Spring and Shiro integrated landing operation
Author: Stanley Luo Hao
[Please indicate the source and the signature, thank you! ]
The method of preparation of landing Controller
explain:
First of all, if you log in fail, it will throw your exception information called shirologinFailure the value inside, this value corresponds to our request scope, its key value is shirologinFailure;
From which we can get to name (an exception error message) We use string to receive the abnormality information abnormalities exceptionClassName later, then we can begin to determine if exceptionClassName! = Null time, it shows the landing failed, failed on landing, we direct return "forward / login.jsp"; give him jump directly to the landing page, allowing users to continue to log in;
Then we landed successful? Note See note below:
This method does not handle success landing situation , it will automatically jump to help us operate on a path, so the failure of the landing will enter into this method returns a landing page, if successful, are they not enter this method , but Jump directly to the landing path we previously reserved;
Landing operation
When we try landing, we will find not land, but is content to return the user name does not exist;
Because, when we landed, shiro will first operate [is] like we write UserRealm by Realm our custom, we can see at the bottom // authentication operation, the result of this method returns null, null is meaning that users can not find information, such as we have just to enter a user name in the text box: zhangsan, this time we do not come out inquiries, returns from the authenticator in a null tells the user, can not be found;
So, we then need to supplement the authenticator complete;
我们可以看到该方法有一个参数token,没错,我们就是要通过这个token来获取我们前端用户传过来的用户名(UserName),然后去我们数据库中进行查询对比;对比下你是否拥有这个用户,如果有的话,我就直接把它返回就可以了;
接下来,我们就需要从token中获取登陆的用户名(用户填写的文本框中的值),查询数据库返回用户信息;那我们要怎样获取用户Name呢》其实非常简单:
String username = (String) token.getPrincipal();//用来获取用户名
接下来,我们拿到这个用户名后,我们就可以进行dao【Mybiats就是Mapper来完成操作】的JDBC操作了,因为我们用的是Spring环境,我们就可以通过依赖注入的方式来进行操作,我们直接将登陆的接口注入进来,将获取到的用户名直接丢进去即可;具体步骤:
1.我们在Dao【Mapper层】中找到User这个接口层并且编写接口:User getUserByUsername(String username);//获取用户对象,通过用户名查询获取;
2.在Service层重写Mapper结构并编写实现类impl,直接调Mapper层中的登陆接口,直接retrun方法;
@Autowired private UserMapper userMapper; public User getUserByUsername(String username){ return userMapper.getUserByUsername(username); }
2.Sql语句:Select * From user(表名) where username = ?;查询返回我们的User对象【Mybiats在.xml文件中编写Sql】;
3.使用依赖注入,将Service注入到授权器中;
String username = (String) token.getPrincipal();//用来获取用户名 User user = userService.getUserByUsername(username);
4.判断
if (ObjectUtils.isEmpty(user){ //如果用户名不存在,直接返回null即可 return null; }else{ //如果该用户存在 /** * 1.用户对象 * 2.用户对应的密码,将数据库密码返回,Shiro会自动判断 * 3.上方定义的Realm名字(当前自定义Realm的名称) */ return new SimpleAuthenticationInfo(user,user.getpassword,getName); }