Springmvc + Apache Shiro + JPA (hibernate) Case Study (4) Shiro-based user permission verification and user authorization

The latest project is busy, and the effort to write articles is relatively reduced. However, I can see a few reminders in my mailbox, but I still need to make up the remaining documents.

1. Modify the shirodbrealm class to implement its dogetauthorizationinfo Method

Package Org. shiro. demo. service. realm; import Java. util. arraylist; import Java. util. list; import javax. annotation. resource; import Org. apache. commons. lang. stringutils; import Org. apache. shiro. authc. authenticationexception; import Org. apache. shiro. authc. authenticationinfo; import Org. apache. shiro. authc. authenticationtoken; import Org. apache. shiro. authc. simpleauthenticationinfo; import Org. apache. shiro. authc. u Sernamepasswordtoken; import Org. apache. shiro. authz. authorizationexception; import Org. apache. shiro. authz. authorizationinfo; import Org. apache. shiro. authz. simpleauthorizationinfo; import Org. apache. shiro. realm. authorizingrealm; import Org. apache. shiro. subject. principalcollection; import Org. shiro. demo. entity. permission; import Org. shiro. demo. entity. role; import Org. shiro. demo. entity. user; import Org. shiro. Demo. service. iuserservice; public class shirodbrealm extends authorizingrealm {@ Resource (name = "userservice") Private iuserservice userservice; protected authorizationinfo principal (principalcollection principals) {simpleauthorizationinfo info = new simpleauthorizationinfo (); // obtain the username string account = (string) super. getavailableprincipal (principals); List <string> roles = new array List <string> (); List <string> permissions = new arraylist <string> (); User user = userservice. getbyaccount (account); If (user! = NULL) {If (user. getroles ()! = NULL & user. getroles (). size ()> 0) {for (role: user. getroles () {roles. add (role. getname (); If (role. getpmss ()! = NULL & role. getpmss (). Size ()> 0) {for (permission PMSS: role. getpmss () {If (! Stringutils. isempty (PMSS. getpermission () {permissions. add (PMSS. getpermission () ;}}}} else {Throw new authorizationexception ();} // set the role info for the current user. addroles (roles); // sets the permission info for the current user. addstringpermissions (permissions); Return Info;}/*** authentication callback function, called at login. */protected authenticationinfo dogetauthenticationinfo (authenticationtoken authctoken) throws authenticationexception {usernamepasswordtoke N token = (usernamepasswordtoken) authctoken; user = userservice. getbyaccount (token. GetUserName (); If (user! = NULL) {return New simpleauthenticationinfo (user. getaccount (), user. GetPassword (), user. getnickname () ;}else {return NULL ;}}}

In fact, the Code logic is very simple, but it is to get the current user name from principals, and then read the user's role and permission information. Understand it.

2. initialize system user information and use Shiro annotation to authenticate permissions.

(1) Create the testinitsystemdata JUnit test class. (For the purpose of rapid testing, we use spring JUnit testing to initialize data! O (Clerk □clerk) O)

Package Org. shiro. demo. JUnit; import Java. util. arraylist; import Java. util. list; import javax. annotation. resource; import Org. JUnit. test; import Org. JUnit. runner. runwith; import Org. shiro. demo. entity. permission; import Org. shiro. demo. entity. role; import Org. shiro. demo. entity. user; import Org. shiro. demo. service. ibaseservice; import Org. springframework. test. context. contextconfiguration; import Org. springframewo Rk. test. context. junit4.abstracttransactionaljunit4springcontexttests; import Org. springframework. test. context. junit4.springjunit4classrunner; import Org. springframework. test. context. transaction. transactionconfiguration; @ runwith (springjunit4classrunner. class) @ contextconfiguration (locations = {"classpath: applicationcontext. XML "," classpath: spring-mvc.xml "}) @ transactionconfiguration (transactionmanager =" Txmanager ", defaultrollback = false) public class testinitsystemdata extends {@ Resource (name =" baseservice ") Private ibaseservice baseservice; @ test public void initpermission () throws exception {list <permission> List = new arraylist <permission> (); permission pmss1 = new permission (); pmss1.setname ("new user "); pmss1.setdescription ("new user"); pmss1.setpermission ("User: Create"); permission pmss2 = new permission (); pmss2.setname ("edit user"); pmss2.setdescription ("edit user"); pmss2.setpermission ("User: edit "); permission pmss3 = new permission (); pmss3.setname ("delete user"); pmss3.setdescription ("delete user"); pmss3.setpermission ("User: Delete "); permission pmss4 = new permission (); pmss4.setname ("Audit User"); pmss4.setdescription ("Audit User"); pmss4.setpermission ("User: Audit"); list. add (Pmss1); list. add (pmss2); list. add (pmss3); list. add (pmss4); For (permission PMS: List) {baseservice. save (PMS) ;}@ test public void initadminrole () throws exception {list <permission> List = new arraylist <permission> (); List = (list <permission>) baseservice. getall (permission. class); role = new role (); role. setname ("Administrator"); role. setdescription ("system administrator role"); role. setpmss (list); baseservice. Save (role) ;}@ test public void initadminuser () {list <role> List = new arraylist <role> (); string jpql = "from role as O where o. name =? "; List = baseservice. getbyjpql (jpql, "Administrator"); User user = new user (); User. setaccount ("admin"); User. setpassword ("123456"); User. setnickname ("July"); User. setroles (list); baseservice. save (User );}}

(2) create a usercontroller class, create a user registration page, and add Shiro permission verification to user registration. Users must have the administrator role.

Usercontroller. Java

package org.shiro.demo.controller;import javax.annotation.Resource;import org.apache.shiro.authz.annotation.RequiresRoles;import org.shiro.demo.entity.User;import org.shiro.demo.service.IUserService;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;

Import

 org.springframework.web.bind.annotation.RequestMethod;import org.springframework.web.bind.annotation.ResponseBody;@Controller@RequestMapping(value = "/user")public class UserController {        @Resource(name="userService")    private IUserService userService;    @RequestMapping(value = "/register",method=RequestMethod.POST)    @ResponseBody    @RequiresRoles("administrator")    public boolean register(User user){        return userService.register(user);    }    }

@ Requiresroles ("Administrator") is the shirro annotation we use.

Register. jsp

<% @ Page Language = "Java" pageencoding = "UTF-8" %> <% @ taglib prefix = "C" uri = "http://java.sun.com/jsp/jstl/core" %> <% string Path = request. getcontextpath (); string basepath = request. getscheme () + ": //" + request. getservername () + ":" + request. getserverport () + path; %> <! Doctype HTML public "-// W3C // dtd html 4.01 transitional // en"> <HTML> 
(3) test whether the annotation takes effect.
1. Visit the registration page and click registration. Have you returned the login. jsp page?
2. log on to the registration page and click "register" to check whether the insert operation is successful?
3. describes how to use Shiro annotation and Shiro labels.
To avoid repetitive work, see: http://kdboy.iteye.com/blog/1155450