mapper层
package com.java1234.dao;
import java.util.Set;
import com.java1234.entity.User;
public interface UserDao {
/**
* 通过用户名查询用户
* @param userName
* @return
*/
public User getByUserName(String userName);
/**
* 通过用户名查询角色信息
* @param userName
* @return
*/
public Set<String> getRoles(String userName);
/**
* 通过用户名查询权限信息
* @param userName
* @return
*/
public Set<String> getPermissions(String userName);
}-----------------------------------------------------------------------------------------------------------
UserMapper.xml
UserMapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<mapper namespace="com.java1234.dao.UserDao">
<resultMap type="User" id="UserResult">
<result property="id" column="id"/>
<result property="userName" column="userName"/>
<result property="password" column="password"/>
</resultMap>
<select id="getByUserName" parameterType="String" resultMap="UserResult">
select * from t_user where userName=#{userName}
</select>
<select id="getRoles" parameterType="String" resultType="String">
select r.roleName from t_user u,t_role r where u.roleId=r.id and u.userName=#{userName}
</select>
<select id="getPermissions" parameterType="String" resultType="String">
select p.permissionName from t_user u,t_role r,t_permission p where u.roleId=r.id and p.roleId=r.id and u.userName=#{userName}
</select>
</mapper>
--------------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------------
package com.java1234.service;
import java.util.Set;
import com.java1234.entity.User;
public interface UserService {
/**
* 通过用户名查询用户
* @param userName
* @return
*/
public User getByUserName(String userName);
/**
* 通过用户名查询角色信息
* @param userName
* @return
*/
public Set<String> getRoles(String userName);
/**
* 通过用户名查询权限信息
* @param userName
* @return
*/
public Set<String> getPermissions(String userName);
}
------------------------------------------------------------------------------------------------------------------------
UserServiceImpl------
UserServiceImpl------
@Service("userService")
public class UserServiceImpl implements UserService{
@Resource
private UserDao userDao;
public User getByUserName(String userName) {
return userDao.getByUserName(userName);
}
public Set<String> getRoles(String userName) {
return userDao.getRoles(userName);
}
public Set<String> getPermissions(String userName) {
return userDao.getPermissions(userName);
}
}------------------------------------------------------------------------------------------------------------------
/**
* 用户Controller层
* @author Administrator
*
*/
@Controller
@RequestMapping("/user")
public class UserController {
/**
* 用户登录
* @param user
* @param request
* @return
*/
@RequestMapping("/login")
public String login(User user,HttpServletRequest request){
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(user.getUserName(), user.getPassword());
try{
//验证是否登录
subject.login(token);
Session session=subject.getSession();
System.out.println("sessionId:"+session.getId());
System.out.println("sessionHost:"+session.getHost());
System.out.println("sessionTimeout:"+session.getTimeout());
session.setAttribute("info", "session的数据");
return "redirect:/success.jsp";
}catch(Exception e){
e.printStackTrace();
request.setAttribute("user", user);
request.setAttribute("errorMsg", "用户名或密码错误!");
return "index";
}
}
}
----------------------------------------------------------------------------------------------------------------------------------------------
MyRealm
public class MyRealm extends AuthorizingRealm{
@Resource
private UserService userService;
/**
* 为当限前登录的用户授予角色和权
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userName=(String)principals.getPrimaryPrincipal();
SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
authorizationInfo.setRoles(userService.getRoles(userName));
authorizationInfo.setStringPermissions(userService.getPermissions(userName));
return authorizationInfo;
}
/**
* 验证当前登录的用户
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName=(String)token.getPrincipal();
User user=userService.getByUserName(userName);
if(user!=null){
AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"xx");
return authcInfo;
}else{
return null;
}
}
}