idea+ssm+shiro
引用以下两位大佬的文章,建表语句和基本的代码两位大佬也都提供了,综合整理一下来记录所学:
(超详细、适合新手入门)IDEA+Maven 整合SSM框架实现简单的增删改查
用第一篇文章在idea中搭建ssm框架。所用开发工具与第一篇文章所用相同,至于shiro也是在第一篇文章所建立的ssm框架上进行添加的:
开发工具
- IntelliJ IDEA Ultimate 2017.2.2
- Apache-tomcat-9.0.5
- JDK 1.8.0_121
- MySQL 5.7
- Maven 3.3.9
项目结构图:
是最终结构图
tomcat配置及访问路径因与参考文章不同,故上图作为参考:
idea中怎么搭建,怎么将不同公用的文件夹变色等可根据第一篇文章来了解,现将文件作为笔记拷贝一下:
pom.xml,
搭建过程中确实出过一些问题并以添加新包的方式解决,pom文件可用这里的依赖:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com</groupId>
<artifactId>first</artifactId>
<packaging>war</packaging>
<version>1.0-SNAPSHOT</version>
<name>first Maven Webapp</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<spring.version>5.0.3.RELEASE</spring.version>
<mybatis.version>3.4.4</mybatis.version>
</properties>
<dependencies>
<!-- 单元测试 -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<!-- 第一部分:Spring 配置-->
<!-- Spring core -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- Spring DAO -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- Spring mvc -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.4</version>
</dependency>
<!-- 第三部分:数据库和mybatis -->
<!-- 数据库 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.38</version>
</dependency>
<!-- 数据库连接池 -->
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5.2</version>
</dependency>
<!-- MyBatis -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!-- mybatis-spring整合包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>1.3.1</version>
</dependency>
<!-- 第四部分:日志 -->
<!-- 实现slf4j接口并整合 -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.1.1</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-quartz</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache-core</artifactId>
<version>2.4.5</version>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>3.2.1</version>
</dependency>
</dependencies>
<build>
<finalName>first</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
PaperController:package com.controller;
import com.pojo.Paper;
import com.service.PaperService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import java.util.List;
/**
* Created by Administrator on 2019/4/25.
*/
@Controller
@RequestMapping("/paper")
public class PaperController {
@Autowired
private PaperService paperService;
@RequestMapping("/allPaper")
public String list(Model model){
List<Paper> list = paperService.queryAllPaper();
model.addAttribute("list",list);
return "allPaper";
}
@RequestMapping("/toAddPaper")
public String toAddPaper(){
return "addPaper";
}
@RequestMapping("/addPaper")
public String addPaper(Paper paper){
paperService.addPaper(paper);
return "redirect:/paper/allPaper";
}
@RequestMapping("/del/{paperId}")
public String deletePaperById(@PathVariable("paperId") Long id){
paperService.deletePaperById(id);
return "redirect:/paper/allPaper";
}
@RequestMapping("/toUpdatePaper")
public String toUpdatePaper(Model model,long id){
Paper paper = paperService.queryById(id);
model.addAttribute("paper",paper);
return "updatePaper";
}
@RequestMapping("/updatePaper")
public String updatePaper(Model model,Paper paper){
paperService.updatePaper(paper);
paper = paperService.queryById(paper.getPaperId());
model.addAttribute("paper",paper);
return "redirect:/paper/allPaper";
}
}
SysUserController:package com.controller;
import com.pojo.SysUser;
import com.service.SysUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.annotation.Resource;
/**
* Created by Administrator on 2019/4/29.
*/
@Controller
@RequestMapping("/sysUser")
public class SysUserController {
@Resource
private SysUserService sysUserService;
public SysUserService getSysUserService() {
return sysUserService;
}
public void setSysUserService(SysUserService sysUserService) {
this.sysUserService = sysUserService;
}
@RequestMapping("/doLogin")
public String doLogin(SysUser sysUser, String rememberMe) {
System.out.println(rememberMe);
//得到Subject,通过SecurityUtils得到Subject,其会自动绑定到当前线程;如果在web环境在请求结束时需要解除绑定
Subject subject = SecurityUtils.getSubject();
//创建用户名/密码身份验证Token(即用户身份/凭证)
UsernamePasswordToken token=new UsernamePasswordToken(sysUser.getUsername(),sysUser.getPassword());
if(rememberMe!=null) {
//当checkbox勾选之后,rememberMe就不为null,此时启用rememberMe
token.setRememberMe(true);
}else {
//关闭rememberMe
token.setRememberMe(false);
}
try {
/*
* 身份验证,调用subject.login方法进行登录,其会自动委托给SecurityManager.login方法进行登录
* 通过login登录,如果登录失败将抛出相应的AuthenticationException,
* 如果登录成功调用subject.isAuthenticated就会返回true,即已经通过身份验证
* 如果isRemembered返回true,表示是通过记住我功能登录的而不是调用login方法登录的
* isAuthenticated/isRemembered是互斥的,即如果其中一个返回true,另一个返回false
*/
subject.login(token);
} catch (AuthenticationException e) {
/*
* 如果身份验证失败请捕获AuthenticationException或其子类,常见的如:
* DisabledAccountException(禁用的帐号)、
* LockedAccountException(锁定的帐号)、
* UnknownAccountException(错误的帐号)、
* ExcessiveAttemptsException(登录失败次数过多)、
* IncorrectCredentialsException (错误的凭证)、
* ExpiredCredentialsException(过期的凭证)等,具体请查看其继承关系
* 对于页面的错误消息展示,最好使用如“用户名/密码错误”而不是“用户名错误”/“密码错误”,防止一些恶意用户非法扫描帐号库
*/
return "login_failed";
}
return "main";
}
@ResponseBody
@RequestMapping("/saveSysUser")
public String saveSysUser(SysUser sysUser) {
try {
//如果b为true,说明添加成功
boolean b = this.sysUserService.saveSysUser(sysUser);
return "添加成功";
} catch (Exception e) {
//如果有异常,说明添加失败
return "添加失败";
}
}
@RequestMapping("/toAdd")
public String toAdd() {
return "sysuser_add";
}
@RequestMapping("/doLogout")
public String doLogout() {
//退出操作后一定要重定向页面
Subject subject = SecurityUtils.getSubject();
subject.logout();
return "login";
}
}
PaperDao:package com.dao;
import com.pojo.Paper;
import java.util.List;
/**
* Created by Administrator on 2019/4/25.
*/
public interface PaperDao {
int addPaper(Paper paper);
int deletePaperById(long id);
int updatePaper(Paper paper);
Paper queryById(long id);
List<Paper> queryAllPaper();
}
SysUserDao:package com.dao;
import com.pojo.SysUser;
import java.util.Set;
/**
* Created by Administrator on 2019/4/29.
*/
public interface SysUserDao {
SysUser getUserByUsername(String username);
Set<String> listRoles(String username);
Set<String> listPermissions(String username);
int saveSysUser(SysUser sysUser);
}
Paper:package com.pojo;
/**
* Created by Administrator on 2019/4/25.
*/
public class Paper {
private long paperId;
private String paperName;
private int paperNum;
private String paperDetail;
public long getPaperId() {
return paperId;
}
public void setPaperId(long paperId) {
this.paperId = paperId;
}
public String getPaperName() {
return paperName;
}
public void setPaperName(String paperName) {
this.paperName = paperName;
}
public int getPaperNum() {
return paperNum;
}
public void setPaperNum(int paperNum) {
this.paperNum = paperNum;
}
public String getPaperDetail() {
return paperDetail;
}
public void setPaperDetail(String paperDetail) {
this.paperDetail = paperDetail;
}
}
SysUser:package com.pojo;
import java.io.Serializable;
/**
* Created by Administrator on 2019/4/29.
*/
public class SysUser implements Serializable {
private int id;
private String username;
private String password;
private String salt;
private int locked;
public String getCredentialsSalt() {
return username + salt;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSalt() {
return salt;
}
public void setSalt(String salt) {
this.salt = salt;
}
public int getLocked() {
return locked;
}
public void setLocked(int locked) {
this.locked = locked;
}
}
PaperServiceImpl:package com.service.impl;
import com.dao.PaperDao;
import com.pojo.Paper;
import com.service.PaperService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* Created by Administrator on 2019/4/25.
*/
@Service
public class PaperServiceImpl implements PaperService{
@Autowired
private PaperDao paperDao;
@Override
public int addPaper(Paper paper) {
return paperDao.addPaper(paper);
}
@Override
public int deletePaperById(long id) {
return paperDao.deletePaperById(id);
}
@Override
public int updatePaper(Paper paper) {
return paperDao.updatePaper(paper);
}
@Override
public Paper queryById(long id) {
return paperDao.queryById(id);
}
@Override
public List<Paper> queryAllPaper() {
return paperDao.queryAllPaper();
}
}
SysUserServiceImpl:
package com.service.impl;
import com.dao.SysUserDao;
import com.pojo.SysUser;
import com.service.SysUserService;
import com.util.PasswordHelper;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.util.Set;
/**
* Created by Administrator on 2019/4/29.
*/
@Service("sysUserService")
public class SysUserServiceImpl implements SysUserService{
@Resource
private SysUserDao sysUserDao;
public SysUserDao getSysUserDao() {
return sysUserDao;
}
public void setSysUserDao(SysUserDao sysUserDao) {
this.sysUserDao = sysUserDao;
}
@Override
public SysUser getUserByUsername(String username) {
return this.sysUserDao.getUserByUsername(username);
}
@Override
public Set<String> listRoles(String username) {
return this.sysUserDao.listRoles(username);
}
@Override
public Set<String> listPermissions(String username) {
return this.sysUserDao.listPermissions(username);
}
/**
* 添加用户
*/
@Override
@Transactional
public boolean saveSysUser(SysUser sysUser) {
//service里主要的工作是,将随机salt和加密后的密码存进数据库
SysUser sysUserToDB = new PasswordHelper().encryptPassword(sysUser);
//保存最终进入数据库的sysUser
int rows = this.sysUserDao.saveSysUser(sysUserToDB);
if(rows==1) {
return true;
}else {
throw new RuntimeException();
}
}
}
PaperService:package com.service;
import com.pojo.Paper;
import java.util.List;
/**
* Created by Administrator on 2019/4/25.
*/
public interface PaperService {
int addPaper(Paper paper);
int deletePaperById(long id);
int updatePaper(Paper paper);
Paper queryById(long id);
List<Paper> queryAllPaper();
}
SysUserService:package com.service;
import com.pojo.SysUser;
import java.util.Set;
/**
* Created by Administrator on 2019/4/29.
*/
public interface SysUserService {
SysUser getUserByUsername(String username);
Set<String> listRoles(String username);
Set<String> listPermissions(String username);
boolean saveSysUser(SysUser sysUser);
}
PasswordHelper:package com.util;
import com.pojo.SysUser;
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
/**
* Created by Administrator on 2019/4/29.
*/
public class PasswordHelper {
private RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator();
private String algorithmName = "md5";
private int hashIterations = 2;
public void setRandomNumberGenerator(RandomNumberGenerator randomNumberGenerator) {
this.randomNumberGenerator = randomNumberGenerator;
}
public void setAlgorithmName(String algorithmName) {
this.algorithmName = algorithmName;
}
public void setHashIterations(int hashIterations) {
this.hashIterations = hashIterations;
}
/**
* 加密密码
*/
public SysUser encryptPassword(SysUser sysUser) {
//设置随机salt
sysUser.setSalt(randomNumberGenerator.nextBytes().toHex());
//密码明文+随机salt=密码密文
String newPassword = new SimpleHash(
algorithmName,
sysUser.getPassword(),
//credentialsSalt=username+salt
ByteSource.Util.bytes(sysUser.getCredentialsSalt()),
hashIterations).toHex();
//设置密码密文
sysUser.setPassword(newPassword);
return sysUser;
}
}
RetryLimitHashedCredentialsMatcher:package com.util;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import java.util.concurrent.atomic.AtomicInteger;
/**
* Created by Administrator on 2019/4/29.
*/
public class RetryLimitHashedCredentialsMatcher extends HashedCredentialsMatcher {
private Cache<String, AtomicInteger> passwordRetryCache;
public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) {
passwordRetryCache = cacheManager.getCache("passwordRetryCache");
}
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
//获取用户名
String username = (String)token.getPrincipal();
//从缓存中获取该用户已经输入密码的尝试次数
AtomicInteger retryCount = passwordRetryCache.get(username);
if(retryCount == null) {
retryCount = new AtomicInteger(0);
//将用户输入密码的尝试次数缓存起来
passwordRetryCache.put(username, retryCount);
}
if(retryCount.incrementAndGet() > 5) {
//密码输入次数超过五次
throw new ExcessiveAttemptsException();
}
/*
* token是表单上输入的用户名和密码,info是从数据中查的信息,将作密码比对
*/
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
//清楚尝试次数
passwordRetryCache.remove(username);
}
return matches;
}
}
UserRealm:package com.util;
import com.pojo.SysUser;
import com.service.SysUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
/**
* Created by Administrator on 2019/4/29.
*/
public class UserRealm extends AuthorizingRealm {
private SysUserService sysUserService;
public SysUserService getSysUserService() {
return sysUserService;
}
public void setSysUserService(SysUserService sysUserService) {
this.sysUserService = sysUserService;
}
/**
* 获取权限信息,只有在身份验证成功后才调用此方法获取权限信息
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//获取用户名
String username = (String)principals.getPrimaryPrincipal();
//new一个授权信息
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//给授权信息设置角色集合,只能放角色名
authorizationInfo.setRoles(sysUserService.listRoles(username));
//给授权信息设置权限集合
authorizationInfo.setStringPermissions(sysUserService.listPermissions(username));
//返回用户授权信息
return authorizationInfo;
}
/**
* 获取身份验证信息
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//获取用户名
String username = (String)token.getPrincipal();
//根据用户名获取User对象
SysUser user = sysUserService.getUserByUsername(username);
if(user == null) {
//找不到账号
throw new UnknownAccountException();
}
if(user.getLocked()==1) {
//帐号锁定
throw new LockedAccountException();
}
/*
* new一个身份验证信息
*/
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
//用户名
user.getUsername(),
//从数据库中查出的密文密码
user.getPassword(),
//credentialsSalt=username+salt
ByteSource.Util.bytes(user.getCredentialsSalt()),
//realm名称
getName()
);
Session session = getSession();
//将当前用户放进session
session.setAttribute("username", username);
/*
* 返回身份验证信息,将交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配
* CredentialsMatcher使用盐加密传入的明文密码和此处的密文密码进行匹配
*/
return authenticationInfo;
}
/**
* 获取shiro封装的session
*/
private Session getSession(){
try{
Subject subject = SecurityUtils.getSubject();
Session session = subject.getSession(false);
if (session == null){
session = subject.getSession();
}
if (session != null){
return session;
}
}catch (InvalidSessionException e){
}
return null;
}
//以下是一些清空realm缓存的方法
@Override
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
@Override
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}
@Override
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}
public void clearAllCachedAuthorizationInfo() {
getAuthorizationCache().clear();
}
public void clearAllCachedAuthenticationInfo() {
getAuthenticationCache().clear();
}
public void clearAllCache() {
clearAllCachedAuthenticationInfo();
clearAllCachedAuthorizationInfo();
}
}
PaperMapper.xml:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.dao.PaperDao">
<resultMap type="Paper" id="paperResultMap" >
<id property="paperId" column="paper_id"/>
<result property="paperName" column="name"/>
<result property="paperNum" column="number"/>
<result property="paperDetail" column="detail"/>
</resultMap>
<insert id="addPaper" parameterType="Paper">
INSERT INTO paper(paper_id,name,number,detail) VALUE (#{paperId},#{paperName}, #{paperNum}, #{paperDetail})
</insert>
<delete id="deletePaperById" parameterType="long">
DELETE FROM paper WHERE paper_id=#{paperID}
</delete>
<update id="updatePaper" parameterType="Paper">
UPDATE paper
SET NAME = #{paperName},NUMBER = #{paperNum},detail = #{paperDetail}
WHERE paper_id = #{paperId}
</update>
<select id="queryById" resultMap="paperResultMap" parameterType="long">
SELECT paper_id,name,number,detail
FROM paper
WHERE paper_id=#{paperId}
</select>
<select id="queryAllPaper" resultMap="paperResultMap">
SELECT paper_id,name,number,detail
FROM paper
</select>
</mapper>SysUser.xml:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.dao.SysUserDao">
<!-- 根据用户名查找用户 -->
<select id="getUserByUsername" parameterType="java.lang.String" resultType="com.pojo.SysUser">
select * from sys_users where username=#{username} and locked=0
</select>
<!-- 查询用户所有角色 -->
<select id="listRoles" parameterType="java.lang.String" resultType="java.lang.String">
select r.role from sys_users u inner join sys_users_roles ur on u.id=ur.user_id
inner join sys_roles r on ur.role_id=r.id where u.username=#{username} and u.locked=0
and r.available=0
</select>
<!-- 查询用户所有权限,返回值是权限名集合 -->
<select id="listPermissions" parameterType="java.lang.String" resultType="java.lang.String">
select p.permission from sys_users u inner join sys_users_roles ur on u.id=ur.user_id
inner join sys_roles r on ur.role_id=r.id inner join sys_roles_permissions rp
on r.id=rp.role_id inner join sys_permissions p on p.id=rp.permission_id
where u.username=#{username} and u.locked=0 and r.available=0 and p.available=0
</select>
<!-- 添加用户 -->
<insert id="saveSysUser" parameterType="com.pojo.SysUser">
insert into sys_users(username,password,salt,locked)
values(#{username},#{password},#{salt},#{locked})
</insert>
</mapper>spring-dao.xml:
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<!-- 配置整合mybatis过程 -->
<!-- 1.配置数据库相关参数properties的属性:${url} -->
<context:property-placeholder location="classpath:jdbc.properties"/>
<!-- 2.数据库连接池 -->
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource">
<!-- 配置连接池属性 -->
<property name="driverClass" value="${jdbc.driver}"/>
<property name="jdbcUrl" value="${jdbc.url}"/>
<property name="user" value="${jdbc.username}"/>
<property name="password" value="${jdbc.password}"/>
<!-- c3p0连接池的私有属性 -->
<property name="maxPoolSize" value="30"/>
<property name="minPoolSize" value="10"/>
<!-- 关闭连接后不自动commit -->
<property name="autoCommitOnClose" value="false"/>
<!-- 获取连接超时时间 -->
<property name="checkoutTimeout" value="10000"/>
<!-- 当获取连接失败重试次数 -->
<property name="acquireRetryAttempts" value="2"/>
</bean>
<!-- 3.配置SqlSessionFactory对象 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<!-- 注入数据库连接池 -->
<property name="dataSource" ref="dataSource"/>
<!-- 配置MyBaties全局配置文件:mybatis-config.xml -->
<property name="configLocation" value="classpath:mybatis-config.xml"/>
<!-- 扫描pojo包 使用别名 -->
<property name="typeAliasesPackage" value="com.pojo"/>
<!-- 扫描sql配置文件:mapper需要的xml文件 -->
<property name="mapperLocations" value="classpath:mapper/*.xml"/>
</bean>
<!-- 4.配置扫描Dao接口包,动态实现Dao接口,注入到spring容器中 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<!-- 注入sqlSessionFactory -->
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"/>
<!-- 给出需要扫描Dao接口包 -->
<property name="basePackage" value="com.dao"/>
</bean>
</beans>spring-mvc.xml:
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
<!-- 配置SpringMVC -->
<!-- 1.开启SpringMVC注解模式 -->
<!-- 简化配置:
(1)自动注册DefaultAnootationHandlerMapping,AnotationMethodHandlerAdapter
(2)提供一些列:数据绑定,数字和日期的format @NumberFormat, @DateTimeFormat, xml,json默认读写支持
-->
<mvc:annotation-driven/>
<!-- 2.静态资源默认servlet配置
(1)加入对静态资源的处理:js,gif,png
(2)允许使用"/"做整体映射
-->
<mvc:default-servlet-handler/>
<!-- 3.配置jsp 显示ViewResolver -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
<!-- 4.扫描web相关的bean -->
<context:component-scan base-package="com.controller"/>
</beans>spring-service.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd">
<!-- 扫描service包下所有使用注解的类型 -->
<context:component-scan base-package="com.service"/>
<!-- 配置事务管理器 -->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<!-- 注入数据库连接池 -->
<property name="dataSource" ref="dataSource"/>
</bean>
<!-- 配置基于注解的声明式事务 -->
<tx:annotation-driven transaction-manager="transactionManager"/>
</beans>spring-shiro-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<!-- 缓存管理器,使用Ehcache实现 -->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/>
</bean>
<!-- 凭证匹配器,验证密码是否正确,用 下面的类去验证-->
<bean id="credentialsMatcher" class="com.util.RetryLimitHashedCredentialsMatcher">
<constructor-arg ref="cacheManager"/>
<property name="hashAlgorithmName" value="md5"/>
<property name="hashIterations" value="2"/>
<property name="storedCredentialsHexEncoded" value="true"/>
</bean>
<!-- Realm实现 -->
<bean id="userRealm" class="com.util.UserRealm">
<property name="sysUserService" ref="sysUserService"/>
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<!-- 启用缓存 -->
<property name="cachingEnabled" value="true"/>
<!-- 启用身份验证缓存,即缓存AuthenticationInfo信息 -->
<property name="authenticationCachingEnabled" value="false"/>
<!-- 缓存AuthenticationInfo信息的缓存名称 -->
<property name="authenticationCacheName" value="authenticationCache"/>
<!-- 启用授权缓存,即缓存AuthorizationInfo信息 -->
<property name="authorizationCachingEnabled" value="true"/>
<!-- 缓存AuthorizationInfo信息的缓存名称 -->
<property name="authorizationCacheName" value="authorizationCache"/>
</bean>
<!-- 会话ID生成器 -->
<bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
<!-- 会话Cookie模板 -->
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="sid"/>
<property name="httpOnly" value="true"/>
<!-- maxAge=-1表示浏览器关闭时失效此Cookie -->
<property name="maxAge" value="-1"/>
</bean>
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="rememberMe"/>
<property name="httpOnly" value="true"/>
<!-- 单位为s-->
<property name="maxAge" value="1800"/>
</bean>
<!-- rememberMe管理器 -->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<!-- rememberMe cookie加密的** 建议每个项目都不一样 默认AES算法 **长度(128 256 512 位)-->
<property name="cipherKey"
value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsd66==')}"/>
<property name="cookie" ref="rememberMeCookie"/>
</bean>
<bean id="formAuthenticationFilter"
class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
<property name="rememberMeParam" value="rememberMe"/>
</bean>
<!-- 会话DAO -->
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
</bean>
<!-- 会话验证调度器 -->
<bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
<property name="sessionValidationInterval" value="1800000"/>
<property name="sessionManager" ref="sessionManager"/>
</bean>
<!-- 会话管理器 -->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="globalSessionTimeout" value="1800000"/>
<property name="deleteInvalidSessions" value="true"/>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
<property name="sessionDAO" ref="sessionDAO"/>
<property name="sessionIdCookieEnabled" value="true"/>
<property name="sessionIdCookie" ref="simpleCookie"/>
</bean>
<bean id="simpleCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg name="name" value="shiro.sesssion"/>
<property name="path" value="/"/>
</bean>
<!-- 安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="userRealm"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="cacheManager" ref="cacheManager"/>
<property name="rememberMeManager" ref="rememberMeManager"/>
</bean>
<!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<!-- Shiro的Web过滤器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login.jsp"/>
<property name="unauthorizedUrl" value="/jsp/unauthorized.jsp"/>
<property name="filterChainDefinitions">
<value>
<!-- 对于过滤器,一般这样使用:
访问一般网页,如个人在主页之类的,我们使用user拦截器即可,user拦截器只要用户登录
(isRemembered()==true or isAuthenticated()==true)过即可访问成功
访问特殊网页,如我的订单,提交订单页面,我们使用authc拦截器即可,authc拦截器会判断用户是否是通过
Subject.login(isAuthenticated()==true)登录的,如果是才放行,否则会跳转到登录页面叫你重新登录 -->
/login.jsp = anon
/sysUser/doLogin = anon
/**=user
</value>
</property>
</bean>
<!-- Shiro生命周期处理器-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
</beans>ehcache.xml:
<ehcache>
<!--
指定一个目录:当 EHCache 把数据写到硬盘上时, 将把数据写到这个目录下.
-->
<diskStore path="d:\\tempDirectory"/>
<!--
设置缓存的默认数据过期策略
-->
<defaultCache
maxElementsInMemory="10000"
eternal="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
overflowToDisk="true"
/>
<!--
设定具体的命名缓存的数据过期策略。每个命名缓存代表一个缓存区域
缓存区域(region):一个具有名称的缓存块,可以给每一个缓存块设置不同的缓存策略。
如果没有设置任何的缓存区域,则所有被缓存的对象,都将使用默认的缓存策略。即:<defaultCache.../>
Hibernate 在不同的缓存区域保存不同的类/集合。
对于类而言,区域的名称是类名。如:com.atguigu.domain.Customer
对于集合而言,区域的名称是类名加属性名。如com.atguigu.domain.Customer.orders
-->
<!--
name: 设置缓存的名字,它的取值为类的全限定名或类的集合的名字
maxElementsInMemory: 设置基于内存的缓存中可存放的对象最大数目
eternal: 设置对象是否为永久的, true表示永不过期, 此时将忽略timeToIdleSeconds 和 timeToLiveSeconds属性; 默认值是false
timeToIdleSeconds:设置对象空闲最长时间,以秒为单位, 超过这个时间,对象过期。当对象过期时,EHCache会把它从缓存中清除。如果此值为0,表示对象可以无限期地 处于空闲状态。
timeToLiveSeconds:设置对象生存最长时间,超过这个时间,对象过期。如果此值为0,表示对象可以无限期地存在于缓存中.
该属性值必须大于或等于 timeToIdleSeconds 属性值
overflowToDisk:设置基于内存的缓存中的对象数目达到上限后,是否把溢出的对象写到基于硬盘的缓存中
-->
<cache name="com.atguigu.hibernate.entities.Employee"
maxElementsInMemory="1"
eternal="false"
timeToIdleSeconds="300"
timeToLiveSeconds="600"
overflowToDisk="true"
/>
<cache name="com.atguigu.hibernate.entities.Department.emps"
maxElementsInMemory="1000"
eternal="true"
timeToIdleSeconds="0"
timeToLiveSeconds="0"
overflowToDisk="false"
/>
</ehcache>jdbc.properties:
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://127.0.0.1:3306/***?useUnicode=true&characterEncoding=utf8
jdbc.username=root
jdbc.password=***log4j.properties:
log4j.rootLogger=ERROR, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%t] - %m%nmybatis-config.xml:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration
PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<!-- 配置全局属性 -->
<settings>
<!-- 使用jdbc的getGeneratedKeys获取数据库自增主键值 -->
<setting name="useGeneratedKeys" value="true"/>
<!-- 使用列别名替换列名 默认:true -->
<setting name="useColumnLabel" value="true"/>
<!-- 开启驼峰命名转换:Table{create_time} -> Entity{createTime} -->
<setting name="mapUnderscoreToCamelCase" value="true"/>
</settings>
</configuration>addPaper.jsp
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2018/4/7
Time: 16:45
To change this template use File | Settings | File Templates.
--%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>新增论文</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
<script type="text/javascript"> //元素的淡入淡出效果
$(document).ready(function () {
debugger;
var aaa = <%=basePath%>;
console.log("------"+aaa);
})
</script>
</head>
<body>
<div class="container">
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
基于SSM框架的管理系统:简单实现增、删、改、查。
</h1>
</div>
</div>
</div>
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
<small>新增论文</small>
</h1>
</div>
</div>
</div>
<form action="" name="userForm">
论文名称:<input type="text" name="paperName"><br><br><br>
论文数量:<input type="text" name="paperNum"><br><br><br>
论文详情:<input type="text" name="paperDetail"><br><br><br>
<input type="button" value="添加" onclick="addPaper()">
</form>
<script type="text/javascript">
function addPaper() {
var form = document.forms[0];
form.action = "<%=basePath %>paper/addPaper";
form.method = "post";
form.submit();
}
</script>
</div>allPaper.jsp
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2018/4/6
Time: 16:57
To change this template use File | Settings | File Templates.
--%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<% String appPath = request.getContextPath(); %>
<html>
<head>
<title>Paper列表</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
基于SSM框架的管理系统:简单实现增、删、改、查。
</h1>
</div>
</div>
</div>
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
<small>论文列表 —— 显示所有论文</small>
</h1>
</div>
</div>
</div>
<div class="row">
<div class="col-md-4 column">
<a class="btn btn-primary" href="<%=appPath%>/paper/toAddPaper">新增</a>
</div>
</div>
<div class="row clearfix">
<div class="col-md-12 column">
<table class="table table-hover table-striped">
<thead>
<tr>
<th>论文编号</th>
<th>论文名字</th>
<th>论文数量</th>
<th>论文详情</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<c:forEach var="paper" items="${requestScope.get('list')}" varStatus="status">
<tr>
<td>${paper.paperId}</td>
<td>${paper.paperName}</td>
<td>${paper.paperNum}</td>
<td>${paper.paperDetail}</td>
<td>
<a href="<%=appPath%>/paper/toUpdatePaper?id=${paper.paperId}">更改</a> |
<a href="<%=appPath%>/paper/del/${paper.paperId}">删除</a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
</div>
</div>
</div>
login_failed.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>登陆失败界面</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<h1>登陆失败</h1>
</div>
</body>main.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!-- 注意有权限控制的前台页面需要引入shrio的标签库,否则不生效-->
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>main页面</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<!-- 相当于Subject.getPrincipals().oneByType(String.class) -->
当前用户:<shiro:principal type="java.lang.String"/><br>
有无超级管理员权限:
<shiro:hasRole name="super_admin">
有
</shiro:hasRole>
<br>
有无普通管理员权限:
<shiro:hasRole name="admin">
有
</shiro:hasRole>
<br>
有哪些权限:
<shiro:hasPermission name="user:create">
<a href="${pageContext.request.contextPath }/sysUser/toAdd">添加用户</a>
</shiro:hasPermission>
<shiro:hasPermission name="user:read">
<a href="#">查询用户</a>
</shiro:hasPermission>
<shiro:hasPermission name="user:update">
<a href="#">修改用户</a>
</shiro:hasPermission>
<shiro:hasPermission name="user:delete">
<a href="#">删除用户</a>
</shiro:hasPermission>
<br>
<a href="${pageContext.request.contextPath }/sysUser/doLogout">退出登录</a>
</div>
</body>sysuser_add.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>登陆界面</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<form action="${pageContext.request.contextPath }/sysUser/saveSysUser" method="post">
用户名:<input type="text" name="username">
密码:<input type="password" name="password">
是否锁住用户:<input type="text" name="locked">
<input type="submit" value="添加用户">
</form>
</div>
</body>unauthorized.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>登陆但没有权限界面</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<h1>您没有权限</h1>
</div>
</body>updatePaper.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<title>修改论文</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container">
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
基于SSM框架的管理系统:简单实现增、删、改、查。
</h1>
</div>
</div>
</div>
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
<small>修改论文</small>
</h1>
</div>
</div>
</div>
<form action="" name="userForm">
<input type="hidden" name="paperId" value="${paper.paperId}"/>
论文名称:<input type="text" name="paper.paperName" value="${paper.paperName}"/>
论文数量:<input type="text" name="paperNum" value="${paper.paperNum}"/>
论文详情:<input type="text" name="paperDetail" value="${paper.paperDetail }"/>
<input type="button" value="提交" onclick="updatePaper()"/>
</form>
<script type="text/javascript">
function updatePaper() {
var form = document.forms[0];
form.action = "<%=basePath %>paper/updatePaper";
form.method = "post";
form.submit();
}
</script>
</div>web.xml
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1" metadata-complete="true">
<display-name>Archetype Created Web Application</display-name>
<!-- 配置shiro过滤器,且该过滤器必须配置在dispatcherServlet之前 ,DelegatingFilterProxy类会自动到Spring容器中
查找名字为shiroFilter的bean并把filter请求交给它处理-->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 配置监听器,监听spring上下文中对象的创建.注意:mvc配置文件应最后被加载,因为controller依赖service -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:spring/spring-dao.xml,
classpath:spring/spring-service.xml,
classpath:spring/spring-mvc.xml,
<!-- 因为shiro配置文件里依赖了service,因此必须先加载spring-mybatis.xml -->
classpath:spring/spring-shiro-web.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/spring-*.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8" %>
<%
pageContext.setAttribute("path", request.getContextPath());
%>
<!DOCTYPE HTML>
<html>
<head>
<title>首页</title>
<style type="text/css">
a {
text-decoration: none;
color: black;
font-size: 18px;
}
h3 {
width: 180px;
height: 38px;
margin: 100px auto;
text-align: center;
line-height: 38px;
background: deepskyblue;
border-radius: 4px;
}
</style>
</head>
<body>
<div class="container">
<div class="row clearfix">
<div class="col-md-12 column">
<div class="page-header">
<h1>
基于SSM框架的管理系统:简单实现增、删、改、查。
</h1>
</div>
</div>
</div>
</div>
<br><br>
<h3>
<a href="${path }/paper/allPaper">点击进入管理页面</a>
<a href="${path }/jsp/login.jsp">点击进入登陆页面</a>
</h3>
</body>
</html>login.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%--<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>--%>
<html>
<head>
<title>登陆界面</title>
<%--<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- 引入 Bootstrap -->
<link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">--%>
</head>
<body>
<div class="container">
<form action="${pageContext.request.contextPath }/sysUser/doLogin" method="post">
用户名:<input type="text" name="username"><br>
密码:<input type="password" name="password"><br>
记住我:<input type="checkbox" value="true" name="rememberMe"><br>
<input type="submit" value="登录">
</form>
</div>
</body>运行可查看运行效果图:
注意:1.如果发现前端页面的<shiro:hasPermission name="user:create">没有生效,记得添加<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
2.一步步来,第一篇的入口index.jsp和加上shiro后的新入口login.jsp都是和WEB-INF同级的,还有jdbc.properties自己改下自己的数据库。
3.整合完后有关paper相关功能没啥用了,只是作为一个ssm的基础供测试shiro使用的。