1. Issues in the Huitong project:
1. Users can go through the browser. Make random jumps when not logged in.
2. Unused users should see different content on the page. Only super admin etc. to see the overall picture of the system.
2. Shiro Security Framework
Shiro is a security framework under apache , and its main functional modules include login authentication. Authority authentication, encryption processing, session management.
Similar products:
1. Shiro 's functional block diagram
Au thentication: login authentication module
Note: If the Shiro login authentication is used in the software, if the user does not log in. You cannot jump to the inside of the software, and will always be intercepted by shiro until the user logs in with the correct username and password.
Authorization : Authorization Control Module
Note: Due to different roles, different users manage different modules and display different user pages.
SessionMagement: Session管理
Mainly manage the Session object. Get the User object from it. Easy to develop
Function: SSO
Cryptography:
Encryption processing:
The plaintext input by the user is converted into a password after internal encryption by Shiro .
2. Shiro call flow chart
1.applicationCode: application code
Program call / manual request / machine automatic request
2.Subject : means "user"
Subject is the only entry program exposed by Shiro , mainly through the parameters submitted by Subject . Shiro can identify. Otherwise the user will be blocked by Shiro forever .
Subject : The main function point is the user's login authentication module.
3.ShiroSecurityManager shiro Security Center
Shiro Security Center is the most important core module in Shiro , and performs all verification and judgment internally.
4.Realm: Generate data (raw material)
Provide all real data for Shiro Security Center. Include the user's real username and password. User permissions, Session.. etc.
Lg:
When a user performs a login operation, the username and password should first be handed over to the Subject for processing. After the subject transmits the data entered by the user to the Shiro Security Center, the Shiro Security Center performs verification processing inside. Shiro Security Center, after querying the user's real data information through Realm. Internally compare the two for differences. If they are the same then the username and password are correct. If there is a difference, the username and password are wrong. Intercept again.
3. Spring integrates the Shiro security framework:
1. Add the jar package file:
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-all</artifactId>
<version>1.2.3</version>
</dependency>
2. Add Shiro configuration file
1. Add realm
2. Customize realm :
3. Define the filter
4. Configure the filter in web.xml
4. Huitong introduced Shiro to achieve login authentication:
1.Shiro protects the program
2.Subject login operation:
3. Edit custom realm
1. Inheritance
2. Provide real user information for shiro security center
3. Encrypt the user's password
4. Add configuration file:
5. Save the user object through the session
5. Authority authentication:
Ideas:
1. Authority authentication is performed after login authentication
2. To do authority authentication , you need to prepare 2 sets of lists 1. The authority that the user has 2. The authority that the user needs
3. Introduce the shiro label control menu module
1. By configuring to inform Shiro of those module information for permission control
1.1 Introduce the shiro tag
<%@ taglib uri="http://shiro.apache.org/tags" prefix="shiro"%>
1.2 Controlling the first-level menu through labels
1.3 Provide user permission information for shiro security center through realm
1.4 Query sql statement:
SELECT NAME
FROM MODULE_P
WHERE MODULE_ID IN
(SELECT MODULE_ID
FROM ROLE_MODULE_P
WHERE ROLE_ID IN
(SELECT ROLE_ID FROM ROLE_USER_P WHERE USER_ID = '1')
)
6. Huitong project switch database
1. Import ht.sql to the machine
1. First create the ht database
2. Import the ht.sql file
2.ht project switch database
copy configuration file
Switch database:
7. Vmware virtual machine configuration
1. Install the virtual machine
need key
2. Open the linux system
3.vmware network card configuration
After installing the virtual machine, 2 network cards appear by default, do not modify
4. Network configuration:
1. Bridge mode:
If the virtual machine is in bridge mode, the virtual machine has an exclusive IP on the current network segment
Local Ip: 10.8.34.6
VM IP: 10.8.34.7
2.nat mode:
Create a space in the current network environment to save your own private network users.
3. VMware save
Boot and click F2 to enter the BIOS system
Modify the virtualization settings in the BIOS to enable
