Java ??????
???????????? ???????[ 2017/3/8 10:49:55 ] ??????????????????? Java
??????????????? Shiro ????? org.apache.shiro.realm.jdbc.JdbcRealm?????????????????? Shiro ?漲???????????Σ????????????????д SQL???????? Web ??????д??
????customizeRealm.ini
????# ???????????????
????[main]
????# ????????????е????????? /login
????authc.loginUrl=/login
????# ??????????????????????????? /unauthorized.jsp
????roles.unauthorizedUrl=/unauthorized.jsp
????# ?????????????????????? /unauthorized.jsp
????perms.unauthorizedUrl=/unauthorized.jsp
????# ???? Shiro ???????? Realm
????customizeRealm=com.lee.shiro.realm.CustomizeRealm
????securityManager.realms=$customizeRealm
????#########
????# ????? #
????#########
????# ?? urls ??????? url ???????????????????
????# ? ???????????磺/admin? -> /admin1??/admin2
????# * ????????????????磺/admin* -> /admin??/admin1??/admin123
????# ** ?????·?????磺/admin/** -> /admin/??/admin/1??/admin/1/2
????[urls]
????# ??? anon ??????????anon ?????????????ο?
????/login=anon
????# ?????????????ж??? admin ??????????????
????/admin=roles[admin]
????# ???? /student ??????????? teacher
????/student=roles[teacher]
????# ???? /teacher ????? user:create
????/teacher=perms[user:create]
????????????GitHub
???????? Spring
???????? Spring
????JavaSE???
????spring-shiro.xml???????JavaSE????????Spring?????
????spring-shiro.xml
????<!-- ????????? ???Ehcache??? -->
????<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
????<property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/>
????</bean>
????<!-- ??????? -->
????<bean id="credentialsMatcher" class="
????com.github.zhangkaitao.shiro.chapter12.credentials.RetryLimitHashedCredentialsMatcher">
????<constructor-arg ref="cacheManager"/>
????<property name="hashAlgorithmName" value="md5"/>
????<property name="hashIterations" value="2"/>
????<property name="storedCredentialsHexEncoded" value="true"/>
????</bean>
????<!-- Realm??? -->
????<bean id="userRealm" class="com.github.zhangkaitao.shiro.chapter12.realm.UserRealm">
????<property name="userService" ref="userService"/>
????<property name="credentialsMatcher" ref="credentialsMatcher"/>
????<property name="cachingEnabled" value="true"/>
????<property name="authenticationCachingEnabled" value="true"/>
????<property name="authenticationCacheName" value="authenticationCache"/>
????<property name="authorizationCachingEnabled" value="true"/>
????<property name="authorizationCacheName" value="authorizationCache"/>
????</bean>
????<!-- ??ID?????? -->
????<bean id="sessionIdGenerator"
????class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
????<!-- ??DAO -->
????<bean id="sessionDAO"
????class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
????<property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
????<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
????</bean>
????<!-- ??????????? -->
????<bean id="sessionValidationScheduler"
????class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
????<property name="sessionValidationInterval" value="1800000"/>
????<property name="sessionManager" ref="sessionManager"/>
????</bean>
????<!-- ???????? -->
????<bean id="sessionManager" class="org.apache.shiro.session.mgt.DefaultSessionManager">
????<property name="globalSessionTimeout" value="1800000"/>
????<property name="deleteInvalidSessions" value="true"/>
????<property name="sessionValidationSchedulerEnabled" value="true"/>
????<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
????<property name="sessionDAO" ref="sessionDAO"/>
????</bean>
????<!-- ????????? -->
????<bean id="securityManager" class="org.apache.shiro.mgt.DefaultSecurityManager">
????<property name="realms">
????<list><ref bean="userRealm"/></list>
????</property>
????<property name="sessionManager" ref="sessionManager"/>
????<property name="cacheManager" ref="cacheManager"/>
????</bean>
????<!-- ???????SecurityUtils.setSecurityManager(securityManager) -->
????<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
????<property name="staticMethod"
????value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
????<property name="arguments" ref="securityManager"/>
????</bean>
????<!-- Shiro?????????????-->
????<bean id="lifecycleBeanPostProcessor"
????class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
?????????????????????ini???÷?????????spring xml???÷?????ɡ?
????LifecycleBeanPostProcessor???????????Initializable????Shiro bean??????????Initializable??????????????Destroyable????Shiro bean????????? Destroyable?????????UserRealm?????Initializable????DefaultSecurityManager?????Destroyable????????????????й????
????Web???
????Web??ú????JavaSE?????Щ???????????????????Щ??????????????????????ο?spring-shiro-web.xml??
????spring-shiro-web.xml
????<!-- ??Cookie??? -->
????<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
????<constructor-arg value="sid"/>
????<property name="httpOnly" value="true"/>
????<property name="maxAge" value="180000"/>
????</bean>
????<!-- ???????? -->
????<bean id="sessionManager"
????class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
????<property name="globalSessionTimeout" value="1800000"/>
????<property name="deleteInvalidSessions" value="true"/>
????<property name="sessionValidationSchedulerEnabled" value="true"/>
????<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
????<property name="sessionDAO" ref="sessionDAO"/>
????<property name="sessionIdCookieEnabled" value="true"/>
????<property name="sessionIdCookie" ref="sessionIdCookie"/>
????</bean>
????<!-- ????????? -->
????<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
????<property name="realm" ref="userRealm"/>
????<property name="sessionManager" ref="sessionManager"/>
????<property name="cacheManager" ref="cacheManager"/>
????</bean>
????1??sessionIdCookie??????????Session ID Cookie????壻
????2?????????????????web??????DefaultWebSessionManager??
????3??????????????????web??????DefaultWebSecurityManager??
????spring-shiro-web.xml
????<!-- ????Form????????????????? -->
????<bean id="formAuthenticationFilter"
????class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
????<property name="usernameParam" value="username"/>
????<property name="passwordParam" value="password"/>
????<property name="loginUrl" value="/login.jsp"/>
????</bean>
????<!-- Shiro??Web?????? -->
????<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
????<property name="securityManager" ref="securityManager"/>
????<property name="loginUrl" value="/login.jsp"/>
????<property name="unauthorizedUrl" value="/unauthorized.jsp"/>
????<property name="filters">
????<util:map>
????<entry key="authc" value-ref="formAuthenticationFilter"/>
????</util:map>
????</property>
????<property name="filterChainDefinitions">
????<value>
????/index.jsp = anon
????/unauthorized.jsp = anon
????/login.jsp = authc
????/logout = logout
????/** = user
????</value>
????</property>
????</bean>
????1??formAuthenticationFilter?????Form????????????????????????????????????Filter bean???壻
????2??shiroFilter????????ShiroFilterFactoryBean??????ShiroFilter????????filters?????????????????????????ini?????е?[filters]?????filterChainDefinitions????????url??filter????????ini?????е?[urls]?????
????web.xml
????<context-param>
????<param-name>contextConfigLocation</param-name>
????<param-value>
????classpath:spring-beans.xml??
????classpath:spring-shiro-web.xml
????</param-value>
????</context-param>
????<listener>
????<listener-class>
????org.springframework.web.context.ContextLoaderListener
????</listener-class>
????</listener>
????<filter>
????<filter-name>shiroFilter</filter-name>
????<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
????<init-param>
????<param-name>targetFilterLifecycle</param-name>
????<param-value>true</param-value>
????</init-param>
????</filter>
????<filter-mapping>
????<filter-name>shiroFilter</filter-name>
????<url-pattern>/*</url-pattern>
????</filter-mapping>
????Shiro??????
????<aop:config proxy-target-class="true"></aop:config>
????<bean class="
????org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
????<property name="securityManager" ref="securityManager"/>
????</bean>
???????????????????Shiro Spring AOP???????????<aop:config proxy-target-class="true">?????????
?????????????????????????AnnotationController??????????·?????????
????@RequiresRoles("admin")
????@RequestMapping("/hello2")
????public String hello2() {
????return "success";
????}
????????hello2??????????????????admin?????
???????????????????UnauthorizedException??????????????Spring??ExceptionHandler??DefaultExceptionHandler????????????????
????@ExceptionHandler({UnauthorizedException.class})
????@ResponseStatus(HttpStatus.UNAUTHORIZED)
????public ModelAndView processUnauthenticatedException(NativeWebRequest request?? UnauthorizedException e) {
????ModelAndView mv = new ModelAndView();
????mv.addObject("exception"?? e);
????mv.setViewName("unauthorized");
????return mv;
????}
???????????????????????漰???????????????????SPASVOС??(021-61079698-8054)?????????????????????????
??????
Java???????????Щ???????????????Java????????????????Java?б???Map????????Java Web???????????????Java??????????????д?????Java????????7???????????????????????(java .net ?????)???Java??????????Python??????Java webdriver??λ????????′????е?????Java??д??????????????????Java???????????????JavaScript????????????Java?????????????????? Java???????10??????????????Java?м????????????????java???????ü???????????м???????????????????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11????????
?????????App Bug???????????????????????Jmeter?????????QC??????APP????????????????app?????е????????jenkins+testng+ant+webdriver??????????????JMeter????HTTP???????Selenium 2.0 WebDriver ??????
sales@spasvo.com