使用mybatis-plus结合熟悉shiro、ehcache的使用。
配置文件文件如下:
web.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.xh.mybatis.plus.shiro</groupId>
<artifactId>spring-mybatis-plus-shiro</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>spring-mybatis-plus-shiro Maven Webapp</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>utf-8</project.build.sourceEncoding>
<spring.version>4.3.13.RELEASE</spring.version>
<mysql.version>5.1.40</mysql.version>
<druid.version>1.0.27</druid.version>
<junit.version>4.12</junit.version>
<fastjson.version>1.2.46</fastjson.version>
<log4j.version>1.2.17</log4j.version>
<slf4j.version>1.7.25</slf4j.version>
<mybatis.version>3.4.5</mybatis.version>
<servlet.version>3.1.0</servlet.version>
<shiro.version>1.4.0</shiro.version>
<mybatis.spring.version>1.3.1</mybatis.spring.version>
<ehcache.version>2.6.11</ehcache.version>
<jackson.version>2.9.0</jackson.version>
<mybaitsplus.version>2.0.8</mybaitsplus.version>
</properties>
<dependencies>
<!-- 通用包 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.6</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<!-- spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- mysql驱动包 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.version}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>${druid.version}</version>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus</artifactId>
<version>${mybaitsplus.version}</version>
</dependency>
<!-- junit -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
<!-- fastjson -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>${fastjson.version}</version>
</dependency>
<!--日志 start -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${slf4j.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>${slf4j.version}</version>
<scope>test</scope>
</dependency>
<!--Mybatis核心包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!--Mybatis与spring整合包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>${mybatis.spring.version}</version>
</dependency>
<!-- servlet 如果用不到jsp个人认为没必要引用 -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>${servlet.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>2.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- shiro -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
<!-- ehcache -->
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache-core</artifactId>
<version>${ehcache.version}</version>
</dependency>
<!-- jackson begin -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
</dependencies>
<build>
<finalName>spring-mybatis-plus-shiro</finalName>
</build>
</project>
spring-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd"
default-autowire="byName">
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:config/*.properties</value>
</list>
</property>
</bean>
<!-- aspectj aop启用CGliB代理 -->
<aop:aspectj-autoproxy expose-proxy="true" proxy-target-class="true"/>
<context:annotation-config></context:annotation-config>
<!-- 扫描service -->
<context:component-scan base-package="com.xh.mybatis.plus.shiro.service"></context:component-scan>
<import resource="classpath:spring/spring-mybatis.xml"/>
<import resource="classpath:spring/spring-ehcache.xml"/>
<import resource="classpath:spring/spring-shiro.xml"/>
</beans>
spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd">
<mvc:annotation-driven />
<!-- aspectj aop启用CGliB代理 -->
<aop:aspectj-autoproxy expose-proxy="true" proxy-target-class="true" />
<context:component-scan base-package="com.xh.mybatis.plus.shiro.controller;com.xh.mybatis.plus.shiro.commons.scan" />
<!-- 配置结果页面 前缀和后缀 -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
<property name="prefix" value="/WEB-INF/views/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<!-- 配置哪些是静态资源,缺省Servlet 直接返回 -->
<mvc:resources mapping="/static/**" location="/static/"/>
<mvc:annotation-driven>
<mvc:message-converters register-defaults="false">
<!-- 将StringHttpMessageConverter的默认编码设为UTF-8 -->
<bean class="org.springframework.http.converter.StringHttpMessageConverter">
<constructor-arg value="UTF-8" />
</bean>
<ref bean="jacksonMessageConverter" />
</mvc:message-converters>
</mvc:annotation-driven>
<bean id="jacksonMessageConverter" class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="supportedMediaTypes">
<list>
<value>text/html;charset=UTF-8</value>
<value>application/json;charset=UTF-8</value>
</list>
</property>
</bean>
<!-- 启用shrio 控制器授权注解拦截方式 -->
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!-- AOP式方法级权限检查 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true" />
</bean>
</beans>
spring-mybatis.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd">
<!-- 1、配置数据源 -->
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
<!-- 基本属性 url、user、password -->
<property name="url" value="${db.master.url}" />
<property name="username" value="${db.master.user}" />
<property name="password" value="${db.master.password}" />
<!-- 配置初始化大小、最小、最大 -->
<property name="initialSize" value="5" />
<property name="minIdle" value="10" />
<property name="maxActive" value="100" />
<!-- 配置获取连接等待超时的时间 -->
<property name="maxWait" value="60000" />
<!-- 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒 -->
<property name="timeBetweenEvictionRunsMillis" value="60000" />
<!-- 配置一个连接在池中最小生存的时间,单位是毫秒 -->
<property name="minEvictableIdleTimeMillis" value="300000" />
<property name="validationQuery" value="SELECT 'x'" />
<property name="testOnBorrow" value="true" />
<property name="testOnReturn" value="true" />
<property name="testWhileIdle" value="true" />
<property name="removeAbandoned" value="true" />
<property name="removeAbandonedTimeout" value="1800" />
<property name="logAbandoned" value="true" />
<!-- 配置监控统计拦截的filters -->
<!-- <property name="filters" value="mergeStat,wall,log4j2" /> -->
</bean>
<!-- 2、Spring整合Mybatis 必须配置的项 1 、配置 SqlSessionFactory 实例 -->
<bean id="sqlSessionFactory" class="com.baomidou.mybatisplus.spring.MybatisSqlSessionFactoryBean">
<!-- 注入数据源 -->
<property name="dataSource" ref="dataSource"></property>
<!-- 自动扫描Mapping.xml文件 -->
<property name="mapperLocations" value="classpath:mybatis/mapper/*.xml"></property>
<!-- 扫描 entity 包,这样在 mapper 中就可以使用简单类名,多个用 ; 隔开 -->
<property name="typeAliasesPackage" value="com.xh.mybatis.plus.shiro.model"></property>
<!-- 配置 MyBatis 全局配置文件(可省略) -->
<property name="configLocation" value="classpath:mybatis/mybatis-config.xml"></property>
<!-- 插件配置,例如:分页插件(可省略) -->
<property name="plugins">
<array>
<bean id="paginationInterceptor" class="com.baomidou.mybatisplus.plugins.PaginationInterceptor">
<property name="dialectType" value="mysql"></property>
<property name="optimizeType" value="aliDruid" />
</bean>
</array>
</property>
</bean>
<!-- 3、MyBatis动态实现, 扫描DAO层,必须配置的项 2,可以不配置 id -->
<bean id="mapperScannerConfigurer" class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<!-- 指定要被扫描的 Dao接口 -->
<property name="basePackage" value="com.xh.mybatis.plus.shiro.dao"></property>
</bean>
<!-- 4、事务管理 -->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"></property>
</bean>
<!-- 5、事务注解 -->
<tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true" />
<!-- 6、事务管理 属性 -->
<tx:advice id="transactionAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="select*" propagation="REQUIRED" read-only="true" />
<tx:method name="delete*" propagation="REQUIRED" rollback-for="Exception" />
<tx:method name="update*" propagation="REQUIRED" rollback-for="Exception" />
<tx:method name="insert*" propagation="REQUIRED" rollback-for="Exception" />
<tx:method name="*" propagation="REQUIRED" />
</tx:attributes>
</tx:advice>
<!-- 7、配置切面 -->
<aop:config expose-proxy="true" proxy-target-class="true">
<aop:advisor advice-ref="transactionAdvice" pointcut="execution(* com.xh.mybatis.plus.shiro.service..*.*(..))" />
</aop:config>
</beans>
spring-shiro.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd" default-lazy-init="true">
<description>Shiro安全配置</description>
<!--安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!--设置自定义Realm -->
<property name="realm" ref="shiroDbRealm"></property>
<!--将缓存管理器,交给安全管理器 -->
<property name="cacheManager" ref="shiroSpringCacheManager"></property>
<!-- 记住密码管理 -->
<property name="rememberMeManager" ref="rememberMeManager"></property>
<!-- 会话管理器 -->
<property name="sessionManager" ref="sessionManager"></property>
</bean>
<!-- 自定义一个 Realm -->
<bean id="shiroDbRealm" class="com.xh.mybatis.plus.shiro.commons.shiro.ShiroDbRealm">
<!-- 自定义配置,constructor-arg:通过构造函数注入。( 在ShiroDbRealm的构造方法里) -->
<!-- 用户授权信息Cache, 采用spring-cache -->
<constructor-arg index="0" name="cacheManager" ref="shiroSpringCacheManager" />
<!-- 密码错误5次锁定半小时 -->
<constructor-arg index="1" name="matcher" ref="retryLimitCredentialsMatcher" />
<!-- 启用身份验证缓存,即缓存AuthenticationInfo信息,默认false -->
<property name="authenticationCachingEnabled" value="true"></property>
<!-- 指定认证缓存的名字(与 ehcache.xml 中声明的相同) -->
<property name="authenticationCacheName" value="authenticationCache"></property>
<!-- 开启授权缓存,即缓存AuthorizationInfo信息,默认false -->
<property name="authorizationCachingEnabled" value="true"></property>
<!-- 指定授权缓存的名字(与 ehcache.xml 中声明的相同) -->
<property name="authorizationCacheName" value="authorizationCache"></property>
</bean>
<!-- 密码错误5次锁定半小时 -->
<bean id="retryLimitCredentialsMatcher" class="com.xh.mybatis.plus.shiro.commons.shiro.RetryLimitCredentialsMatcher">
<!-- 用户授权信息Cache, 采用spring-cache -->
<constructor-arg ref="shiroSpringCacheManager"></constructor-arg>
<!-- 调用ehcache.xml文件里的cacheName -->
<property name="retryLimitCacheName" value="halfHour"></property>
<property name="passwordHash" ref="passwordHash" />
</bean>
<!-- shiro密码加密配置 -->
<bean id="passwordHash" class="com.xh.mybatis.plus.shiro.commons.shiro.PasswordHash">
<!-- 密码加密 1次md5,增强密码可修改此处 -->
<property name="algorithmName" value="md5" />
<!-- 默认值是1,可省略 -->
<property name="hashIterations" value="1" />
</bean>
<!-- 用户授权信息Cache, 采用spring-cache, 具体请查看spring-ehcache.xml、spring-redis.xml -->
<!-- 疑问:ShiroSpringCacheManager是做什么用的,程序运行的时候用不用 -->
<bean id="shiroSpringCacheManager" class="com.xh.mybatis.plus.shiro.commons.cache.ShiroSpringCacheManager">
<!-- cacheManager在spring-ehcache.xml、spring-redis.xml里能找到 -->
<property name="cacheManager" ref="cacheManager"></property>
</bean>
<!-- rememberMe管理器,cipherKey生成见{@code Base64Test.java} -->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位) -->
<property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('5aaC5qKm5oqA5pyvAAAAAA==')}"></property>
<!-- 记住密码Cookie -->
<property name="cookie" ref="rememberMeCookie"></property>
</bean>
<!-- 记住密码Cookie -->
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<!-- 疑问:rememberMe这个在这里是做什么的? -->
<constructor-arg value="rememberMe"></constructor-arg>
<property name="httpOnly" value="true"></property>
<!-- 7天,采用spring el计算方便修改[细节决定成败]! -->
<property name="maxAge" value="#{7 * 24 * 60 * 60}"></property>
</bean>
<!-- 会话管理器 -->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<!-- 相隔多久检查一次session的有效性 -->
<property name="sessionValidationInterval" value="#{30 * 60 * 1000}" />
<!-- 设置全局会话超时时间 半小时,session 有效时间为半小时 (毫秒单位) -->
<property name="globalSessionTimeout" value="#{30 * 60 * 1000}"></property>
<!-- 是否开启 检测,默认开启 -->
<property name="sessionValidationSchedulerEnabled" value="true" />
<!-- 是否删除无效的,默认也是开启 -->
<property name="deleteInvalidSessions" value="true" />
<!-- url上带sessionId 默认为true -->
<property name="sessionIdUrlRewritingEnabled" value="false"></property>
<property name="sessionDAO" ref="sessionDAO" />
</bean>
<!-- 会话DAO 用于会话的CRUD -->
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<!-- Session缓存名字,默认就是shiro-activeSessionCache -->
<property name="activeSessionsCacheName" value="activeSessionCache" />
<!-- 用户授权信息Cache, 采用spring-cache -->
<property name="cacheManager" ref="shiroSpringCacheManager" />
</bean>
<!-- Shiro Filter -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 安全管理器 -->
<property name="securityManager" ref="securityManager"></property>
<!-- 默认的登陆访问url -->
<property name="loginUrl" value="/login"></property>
<!-- 登陆成功后跳转的url -->
<property name="successUrl" value="/index"></property>
<!-- 没有权限跳转的url -->
<property name="unauthorizedUrl" value="/unauth"></property>
<property name="filterChainDefinitions">
<value>
<!-- anon 不需要认证; authc 需要认证; user 验证通过或RememberMe登录的都可以 -->
/captcha.jpg = anon
/commons/** = anon
/static/** = anon
/webhooks = anon
/login = anon
/** = user
</value>
</property>
<property name="filters">
<map>
<entry key="user" value-ref="ajaxSessionFilter" />
</map>
</property>
</bean>
<!-- ajax session超时时处理 -->
<bean id="ajaxSessionFilter" class="com.xh.mybatis.plus.shiro.commons.shiro.ShiroAjaxSessionFilter" />
<!-- 在方法中 注入 securityManager ,进行代理控制 -->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"></property>
<property name="arguments" ref="securityManager"></property>
</bean>
</beans>
此处省略了JAVA的代码实现,可以参考以下源码:点击打开链接