├── README.md ├── grid.iml ├── pom.xml └── src └── main ├── java ├── controller │ └── UserController.java ├── dao │ └── UserMapper.java ├── exception │ ├── MyException.java │ └── MyHandlerExceptionResolver.java ├── model │ ├── ResponseData.java │ └── User.java ├── service │ ├── UserService.java │ └── impl │ │ └── UserServiceImpl.java ├── shiro │ ├── MyStatelessRealm.java │ └── MyStatelessShiroFilter.java └── util │ └── JwtUtil.java ├── resources ├── UserMapper.xml ├── log4j.properties ├── spring-mybatis.xml └── springmvc-servlet.xml ├── test ├── JWTTest.java └── UserCRUDTest.java └── webapp ├── WEB-INF └── web.xml └── index.html /README.md: -------------------------------------------------------------------------------- 1 | # SSM-Shiro-JWT 2 | SSM+Shiro+JWT进行无状态认证 3 | 4 | --禁用session 5 | 6 | --重写Realm的认证和授权 7 | 8 | --重写Filter，使用请求头获取JWT 9 | 10 | --JWT生成及验证解析工具 11 | 12 | -------------------------------------------------------------------------------- /grid.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 4.0.0 6 | 7 | com.yzsbank 8 | grid 9 | 1.0-SNAPSHOT 10 | war 11 | 12 | grid Maven Webapp 13 | 14 | http://www.example.com 15 | 16 | 17 | UTF-8 18 | 1.7 19 | 1.7 20 | 21 | 4.1.7.RELEASE 22 | 23 | 1.4.0 24 | 25 | 26 | 27 | 28 | 29 | org.springframework.security 30 | spring-security-web 31 | 5.0.7.RELEASE 32 | 33 | 34 | org.springframework.security 35 | spring-security-config 36 | 5.0.7.RELEASE 37 | 38 | 39 | 40 | io.jsonwebtoken 41 | jjwt 42 | 0.9.0 43 | 44 | 45 | com.auth0 46 | java-jwt 47 | 2.2.0 48 | 49 | 50 | 51 | com.baidu.aip 52 | java-sdk 53 | 4.5.0 54 | 55 | 56 | 57 | org.mybatis.generator 58 | mybatis-generator-core 59 | 1.3.5 60 | 61 | 62 | 63 | javax.servlet 64 | javax.servlet-api 65 | 3.1.0 66 | 67 | 68 | 69 | org.apache.shiro 70 | shiro-core 71 | ${shiro.version} 72 | 73 | 74 | org.apache.shiro 75 | shiro-ehcache 76 | ${shiro.version} 77 | 78 | 79 | org.apache.shiro 80 | shiro-web 81 | ${shiro.version} 82 | 83 | 84 | org.apache.shiro 85 | shiro-spring 86 | ${shiro.version} 87 | 88 | 89 | 90 | org.slf4j 91 | slf4j-log4j12 92 | 1.7.2 93 | 94 | 95 | 96 | com.alibaba 97 | fastjson 98 | 1.1.41 99 | 100 | 101 | org.json 102 | json 103 | 20180130 104 | 105 | 106 | 107 | 108 | org.springframework 109 | spring-core 110 | ${spring.version} 111 | 112 | 113 | 114 | org.springframework 115 | spring-jdbc 116 | ${spring.version} 117 | 118 | 119 | org.springframework 120 | spring-beans 121 | ${spring.version} 122 | 123 | 124 | org.springframework 125 | spring-context 126 | ${spring.version} 127 | 128 | 129 | org.springframework 130 | spring-context-support 131 | ${spring.version} 132 | 133 | 134 | org.springframework 135 | spring-web 136 | ${spring.version} 137 | 138 | 139 | org.springframework 140 | spring-webmvc 141 | ${spring.version} 142 | 143 | 144 | org.springframework 145 | spring-test 146 | ${spring.version} 147 | 148 | 149 | org.springframework 150 | spring-tx 151 | ${spring.version} 152 | 153 | 154 | org.springframework 155 | spring-aop 156 | ${spring.version} 157 | 158 | 159 | org.springframework 160 | spring-aspects 161 | ${spring.version} 162 | 163 | 164 | 165 | 166 | mysql 167 | mysql-connector-java 168 | 8.0.11 169 | 170 | 171 | 172 | org.mybatis 173 | mybatis 174 | 3.4.6 175 | 176 | 177 | 178 | 179 | org.mybatis 180 | mybatis-spring 181 | 1.3.0 182 | 183 | 184 | 185 | 186 | com.alibaba 187 | druid 188 | 1.1.1 189 | 190 | 191 | 192 | org.projectlombok 193 | lombok 194 | 1.18.2 195 | provided 196 | 197 | 198 | junit 199 | junit 200 | 4.11 201 | test 202 | 203 | 204 | 205 | 206 | grid 207 | 208 | 209 | 210 | maven-clean-plugin 211 | 3.0.0 212 | 213 | 214 | 215 | maven-resources-plugin 216 | 3.0.2 217 | 218 | 219 | maven-compiler-plugin 220 | 3.7.0 221 | 222 | 223 | maven-surefire-plugin 224 | 2.20.1 225 | 226 | 227 | maven-war-plugin 228 | 3.2.0 229 | 230 | 231 | maven-install-plugin 232 | 2.5.2 233 | 234 | 235 | maven-deploy-plugin 236 | 2.8.2 237 | 238 | 239 | 240 | 241 | 242 | -------------------------------------------------------------------------------- /src/main/java/controller/UserController.java: -------------------------------------------------------------------------------- 1 | package controller; 2 | 3 | import dao.UserMapper; 4 | import model.ResponseData; 5 | import model.User; 6 | import org.apache.shiro.SecurityUtils; 7 | import org.apache.shiro.authc.UsernamePasswordToken; 8 | import org.apache.shiro.authz.annotation.Logical; 9 | import org.apache.shiro.authz.annotation.RequiresRoles; 10 | import org.apache.shiro.subject.Subject; 11 | import org.slf4j.Logger; 12 | import org.slf4j.LoggerFactory; 13 | import org.springframework.web.bind.annotation.RequestMapping; 14 | import org.springframework.web.bind.annotation.RequestMethod; 15 | import org.springframework.web.bind.annotation.RestController; 16 | import util.JwtUtil; 17 | import javax.annotation.Resource; 18 | import javax.servlet.http.HttpServletRequest; 19 | import java.util.LinkedHashMap; 20 | import java.util.Map; 21 | 22 | @RestController 23 | @RequestMapping 24 | public class UserController { 25 | @Resource 26 | UserMapper userMapper; 27 | private Logger logger = LoggerFactory.getLogger(UserController.class); 28 | 29 | @RequestMapping(value = "/login",method = RequestMethod.GET) 30 | public ResponseData toLogin() { 31 | return new ResponseData().code(200).message("login page"); 32 | } 33 | 34 | @RequestMapping(value = "/login",method = RequestMethod.POST) 35 | public ResponseData login(String name, String password, HttpServletRequest request) { 36 | User user = userMapper.getUserByName(name); 37 | if (user == null ) { 38 | return new ResponseData().code(400).message("user not exists"); 39 | } 40 | if (!user.getPassword().equals(password)) { 41 | return new ResponseData().code(400).message("username or password is false"); 42 | } 43 | Map map = new LinkedHashMap<>(); 44 | map.put("username", user.getName()); 45 | map.put("role",user.getRole()); 46 | String jwt = JwtUtil.createToken(map); 47 | Subject subject = SecurityUtils.getSubject(); 48 | UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(jwt, jwt); 49 | try { 50 | subject.login(usernamePasswordToken); 51 | logger.info("登录成功"); 52 | return new ResponseData().success().data(jwt); 53 | }catch (Exception e) { 54 | return new ResponseData().fail(); 55 | } 56 | } 57 | 58 | @RequestMapping(value = "/user", method = RequestMethod.GET) 59 | public ResponseData toUser(HttpServletRequest request){ 60 | return new ResponseData().code(200).message("welcome to user"); 61 | } 62 | @RequestMapping(value = "/admin", method = RequestMethod.GET) 63 | public ResponseData tUser(HttpServletRequest request){ 64 | return new ResponseData().code(200).message(request.getHeader("token")); 65 | } 66 | 67 | @RequestMapping(value = "/pre", method = RequestMethod.GET) 68 | @RequiresRoles("admin") 69 | public ResponseData toP(){ 70 | return new ResponseData().code(200).message("welcome to president"); 71 | } 72 | 73 | @RequestMapping(value = "/unauthorized", method = RequestMethod.GET) 74 | public ResponseData unAu(){ 75 | return new ResponseData().unauthorized(); 76 | } 77 | 78 | } 79 | -------------------------------------------------------------------------------- /src/main/java/dao/UserMapper.java: -------------------------------------------------------------------------------- 1 | package dao; 2 | 3 | import model.User; 4 | import org.springframework.stereotype.Repository; 5 | 6 | @Repository 7 | public interface UserMapper { 8 | int saveUser(User user); 9 | int deleteUserById(Integer id); 10 | int updateUser(User user); 11 | User getUserById(Integer id); 12 | User getUserByName(String name); 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/exception/MyException.java: -------------------------------------------------------------------------------- 1 | package exception; 2 | 3 | /** 4 | * 自定义异常 5 | */ 6 | public class MyException extends RuntimeException{ 7 | //异常信息 8 | private String message; 9 | //构造器 10 | public MyException(String message){ 11 | super(message); 12 | this.message=message; 13 | } 14 | @Override 15 | public String getMessage() { 16 | return message; 17 | } 18 | public void setMessage(String message) { 19 | this.message = message; 20 | } 21 | 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/exception/MyHandlerExceptionResolver.java: -------------------------------------------------------------------------------- 1 | package exception; 2 | 3 | import org.springframework.web.servlet.HandlerExceptionResolver; 4 | import org.springframework.web.servlet.ModelAndView; 5 | 6 | import javax.servlet.http.HttpServletRequest; 7 | import javax.servlet.http.HttpServletResponse; 8 | 9 | public class MyHandlerExceptionResolver implements HandlerExceptionResolver { 10 | @Override 11 | public ModelAndView resolveException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) { 12 | MyException myException = null; 13 | if (e instanceof MyException) { 14 | myException = (MyException) e; 15 | } else {//如果该异常类型不是系统自定义的异常，构造一个自定义的异常类型（信息为“未知错误”） 16 | myException = new MyException("未知错误"); 17 | } 18 | return null; 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/model/ResponseData.java: -------------------------------------------------------------------------------- 1 | package model; 2 | 3 | import java.util.LinkedHashMap; 4 | 5 | /** 6 | * 用来返回controller层请求的结果 7 | * 默认为三个返回项：code,message,data 8 | * 如果有其他更多返回项，使用result方法拼接 9 | */ 10 | public class ResponseData extends LinkedHashMap { 11 | 12 | public ResponseData result(String key, Object value) { 13 | this.put(key, value); 14 | return this; 15 | } 16 | 17 | public ResponseData success(){ 18 | this.put("code",200); 19 | this.put("message", "success"); 20 | return this; 21 | } 22 | 23 | public ResponseData fail(){ 24 | this.put("code",400); 25 | this.put("message", "fail"); 26 | return this; 27 | } 28 | 29 | public ResponseData unauthorized(){ 30 | this.put("code",401); 31 | this.put("message", "the current user is unauthorized"); 32 | return this; 33 | } 34 | 35 | public ResponseData code(int code) { 36 | return result("code",code); 37 | } 38 | 39 | public ResponseData message(String message) { 40 | return result("message", message); 41 | } 42 | 43 | public ResponseData data(Object data) { 44 | return result("data", data); 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /src/main/java/model/User.java: -------------------------------------------------------------------------------- 1 | package model; 2 | 3 | import lombok.Getter; 4 | import lombok.Setter; 5 | import lombok.ToString; 6 | 7 | import java.io.Serializable; 8 | 9 | @Setter 10 | @Getter 11 | @ToString 12 | public class User implements Serializable { 13 | private static final long serialVersionUID = 6195354622397742664L; 14 | private Integer id; 15 | private String name; 16 | private String password; 17 | //user,admin,president 18 | private String role; 19 | private String permissions; 20 | private String phone; 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/service/UserService.java: -------------------------------------------------------------------------------- 1 | package service; 2 | 3 | import model.User; 4 | 5 | public interface UserService { 6 | boolean saveUser(User user) throws Exception; 7 | boolean deleteUserById(Integer id) throws Exception; 8 | boolean updateUser(User user) throws Exception; 9 | User getUserById(Integer id) throws Exception; 10 | User getUserByName(String name) throws Exception; 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/service/impl/UserServiceImpl.java: -------------------------------------------------------------------------------- 1 | package service.impl; 2 | 3 | import dao.UserMapper; 4 | import model.User; 5 | import org.springframework.stereotype.Service; 6 | import service.UserService; 7 | 8 | import javax.annotation.Resource; 9 | 10 | @Service 11 | public class UserServiceImpl implements UserService { 12 | @Resource 13 | UserMapper userMapper; 14 | 15 | @Override 16 | public boolean saveUser(User user) throws Exception { 17 | return userMapper.saveUser(user) == 1; 18 | } 19 | 20 | @Override 21 | public boolean deleteUserById(Integer id) throws Exception { 22 | return userMapper.deleteUserById(id) == 1; 23 | } 24 | 25 | @Override 26 | public boolean updateUser(User user) throws Exception { 27 | return userMapper.updateUser(user) == 1; 28 | } 29 | 30 | @Override 31 | public User getUserById(Integer id) throws Exception { 32 | return userMapper.getUserById(id); 33 | } 34 | 35 | @Override 36 | public User getUserByName(String name) throws Exception { 37 | return userMapper.getUserByName(name); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /src/main/java/shiro/MyStatelessRealm.java: -------------------------------------------------------------------------------- 1 | package shiro; 2 | 3 | import org.apache.shiro.authc.*; 4 | import org.apache.shiro.authz.AuthorizationInfo; 5 | import org.apache.shiro.authz.SimpleAuthorizationInfo; 6 | import org.apache.shiro.realm.AuthorizingRealm; 7 | import org.apache.shiro.subject.PrincipalCollection; 8 | import org.slf4j.Logger; 9 | import org.slf4j.LoggerFactory; 10 | import util.JwtUtil; 11 | 12 | public class MyStatelessRealm extends AuthorizingRealm { 13 | 14 | Logger logger = LoggerFactory.getLogger(MyStatelessRealm.class); 15 | 16 | public boolean supports(AuthenticationToken token) { 17 | return token instanceof UsernamePasswordToken; 18 | } 19 | /** 20 | * Realm授权 21 | * @param principals 22 | * @return 23 | */ 24 | @Override 25 | protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { 26 | logger.info("授权开始"); 27 | String jwt = (String) principals.getPrimaryPrincipal(); 28 | if (JwtUtil.verifyToken(jwt)) { 29 | String role = (String) JwtUtil.parseToken(jwt).get("role"); 30 | SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); 31 | simpleAuthorizationInfo.addRole(role); 32 | logger.info("授权成功"); 33 | return simpleAuthorizationInfo; 34 | } 35 | logger.info("授权失败"); 36 | return null; 37 | } 38 | 39 | /** 40 | * Realm登录认证 41 | * @param token 42 | * @return 43 | * @throws AuthenticationException 44 | */ 45 | @Override 46 | protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { 47 | UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; 48 | String jwt = (String) usernamePasswordToken.getPrincipal(); 49 | if (JwtUtil.verifyToken(jwt)) { 50 | return new SimpleAuthenticationInfo(jwt, jwt ,getName()); 51 | } 52 | return null; 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /src/main/java/shiro/MyStatelessShiroFilter.java: -------------------------------------------------------------------------------- 1 | package shiro; 2 | 3 | import org.apache.shiro.authc.UsernamePasswordToken; 4 | import org.apache.shiro.web.filter.AccessControlFilter; 5 | import org.apache.shiro.web.util.WebUtils; 6 | import org.slf4j.Logger; 7 | import org.slf4j.LoggerFactory; 8 | import util.JwtUtil; 9 | import javax.servlet.ServletRequest; 10 | import javax.servlet.ServletResponse; 11 | import javax.servlet.http.HttpServletRequest; 12 | import java.io.IOException; 13 | 14 | public class MyStatelessShiroFilter extends AccessControlFilter { 15 | private Logger logger = LoggerFactory.getLogger(MyStatelessShiroFilter.class); 16 | /** 17 | *返回false 18 | * @param servletRequest 19 | * @param servletResponse 20 | * @param o 21 | * @return 返回结果是false的时候才会执行下面的onAccessDenied方法 22 | * @throws Exception 23 | */ 24 | @Override 25 | protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception { 26 | logger.info("is access allowed"); 27 | return false; 28 | } 29 | 30 | /** 31 | * 从请求头获取token并验证，验证通过后交给realm进行登录 32 | * @param servletRequest 33 | * @param servletResponse 34 | * @return 返回结果为true时，表明登录认证通过，执行controller层 35 | * @throws Exception 36 | */ 37 | @Override 38 | protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception { 39 | logger.info("on access denied"); 40 | HttpServletRequest request = (HttpServletRequest) servletRequest; 41 | String jwt = request.getHeader("Authorization"); 42 | if (JwtUtil.verifyToken(jwt)) { 43 | UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(jwt, jwt); 44 | try { 45 | //委托realm进行登录认证 46 | getSubject(servletRequest, servletResponse).login(usernamePasswordToken); 47 | return true; 48 | }catch (Exception e) { 49 | return false; 50 | } 51 | } 52 | redirectToLogin(servletRequest,servletResponse); 53 | return false; 54 | } 55 | 56 | /** 57 | * 重定向到登录页 58 | * @param request 59 | * @param response 60 | * @throws IOException 61 | */ 62 | @Override 63 | protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { 64 | logger.info("redirectToLogin"); 65 | WebUtils.issueRedirect(request, response, "/login"); 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /src/main/java/util/JwtUtil.java: -------------------------------------------------------------------------------- 1 | package util; 2 | 3 | import io.jsonwebtoken.Claims; 4 | import io.jsonwebtoken.JwtBuilder; 5 | import io.jsonwebtoken.Jwts; 6 | import io.jsonwebtoken.SignatureAlgorithm; 7 | import javax.crypto.spec.SecretKeySpec; 8 | import javax.xml.bind.DatatypeConverter; 9 | import java.security.Key; 10 | import java.util.Date; 11 | import java.util.Map; 12 | 13 | /** 14 | * 用来生成token令牌和解码验证token令牌 15 | * JWT由三部分组成，头部header、载荷payload与签名signature 16 | */ 17 | public class JwtUtil { 18 | private static final String SIGNING_KEY ="www.yzsbank.com" ; //自定义加密密钥SIGNING_KEY 19 | private static byte[] signingSecretBytes = DatatypeConverter.parseBase64Binary(SIGNING_KEY); //转换成Base64编码 20 | private static final long EXP = 60*60*1000; //有效期为60分钟 21 | 22 | /** 23 | * 生成token，默认60分钟 24 | * @param payload 载荷 25 | * @return token 26 | */ 27 | public static String createToken(Map payload) { //默认有效期为60分钟 28 | return createToken(payload,EXP); 29 | } 30 | 31 | /** 32 | * 生成token 33 | * @param payload 载荷 34 | * @param exp 有效时长 35 | * @return token 36 | */ 37 | public static String createToken(Map payload, long exp){ 38 | //签名算法使用SHA256算法加密 39 | SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; 40 | //加密JWT 41 | Key signingKey = new SecretKeySpec(signingSecretBytes,signatureAlgorithm.getJcaName()); 42 | //设置JWT声明格式，生成JWT 43 | JwtBuilder jwtBuilder = Jwts.builder() 44 | .setHeaderParam("typ","jwt") 45 | .setHeaderParam("alg","HS256") 46 | .setClaims(payload) 47 | .setExpiration(new Date(System.currentTimeMillis()+exp)) //token有效期 48 | .signWith(signatureAlgorithm,signingKey); //签名算法及签名密钥，将header与payload加密拼接后形成JWT 49 | return jwtBuilder.compact(); //返回JWT 50 | } 51 | 52 | /** 53 | * 解析token信息 54 | * @param token JWT信息 55 | * @return payload 56 | */ 57 | public static Claims parseToken(String token){ 58 | try { 59 | return Jwts.parser() 60 | .setSigningKey(signingSecretBytes) 61 | .parseClaimsJws(token).getBody(); 62 | }catch (Exception e) { 63 | return null; 64 | } 65 | } 66 | 67 | /** 68 | * 解析token信息 69 | * @param token JWT信息 70 | * @return payload 71 | */ 72 | public static boolean verifyToken(String token){ 73 | try { 74 | Jwts.parser() 75 | .setSigningKey(signingSecretBytes) 76 | .parseClaimsJws(token).getBody(); 77 | return true; 78 | }catch (Exception e) { 79 | return false; 80 | } 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /src/main/resources/UserMapper.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | select LAST_INSERT_ID(); 10 | 11 | insert into user (name, password) 12 | values(#{name},#{password}) 13 | 14 | 15 | 16 | 17 | delete from user where id = #{id} 18 | 19 | 20 | 21 | 22 | update user 23 | set name = #{name},password = #{password} 24 | where id = #{id} 25 | 26 | 27 | 28 | 31 | 32 | 33 | 36 | 37 | -------------------------------------------------------------------------------- /src/main/resources/log4j.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tobe27/SSM-Shiro-JWT/83d08c17a948bf5e0c7308efa898f08be5dff35e/src/main/resources/log4j.properties -------------------------------------------------------------------------------- /src/main/resources/spring-mybatis.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | classpath*:UserMapper.xml 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | /=anon 110 | /login=anon 111 | /unauthorized=anon 112 | /user/**=statelessAuth,roles[user] 113 | /admin/**=statelessAuth,roles[admin] 114 | /**=statelessAuth 115 | 116 | 117 | 118 | 119 | -------------------------------------------------------------------------------- /src/main/resources/springmvc-servlet.xml: -------------------------------------------------------------------------------- 1 | 2 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /src/main/test/JWTTest.java: -------------------------------------------------------------------------------- 1 | import com.alibaba.fastjson.JSON; 2 | import model.ResponseData; 3 | import model.User; 4 | import org.junit.Test; 5 | import util.JwtUtil; 6 | 7 | import java.util.ArrayList; 8 | import java.util.HashMap; 9 | import java.util.List; 10 | import java.util.Map; 11 | 12 | public class JWTTest { 13 | @Test 14 | public void jwt(){ 15 | Map map = new HashMap<>(); 16 | map.put("name", "name"); 17 | String token = JwtUtil.createToken(map,1000); 18 | System.out.println(token); 19 | System.out.println("************************"); 20 | System.out.println("************************"); 21 | System.out.println(JSON.toJSONString(JwtUtil.parseToken(token))); 22 | } 23 | 24 | @Test 25 | public void jwtTest(){ 26 | String token = ""; 27 | System.out.println(JSON.toJSONString(JwtUtil.parseToken(token))); 28 | System.out.println(JwtUtil.verifyToken(token)); 29 | } 30 | @Test 31 | public void match(){ 32 | String url = "/user"; 33 | String role = "userx"; 34 | System.out.println(url); 35 | System.out.println(url.indexOf(role)); 36 | } 37 | 38 | @Test 39 | public void resultmMapTest() { 40 | User user = new User(); 41 | user.setName("www"); 42 | user.setPassword("yzs"); 43 | user.setRole("com"); 44 | User user1 = new User(); 45 | user1.setName("www"); 46 | user1.setPassword("yzs"); 47 | user1.setRole("com"); 48 | List list = new ArrayList(); 49 | list.add(user); 50 | list.add(user1); 51 | ResponseData responseData = new ResponseData(); 52 | System.out.println(JSON.toJSONString(responseData.code(200).message("success").data(list),true)); 53 | } 54 | 55 | } 56 | -------------------------------------------------------------------------------- /src/main/test/UserCRUDTest.java: -------------------------------------------------------------------------------- 1 | 2 | import dao.UserMapper; 3 | import model.User; 4 | import org.apache.log4j.Logger; 5 | import org.junit.Test; 6 | import org.junit.runner.RunWith; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.test.context.ContextConfiguration; 9 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 10 | 11 | @RunWith(SpringJUnit4ClassRunner.class) 12 | @ContextConfiguration("/spring-mybatis.xml") 13 | public class UserCRUDTest { 14 | @Autowired 15 | UserMapper userDao; 16 | 17 | private Logger log = Logger.getLogger(UserCRUDTest.class); 18 | 19 | 20 | @Test 21 | public void save(){ 22 | User user = new User(); 23 | user.setName("yanxi"); 24 | user.setPassword("gonglue"); 25 | System.out.println(userDao.saveUser(user)==1); 26 | System.out.println(System.currentTimeMillis()); 27 | log.info("6666"); 28 | } 29 | 30 | @Test 31 | public void delete(){ 32 | System.out.println(userDao.deleteUserById(1)==1); 33 | } 34 | 35 | @Test 36 | public void update(){ 37 | User user = new User(); 38 | user.setId(2); 39 | user.setName("杜甫"); 40 | user.setPassword("123456"); 41 | userDao.updateUser(user); 42 | } 43 | 44 | @Test 45 | public void get(){ 46 | System.out.println(userDao.getUserById(1)); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /src/main/webapp/WEB-INF/web.xml: -------------------------------------------------------------------------------- 1 | 2 | 8 | 9 | Archetype Created Web Application 10 | 11 | 12 | index.html 13 | 14 | 15 | 16 | 17 | contextConfigLocation 18 | classpath:spring-mybatis.xml 19 | 20 | 21 | 22 | 23 | springmvc 24 | org.springframework.web.servlet.DispatcherServlet 25 | 26 | 27 | contextConfigLocation 28 | classpath*:springmvc-servlet.xml 29 | 30 | 31 | 1 32 | 33 | 34 | 35 | 36 | springmvc 37 | 38 | / 39 | 40 | 41 | 42 | 43 | encodingFilter 44 | org.springframework.web.filter.CharacterEncodingFilter 45 | 46 | encoding 47 | UTF-8 48 | 49 | 50 | 51 | encodingFilter 52 | /* 53 | 54 | 55 | 56 | shiroFilter 57 | org.springframework.web.filter.DelegatingFilterProxy 58 | 59 | targetFilterLifecycle 60 | true 61 | 62 | 63 | 64 | shiroFilter 65 | /* 66 | 67 | 68 | 69 | 70 | 71 | org.springframework.web.context.ContextLoaderListener 72 | 73 | 74 | 75 | 76 | org.springframework.web.util.IntrospectorCleanupListener 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /src/main/webapp/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |

Hello World!

4 | 5 | 6 | --------------------------------------------------------------------------------