一、在jsp页面中导入shiro的标签库
<%@ taglib uri="http://shiro.apache.org/tags" prefix="shiro"%>
二、在某些需要特定模块的代码中加入权限校验
<shiro:hasPermission name="staff-delete">
{
id : 'button-delete',
text : '作废',
iconCls : 'icon-cancel',
handler : doDelete
},
</shiro:hasPermission>
这表示如果检测到用户有staff-delete这个授权,就显示这段用于删除数据的代码块
三、调整realm
1、为其授权
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection args){
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//添加授权口令
info.addStringPermission("staff-delete");
return info;
}
2、删除该授权
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection args){
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//添加授权口令
info.addStringPermission("null");
return info;
}