Explain in detail the Shiro permission management and database design of spring integration

Java

In the previous article, we completed the construction of the basic framework. Now basically all background systems can't escape permission management, which is a just need. Now let's integrate Shiro to achieve granular permission management, that is, to verify permissions from the connection menu to the page function buttons, from the display and hiding of front-end buttons to the permission verification of specific function methods in the background.

First, we should design our database. First, let's look at a rough database design diagram:

Specific database design code

Let's start integrating Shiro according to the previous framework

First, in POM XML to add Shiro support, first declare the version to be poured in the properties:

Then add dependency:

The following is the configuration of Shiro and spring configuration, which are placed in the same level directory spring Shiro xml:

above

/static/** = anon,/login. jsp = anon... Those equal to anon do not need permission verification by default. Our login, registration and static resources do not need permission verification.

Configuration of permission cache (if cache is not used, access the database and query permissions for each request) ehcache-shiro.xml:

User defined filter class sysuserfilter:

Permission authentication class shirosecurityrealm:

On the web XML join:

Add login with permission to the login method (construction method parameters: login account, login password, remember me):

The database is also designed, and what should be integrated is also integrated. How to realize it? Let's talk about it a little first. Wait for the next article in detail:

JSP page import page instruction:

Judgment of adding Shiro label on the button to be verified:

${ROLE_KEY}:role:role_ Add means:

${role_key} role

A role is a menu (page)

role_ Add refers to the function

The combination is whether the current role has a role in the role menu (page)_ Add new functions, if any, will be displayed. If not, this button will not be displayed.

Validate in background method:

Add code to the corresponding method:

If you fail to pass checkpermission, you will directly return an error and do not execute the following code.

Entity base class baseentity:

User entity sysuser:

Role entity sysrole:

Project structure diagram:

Source address: Spring Shiro_ jb51. rar

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>