第二十三章 多项目集中权限管理

pom.xml

@@ -32,6 +32,12 @@
         <module>shiro-example-chapter20</module>
         <module>shiro-example-chapter21</module>
         <module>shiro-example-chapter22</module>
+        <module>shiro-example-chapter23-server</module>
+        <module>shiro-example-chapter23-core</module>
+        <module>shiro-example-chapter23-client</module>
+        <module>shiro-example-chapter23-pom</module>
+        <module>shiro-example-chapter23-app1</module>
+        <module>shiro-example-chapter23-app2</module>
     </modules>
 
 

shiro-example-chapter23-app1/pom.xml

@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>shiro-example-chapter23-pom</artifactId>
+        <groupId>com.github.zhangkaitao</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>shiro-example-chapter23-app1</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.github.zhangkaitao</groupId>
+            <artifactId>shiro-example-chapter23-client</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <finalName>chapter23-app1</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.mortbay.jetty</groupId>
+                <artifactId>jetty-maven-plugin</artifactId>
+                <version>8.1.8.v20121106</version>
+                <configuration>
+                    <webAppConfig>
+                        <contextPath>/${project.build.finalName}</contextPath>
+                    </webAppConfig>
+                    <connectors>
+                        <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
+                            <port>9080</port>
+                            <maxIdleTime>60000</maxIdleTime>
+                        </connector>
+                    </connectors>
+                </configuration>
+            </plugin>
+
+
+            <plugin>
+                <groupId>org.apache.tomcat.maven</groupId>
+                <artifactId>tomcat7-maven-plugin</artifactId>
+                <version>2.2</version>
+                <configuration>
+                    <path>/${project.build.finalName}</path>
+                    <httpPort>9080</httpPort>
+                </configuration>
+
+            </plugin>
+        </plugins>
+
+
+    </build>
+</project>

shiro-example-chapter23-app1/src/main/java/com/github/zhangkaitao/shiro/chapter23/app1/web/controller/HelloController.java

@@ -0,0 +1,45 @@
+package com.github.zhangkaitao.shiro.chapter23.app1.web.controller;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.annotation.RequiresRoles;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-3-13
+ * <p>Version: 1.0
+ */
+@Controller
+public class HelloController {
+
+    @RequestMapping("/hello")
+    public String hello() {
+        return "success";
+    }
+
+    @RequestMapping(value = "/attr", method = RequestMethod.POST)
+    public String setAttr(
+            @RequestParam("key") String key, @RequestParam("value") String value) {
+        SecurityUtils.getSubject().getSession().setAttribute(key, value);
+        return "success";
+    }
+
+
+    @RequestMapping(value = "/attr", method = RequestMethod.GET)
+    public String getAttr(
+            @RequestParam("key") String key, Model model) {
+        model.addAttribute("value", SecurityUtils.getSubject().getSession().getAttribute(key));
+        return "success";
+    }
+
+    @RequestMapping("/role1")
+    @RequiresRoles("role1")
+    public String role1() {
+        return "success";
+    }
+
+}

shiro-example-chapter23-app1/src/main/java/com/github/zhangkaitao/shiro/chapter23/app1/web/exception/DefaultExceptionHandler.java

@@ -0,0 +1,31 @@
+package com.github.zhangkaitao.shiro.chapter23.app1.web.exception;
+
+import org.apache.shiro.authz.UnauthorizedException;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.servlet.ModelAndView;
+
+/**
+ * <p>User: Zhang Kaitao
+ * <p>Date: 14-2-12
+ * <p>Version: 1.0
+ */
+@ControllerAdvice
+public class DefaultExceptionHandler {
+    /**
+     * 没有权限 异常
+     * <p/>
+     * 后续根据不同的需求定制即可
+     */
+    @ExceptionHandler({UnauthorizedException.class})
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
+    public ModelAndView processUnauthenticatedException(NativeWebRequest request, UnauthorizedException e) {
+        ModelAndView mv = new ModelAndView();
+        mv.addObject("exception", e);
+        mv.setViewName("unauthorized");
+        return mv;
+    }
+}

shiro-example-chapter23-app1/src/main/resources/client/shiro-client.properties

@@ -0,0 +1,4 @@
+client.app.key=645ba612-370a-43a8-a8e0-993e7a590cf0
+client.success.url=/hello
+client.filter.chain.definitions=/hello=anon;/login=authc;/**=authc
+

shiro-example-chapter23-app1/src/main/resources/spring-mvc.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:aop="http://www.springframework.org/schema/aop"
+       xmlns:mvc="http://www.springframework.org/schema/mvc"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="
+       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
+       http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+    <context:component-scan base-package="com.github.zhangkaitao" use-default-filters="false">
+        <context:include-filter type="annotation" expression="org.springframework.stereotype.Controller"/>
+        <context:include-filter type="annotation" expression="org.springframework.web.bind.annotation.ControllerAdvice"/>
+    </context:component-scan>
+
+    <aop:config proxy-target-class="true"></aop:config>
+    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
+        <property name="securityManager" ref="securityManager"/>
+    </bean>
+
+    <mvc:annotation-driven/>
+
+    <!-- 默认的视图解析器 在上边的解析错误时使用 (默认使用html)- -->
+    <bean id="defaultViewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
+        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
+        <property name="contentType" value="text/html"/>
+        <property name="prefix" value="/"/>
+        <property name="suffix" value=".jsp"/>
+    </bean>
+
+</beans>

shiro-example-chapter23-app1/src/main/webapp/WEB-INF/web.xml

@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app
+        xmlns="http://java.sun.com/xml/ns/javaee"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+        version="3.0"
+        metadata-complete="false">
+
+    <!-- Spring配置文件开始  -->
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>
+            classpath:client/spring-client.xml
+        </param-value>
+    </context-param>
+    <listener>
+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+    </listener>
+    <!-- Spring配置文件结束 -->
+
+    <!-- shiro 安全过滤器 -->
+    <!-- The filter-name matches name of a 'shiroFilter' bean inside applicationContext.xml -->
+    <filter>
+        <filter-name>shiroFilter</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+        <async-supported>true</async-supported>
+        <init-param>
+            <param-name>targetFilterLifecycle</param-name>
+            <param-value>true</param-value>
+        </init-param>
+    </filter>
+
+    <!-- Make sure any request you want accessible to Shiro is filtered. /* catches all -->
+    <!-- requests.  Usually this filter mapping is defined first (before all others) to -->
+    <!-- ensure that Shiro works in subsequent filters in the filter chain:             -->
+    <filter-mapping>
+        <filter-name>shiroFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <servlet>
+        <servlet-name>spring</servlet-name>
+        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+        <init-param>
+            <param-name>contextConfigLocation</param-name>
+            <param-value>classpath:spring-mvc.xml</param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+        <async-supported>true</async-supported>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>spring</servlet-name>
+        <url-pattern>/</url-pattern>
+    </servlet-mapping>
+
+
+</web-app>

shiro-example-chapter23-app1/src/main/webapp/success.jsp

@@ -0,0 +1,38 @@
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<%@taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
+<html>
+<body>
+    hello app1.<br/>
+
+    <shiro:guest>
+        <a href="${pageContext.request.contextPath}/login?backurl=${pageContext.request.contextPath}">点击登录</a>
+    </shiro:guest>
+
+    <shiro:authenticated>
+        欢迎<shiro:principal/>登录<br/>
+        <shiro:hasRole name="role1">
+            您拥有role1角色<br/>
+        </shiro:hasRole>
+        <shiro:lacksRole name="role1">
+            您没有role1角色<br/>
+        </shiro:lacksRole>
+        <shiro:lacksRole name="role2">
+            您没有role2角色<br/>
+        </shiro:lacksRole>
+
+        <h2>设置会话属性</h2>
+        <form action="${pageContext.request.contextPath}/attr" method="post">
+            键：<input type="text" name="key">
+            值：<input type="text" name="value">
+            <input type="submit" value="设置会话属性">
+        </form>
+        <h2>获取会话属性</h2>
+        <form action="${pageContext.request.contextPath}/attr" method="get">
+            键：<input type="text" name="key">
+            值：<input type="text" value="${value}">
+            <input type="submit" value="获取会话属性">
+        </form>
+    </shiro:authenticated>
+
+</body>
+</html>

shiro-example-chapter23-app1/src/main/webapp/unauthorized.jsp

@@ -0,0 +1,11 @@
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<html>
+<head>
+    <title>没有权限</title>
+    <style>.error{color:red;}</style>
+</head>
+<body>
+
+<div class="error">您没有权限[${exception.message}]</div>
+</body>
+</html>

shiro-example-chapter23-app2/pom.xml

@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>shiro-example-chapter23-pom</artifactId>
+        <groupId>com.github.zhangkaitao</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>shiro-example-chapter23-app2</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.github.zhangkaitao</groupId>
+            <artifactId>shiro-example-chapter23-client</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <finalName>chapter23-app2</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.mortbay.jetty</groupId>
+                <artifactId>jetty-maven-plugin</artifactId>
+                <version>8.1.8.v20121106</version>
+                <configuration>
+                    <webAppConfig>
+                        <contextPath>/${project.build.finalName}</contextPath>
+                    </webAppConfig>
+                    <connectors>
+                        <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
+                            <port>10080</port>
+                            <maxIdleTime>60000</maxIdleTime>
+                        </connector>
+                    </connectors>
+                </configuration>
+            </plugin>
+
+
+            <plugin>
+                <groupId>org.apache.tomcat.maven</groupId>
+                <artifactId>tomcat7-maven-plugin</artifactId>
+                <version>2.2</version>
+                <configuration>
+                    <path>/${project.build.finalName}</path>
+                    <httpPort>10080</httpPort>
+                </configuration>
+
+            </plugin>
+        </plugins>
+
+
+    </build>
+</project>