库操作。这个项目不仅适合学习,也适用于实际的项目开发。

    SSM+Maven+Mysql+shiro无需重启动态权限

    综上所述,"SSM+Maven+Mysql+Shiro无需重启动态权限"项目通过集成这些技术,构建了一个高效、灵活的后台管理系统,实现了动态权限控制,降低了运维成本,提升了用户体验。这样的系统设计思路和实现方式对于理解和...

    SSH+shiro+easyUI实战项目案例

    1. **对象关系映射(ORM)**:将数据库表映射为Java对象,简化数据库操作。 2. **Session接口**:作为持久层与数据库交互的主要接口,负责对象的保存、更新、删除和查询。 3. **HQL(Hibernate Query Language)**:...

    ssm整合shiro的简单学习demo

    SSM整合Shiro是一个常见的Java Web安全框架集成实践,它结合了Spring、Spring MVC和MyBatis的优势,利用Apache Shiro来实现用户认证和授权。在这个简单学习demo中,我们将探讨如何将这三个组件与Shiro无缝对接,创建...

    springboot+shiro+ace admin+mybatis后台管理系统.zip

    【标题】"springboot+shiro+ace admin+mybatis后台管理系统"是一个基于Java技术栈的后台管理系统,它集成了SpringBoot、Apache Shiro、Ace Admin框架和MyBatis持久层框架,为开发者提供了一个快速开发后台应用的基础...

    基于SpringBoot的权限管理系统,界面简洁美观 核心技术采用Spring、MyBatis、Shiro没有任何其它重度依赖

    通过XML或注解进行配置和原始映射,使得开发者能够将注意力集中在编写业务逻辑上,而不是数据库操作。在本系统中,MyBatis作为主要的数据访问层,实现了与数据库的高效交互。 再者,Apache Shiro是Java安全框架,...

    spring mvc、 mybatis、 Shiro、 dwz实现的通用后台系统

    在实际项目中,Spring MVC作为核心的控制器,接收并处理用户请求,然后调用MyBatis中的Mapper接口执行数据库操作。Shiro负责用户的身份验证和授权,确保只有合法用户才能访问特定资源。而DWZ则负责将后端处理的结果...

Global site tag (gtag.js) - Google Analytics