什么Shiro

Shiro是做安全验证，权限管理，等…

是一种安全框架，属于轻量级框架。。

导入依赖（导入jar包）

如果用的是maven来管理项目的话，我们需要在pom.xml文件中加入依赖，

如果用的是动态的web工程，我们需要在lib文件夹中导入jar包，然后Build Path --> Add to Build Path

Spring相关依赖；

<dependency>
    		<groupId>org.springframework</groupId>
    		<artifactId>spring-context</artifactId>
    		<version>5.0.0.RELEASE</version>
		</dependency>

SpringMVC相关依赖；

<dependency>
		    <groupId>org.springframework</groupId>
		    <artifactId>spring-web</artifactId>
		    <version>5.0.0.RELEASE</version>
		</dependency>
		
		<dependency>
		    <groupId>org.springframework</groupId>
		    <artifactId>spring-webmvc</artifactId>
		    <version>5.0.0.RELEASE</version>
		</dependency>
		
		<dependency>
			<groupId>org.springframework</groupId>
			<artifactId>spring-tx</artifactId>
			<version>5.0.0.RELEASE</version>
		</dependency>

MyBatis相关依赖；

<dependency>
			<groupId>org.mybatis</groupId>
			<artifactId>mybatis</artifactId>
			<version>3.4.5</version>
		</dependency>

Shiro相关依赖；

<dependency>
	    <groupId>org.apache.shiro</groupId>
	    <artifactId>shiro-all</artifactId>
	    <version>1.3.2</version>
	</dependency>
	
	<dependency>
	    <groupId>org.slf4j</groupId>
	    <artifactId>slf4j-api</artifactId>
	    <version>1.7.25</version>
	</dependency>
	
	<dependency>
	    <groupId>org.slf4j</groupId>
	    <artifactId>slf4j-log4j12</artifactId>
	    <version>1.7.25</version>
	</dependency>

5.Spring整合MyBatis依赖；

<dependency>
		    <groupId>org.mybatis</groupId>
		    <artifactId>mybatis-spring</artifactId>
		    <version>1.3.2</version>
		</dependency>

其他依赖(日志输出，数据源，连接数据库…) ；

<dependency>
   		<groupId>commons-logging</groupId>
   		<artifactId>commons-logging</artifactId>
    	<version>1.2</version>
	</dependency>
		
	<dependency>
	    <groupId>com.alibaba</groupId>
	    <artifactId>druid</artifactId>
	    <version>1.1.8</version>
	</dependency>
	
	<dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
			<version>5.1.24</version>
	</dependency>
	
	<dependency>
		    <groupId>log4j</groupId>
		    <artifactId>log4j</artifactId>
		    <version>1.2.17</version>
	</dependency>
	
	<dependency>
		    <groupId>cglib</groupId>
		    <artifactId>cglib</artifactId>
		    <version>3.2.5</version>
	</dependency>
	
	<dependency>
		    <groupId>org.springframework</groupId>
		    <artifactId>spring-jdbc</artifactId>
		    <version>4.0.4.RELEASE</version>
	</dependency>

搭建SSM框架(项目概要)

SSM整合Shiro框架这样所有问题就完美解决啦，对了，值得一提的是，用jar包导入的方式必须要写ApplicationContext.xml而且要配置，但是博主写这个博客的时候，maven方式也需要配置ApplicationContext.xml也是非常有意思的事情了，哈哈哈哈哈哈

配置

以下配置是基于ssm框架基本配置之上

springmvc.xml

<!--  Shiro Core Components - Not Spring Specific -->
<!-- 安全管理器  -->

    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="cacheManager" ref="cacheManager"/>
        <property name="sessionMode" value="native"/>
        <property name="realm" ref="jdbcRealm"/>
    </bean>
    
    <!-- 缓存管理器 -->
    <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
        <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/>
    </bean>
	
	<!-- 自定义的Realm类 -->
   <bean id="jdbcRealm" class="com.zrhk.bean.ShiroRealm"></bean>
    
    
    
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>

    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
          depends-on="lifecycleBeanPostProcessor"/>

    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

    <bean id="secureRemoteInvocationExecutor" class="org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

<!-- Shiro的过滤器，过滤所有请求 -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="loginUrl" value="/index.jsp"/>				--->登录界面
        <property name="successUrl" value="/success.jsp"/>			--->成功界面
        <property name="unauthorizedUrl" value="/error.jsp"/>		--->错误界面
        
        <property name="filterChainDefinitions">
            <value>
                /index.jsp = anon		--->未经过认证返回该界面
                /** = authc		--->经过认证返回界面
            </value>
        </property>
    </bean>

web.xml

<filter>
        <filter-name>shiroFilter</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        <init-param>
            <param-name>targetFilterLifecycle</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>shiroFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

实现

当在url后缀改成其他url时，会因为xml的配置因为没有认证跳转回本界面。

注意事项

1.运行时可能出现：No WebApplicationContext found: no ContextLoaderListener or DispatcherServlet registered?

解决办法：

ApplicationContext.xml

<!-- 
         Shiro Core Components - Not Spring Specific
    -->
    
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="cacheManager" ref="cacheManager"/>
        <property name="sessionMode" value="native"/>
        <property name="realm" ref="jdbcRealm"/>
    </bean>

    <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
        <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/>
    </bean>

   <bean id="jdbcRealm" class="com.zrhk.bean.ShiroRealm"></bean>
    
    
    

    <!-- =========================================================
         Shiro Spring-specific integration
         ========================================================= -->
    <!-- Post processor that automatically invokes init() and destroy() methods
         for Spring-configured Shiro objects so you don't have to
         1) specify an init-method and destroy-method attributes for every bean
            definition and
         2) even know which Shiro objects require these methods to be
            called. -->
    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>

    <!-- Enable Shiro Annotations for Spring-configured beans.  Only run after
         the lifecycleBeanProcessor has run: -->
    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
          depends-on="lifecycleBeanPostProcessor"/>
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

    <!-- Secure Spring remoting:  Ensure any Spring Remoting method invocations can be associated
         with a Subject for security checks. -->
    <bean id="secureRemoteInvocationExecutor" class="org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

    <!-- Define the Shiro Filter here (as a FactoryBean) instead of directly in web.xml -
         web.xml uses the DelegatingFilterProxy to access this bean.  This allows us
         to wire things with more control as well utilize nice Spring things such as
         PropertiesPlaceholderConfigurer and abstract beans or anything else we might need: -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="loginUrl" value="/index.jsp"/>
        <property name="successUrl" value="/success.jsp"/>
        <property name="unauthorizedUrl" value="/error.jsp"/>
        
        <property name="filterChainDefinitions">
            <value>
                /index.jsp = anon
                /** = authc
            </value>
        </property>
    </bean>

并且在web.xml文件中加入

<listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>classpath:ApplicationContext.xml</param-value>
	</context-param>

这样所有问题就完美解决啦，对了，值得一提的是，用jar包导入的方式必须要写ApplicationContext.xml而且要配置，但是博主写这个博客的时候，maven方式也需要配置ApplicationContext.xml也是非常有意思的事情了，哈哈哈哈哈哈

什么Shiro

导入依赖（导入jar包）

搭建SSM框架(项目概要)

配置

实现

注意事项

这样所有问题就完美解决啦，对了，值得一提的是，用jar包导入的方式必须要写ApplicationContext.xml而且要配置，但是博主写这个博客的时候，maven方式也需要配置ApplicationContext.xml也是非常有意思的事情了，哈哈哈哈哈哈

继续阅读

PDF报表操作05~~SSM整合JasperReport+barcode4j制作动态报表(数据库交互)案例

spring注解的开端（@Component替代bean标签的使用）一、介绍二、简单例子讲解总结：

三阶段Day02之SpringBoot高级用法及Mybatis整合1. SpringBoot高级用法

SpringMVC框架的常用注解1、RequestParam2、RequestBody3、PathVaribale4、RequestHeader5、CookieValue6、ModelAttribute7、SessionAttributes

SpringMVC-4—SpringMVC常用注解一、RequestMapping 注解二、RequestParam注解三、RequestBody注解四、PathVaribale注解五、RequestHeader注解六、CookieValue注解七、SessionAttribute注解

Spring MVC框架搭建

SpringMVC框架----SpringMVC 概述

SpringMVC框架----RequestMapping注解

Ztree树形动态加载数据

从你的WEB世界路过之--0.初识0) 前言1) WEB基本概念2) 响应数据3. 结语

如何搭建一个SSM框架

spring配置文件拆分细节注意

基于SSM 技术的服装店管理系统

SpringMVC(六) | 前后端交互之ajax与jsonjsonajax

SSM框架（二）------------表现层的SpringMVC

Intellij idea基于Maven 的SSM 框架整合

什么Shiro

导入依赖（导入jar包）

搭建SSM框架(项目概要)

配置

实现

注意事项

这样所有问题就完美解决啦， 对了，值得一提的是，用jar包导入的方式必须要写ApplicationContext.xml而且要配置，但是博主写这个博客的时候，maven方式也需要配置ApplicationContext.xml也是非常有意思的事情了，哈哈哈哈哈哈

继续阅读

这样所有问题就完美解决啦，对了，值得一提的是，用jar包导入的方式必须要写ApplicationContext.xml而且要配置，但是博主写这个博客的时候，maven方式也需要配置ApplicationContext.xml也是非常有意思的事情了，哈哈哈哈哈哈