Apache Shiro Learning----Licensing

SHiro supports three different ways of authorizing:

1. Programming: By writing If/else Authorization code block complete:

Subject Subject = securityutils.getsubject ();   if (Subject.hasrole ("admin")) {      // have permission   else  {      //  No permissions  

2. Annotation: complete by placing the corresponding annotations on the executing Java method:

@RequiresRoles ("admin")  publicvoid  hello () {      // has permission  }  

3.JSP/GSP Tags: in the JSP/GSP page through the corresponding label to complete:

<shiro:hasrole name= "admin" >  <!-rights  </shiro:hasRole>  

Here we focus on the third way---jsp tags

1. Understand the definition of some labels

<shiro:guest> Welcome visitor visit, <a href="${pagecontext.request.contextpath}/ login.jsp "> Login </a> </shiro:guest> users are not authenticated when they display the appropriate information, that is, visitor access information.

<shiro:principal type="java.lang.String" property="username"/> Display user identity information

<shiro:user> Welcome [<shiro:principal/>] login, <a href="${ Pagecontext.request.contextpath}/logout "> Exit </a> </shiro:user> User authenticated/ Remember to display the appropriate information when I log in.

<shiro:hasrole name="admin" > user has role admin </shiro:hasRole>

<shiro:hasanyroles name="Admin,user" > users have role admin or user </shiro:hasAnyRoles>

<shiro:lacksrole name="abc" > user no role ABC </shiro:lacksRole>

<shiro:haspermission name="User:create" > users have permissions user:create </shiro:hasPermission>

<shiro:lackspermission name="org:create" > user does not have permissions org:create </shiro:lacksPermission>

2. To use the Shiro tag first refer to the tag library <%@ taglib prefix= "Shiro" uri= "Http://shiro.apache.org/tags"%>

Apache Shiro Learning----Licensing