先介绍下登陆的思路:

1.在登陆页面首先前端验证用户名和密码是否正确,如果验证通过,则ajax的方式向后台提交数据。

2.在controller层,将得到的用户名名和密码封装进shiro的token,在提交token过程中如果成功则登陆成功,如果出现异常则登陆失败,并且把登陆情况发送回登陆页面

3.controller层执行subject时候调用realm,realm里面有俩个函数,一个验证权限一个验证身份,在此调用验证身份的函数。在token中得到传过来的用户名,根据用户名查询与该用户名对应的数据,

把查询得到的数据与token做对比,如果正确则登陆成功,如果失败则登陆失败,最后将信息存放在session中

---------------------------------------------------------------------

1.login.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!doctype html>
<html lang="en" class="login-content" data-ng-app="materialAdmin">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="Generator" content="EditPlus®">
<meta name="Author" content="">
<meta name="Keywords" content="">
<meta name="Description" content="">
<title>管理员登录界面</title>
<!-- Vendor CSS -->
<link href="${pageContext.request.contextPath}/static/login/css/material-design-iconic-font/css/material-design-iconic-font.min.css" rel="stylesheet" type="text/css">
<!-- CSS -->
<link href="${pageContext.request.contextPath}/static/login/css/app.min.1.css" rel="stylesheet" type="text/css">
<script type="text/javascript">

function submitData(){
var userName=$("#userName").val();
var password=$("#password").val();
if(userName==""){
alert("请输入用户名!");
return;
}
if(password==""){
alert("请输入密码!");
return;
}
$.post("${pageContext.request.contextPath}/manager2/login.do",{userName:userName,password:password},function(result){
if(result.success){
alert("登录成功");
}else{
alert(result.errorInfo);
}
},"json");
}

</script>
</head>
<body class="login-content" data-ng-controller="loginCtrl as lctrl">

<div class="lc-block" id="l-login" data-ng-class="{'toggled':lctrl.login === 1}">
<h1 class="lean">Login</h1>

<div class="input-group m-b-20">
<span class="input-group-addon">
<i class="zmdi zmdi-account"></i>
</span>
<div class="fg-line">
<input type="text" id="userName" name="userName" class="form-control" placeholder="userName" regex="^\w{3,16}$"/>
</div>
</div>

<div class="input-group m-b-20">
<span class="input-group-addon">
<i class="zmdi zmdi-male"></i>
</span>
<div class="fg-line">
<input type="password" id="password" name="password" class="form-control" placeholder="password" regex="^\w+"/>
</div>
</div>

<div class="clearfix"></div>

<div >
成都金广通科技有限公司版本所有 2012-2016
</div>

<a href="javascript:submitData()" class="btn btn-login btn-danger btn-float">
<i class="zmdi zmdi-arrow-forward"></i>
</a>

</div>

</body>

<script src="${pageContext.request.contextPath}/static/login/js/bower_components/jquery/dist/jquery.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/log.js"></script>
<!-- Angular -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular/angular.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-resource/angular-resource.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-animate/angular-animate.min.js"></script>

<!-- Angular Modules -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-ui-router/release/angular-ui-router.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-loading-bar/src/loading-bar.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/oclazyload/dist/ocLazyLoad.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-bootstrap/ui-bootstrap-tpls.min.js"></script>

<!-- Common js -->
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/angular-nouislider/src/nouislider.min.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/bower_components/ng-table/dist/ng-table.min.js"></script>

<script src="${pageContext.request.contextPath}/static/login/js/app.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/controllers/main.js"></script>
<script src="${pageContext.request.contextPath}/static/login/js/controllers/ui-bootstrap.js"></script>

<!-- Template Modules -->
<script src="${pageContext.request.contextPath}/static/login/js/modules/form.js"></script>
</html>

------------------------------------------------------------------------------------

controller

package com.open1111.controller;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;
import com.open1111.util.Md5Util;
import com.open1111.util.ResponseUtil;

import net.sf.json.JSONObject;

/**
* 管理员Controller层
* @author user
*
*/
@Controller
@RequestMapping("/manager2")
public class ManagerController {

@Resource
private ManagerService managerService;

/**
* 用户登录
* @param manager
* @param response
* @return
* @throws Exception
*/
@RequestMapping("/login")
public String login(Manager manager,HttpServletResponse response)throws Exception{
Subject subject=SecurityUtils.getSubject();
UsernamePasswordToken token=new UsernamePasswordToken(manager.getUserName(), Md5Util.md5(manager.getPassword(), Md5Util.SALT));
JSONObject result=new JSONObject();
try{
subject.login(token);
result.put("success", true);
}catch(Exception e){
result.put("success", false);
result.put("errorInfo", "用户名或者密码错误!");
e.printStackTrace();
}
ResponseUtil.write(response, result);
return null;
}
}

-------------------------------------------------------------------------------------------------------------

util

package com.open1111.util;

import org.apache.shiro.crypto.hash.Md5Hash;

/**
* Md5加密工具类
* @author user
*
*/
public class Md5Util {

public static final String SALT="open1111";

/**
* Md5加密
* @param str
* @param salt
* @return
*/
public static String md5(String str,String salt){
return new Md5Hash(str, salt).toString();
}

public static void main(String[] args) {
String password="123456";
System.out.println("Md5加密后:"+Md5Util.md5(password, Md5Util.SALT));
}
}

package com.open1111.util;

import java.io.PrintWriter;

import javax.servlet.http.HttpServletResponse;

/**
* ajax返回输出流工具类
* @author user
*
*/
public class ResponseUtil {

/**
* 页面输出
* @param response
* @param o
* @throws Exception
*/
public static void write(HttpServletResponse response,Object o)throws Exception{
response.setContentType("text/html;charset=utf-8");
PrintWriter out=response.getWriter();
out.println(o.toString());
out.flush();
out.close();
}
}

----------------------------------------------------------------------------------------------

realm

package com.open1111.realm;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;

/**
* 自定义Reaml
* @author user
*
*/
public class MyRealm extends AuthorizingRealm{

@Resource
private ManagerService managerService;

/**
* 为当前登录用户授予角色和权限
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// TODO Auto-generated method stub
return null;
}

/**
* 验证当前登录的用户
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName=(String) token.getPrincipal();
Manager manager=managerService.getByUserName(userName);
if(manager!=null){
SecurityUtils.getSubject().getSession().setAttribute("currentUser", manager);
AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(manager.getUserName(), manager.getPassword(), "xxx");
return authcInfo;
}else{
return null;
}
}

}

------------------------------------------------------------------------------

service

package com.open1111.service.impl;

import javax.annotation.Resource;

import org.springframework.stereotype.Service;

import com.open1111.dao.ManagerDao;
import com.open1111.entity.Manager;
import com.open1111.service.ManagerService;

/**
* 管理员Service实现类
* @author user
*
*/
@Service("managerService")
public class ManagerServiceImpl implements ManagerService{

@Resource
private ManagerDao managerDao;

public Manager getByUserName(String userName) {
return managerDao.getByUserName(userName);
}
}

--------------------------------------------------------------------

dao

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.open1111.dao.ManagerDao">

<resultMap type="Manager" id="ManagerResult">
<result property="id" column="id"/>
<result property="userName" column="userName"/>
<result property="password" column="password"/>
</resultMap>

<select id="getByUserName" parameterType="String" resultMap="ManagerResult">
select * from t_manager where userName=#{userName}
</select>

</mapper>

cms-登陆的更多相关文章

  1. SQL Server:孤立用户详解

    SQL Server 的用户安全管理分两层,整个SQL Server 服务器一层,每个数据库一层. 在服务器层的帐号,叫登录账户(SQL Server:服务器角色),可以设置它管理整个SQL Serv ...

  2. sql导入默认用户解决杰奇cms无法登陆管理员账户问题

    前些天下载杰奇cms来体验一下,从a5下载的杰奇1.8版,不是默认的安装程序,上传文件,手工导入sql数据库,修改了config配置文件,很快就完工了.前台可以展现,除了有些乱码显示之外,想要修改相关 ...

  3. 帝国CMS QQ登陆接口插件 适用于所有帝国7.2版本

    插件名称:帝国CMS-QQ登录插件 插件作者:帝国CMS官方 插件介绍:帝国CMS系统的QQ登录插件. 官方网站:http://www.phome.net ---------------------- ...

  4. Thinkphp3.2 cms之登陆模块

    <?php /** * Created by dreamcms. * User: Administrator * Date: 2016/9/5 * Time: 17:15 */ namespac ...

  5. 帝国cms修改成https后后台登陆空白的解决办法

    以下方法适用帝国cms7.5版本: 7.5版本已经有了http和https自动识别,但是因为一些疑难杂症的原因,自动识别判断的不准,后台登录也是空白, 我们可以打开e/config.php查找'htt ...

  6. zerojs! 造出最好的 CMS 轮子

    zerojs是一个基于nodejs.angularjs.git的CMS.在它之上可以继续开发出博客.论坛.wiki等类似的内容管理型系统. 拥抱开发者和社区 层次清晰,高度解耦.前后端即使分开也都是完 ...

  7. ASP.NET开源CMS

    CMS这里指 内容管理系统.是Content Management System的缩写. 产生 随着网络应用的丰富和发展,很多网站往往不能迅速跟进大量信息衍生及业务模式变革的脚步,常常需要花费许多时间 ...

  8. php强制转换类型和CMS远程管理插件的危险

    远程管理插件是十分受WordPress站点管理员欢迎的工具,它们允许用户同时对多个站点执行相同的操作,如,更新到最新的发行版或安装插件.然而,为了实现这些操作,客户端插件需要赋予远程用户很大的权限.因 ...

  9. 轻取帝国CMS管理员密码

    “帝国”CMS是一套著名的PHP整站程序,是国内使用人数最多的PHPCMS程序之一.令人无奈的是,“帝国”虽然把势力壮大了,却忽略了自身防护的建设,结果在黑客攻击下,“帝国”沦陷了.“帝国”CMS曝出 ...

  10. JEECMS v8 发布,java 开源 CMS 系统

    JEECMSv8 是国内java开源CMS行业知名度最高.用户量最大的站群管理系统,支持栏目模型.内容模型交叉自定义.以及具备支付和财务结算的内容电商为一体:  对于不懂技术的用户来说,只要通过后台的 ...

随机推荐

  1. ES Docs-2:Exploring ES cluster

    The REST API Now that we have our node (and cluster) up and running, the next step is to understand ...

  2. NVI模式

    简介: --NVI即(Non-VIrtual Interface)模式强化依赖倒置,介于 Virtual与No Virtual 之间 允许子类重新实现 也可以在父类中对子类 进行限制和其它操作. 由来 ...

  3. Docker删除私有仓库镜像

    V2 安装删除脚本 # curl https://raw.githubusercontent.com/burnettk/delete-docker-registry-image/master/dele ...

  4. Spring基本原理模拟(IoC部分)

    package ioc; import java.io.File; import java.lang.reflect.Method; import java.util.Collections; imp ...

  5. thinkphp5文件上传问题

    tp5中文件上传如果没有数据就会报错,所以要先做一个判断 //先接收文件数据 $isfile=$_FILES;//判断是否上传图片数据,如果没有上传数据二位数组中的name会为空,如下例:if($is ...

  6. OnclickListener

    https://developer.android.com/reference/android/view/View.OnClickListener.html# https://blog.csdn.ne ...

  7. ubuntu16.0.4下修改MySQL的data目录之mysqld启动报错

    由于需要更换MySQL的data目录,更改完成后启动报错如下: apparmor="DENIED" operation="mknod" profile=&quo ...

  8. 利用git reflog找回错误的重置

    在开发中经常需要reset分支,如果在reset前没有记住分支指向的提交ID,想要重置回原来的提交恐怕大多数开发者是重新拉取远程版本库,再rebase分支.但如果连不上远程版本库或没有远程版本怎么办呢 ...

  9. Error: npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

    执行npm install 时,提示警告信息: Error: npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0. ...

  10. PIE使IE浏览器支持CSS3属性(圆角、阴影、渐变)

    http://www.360doc.com/content/12/1214/09/11181348_253939277.shtml PIE使IE浏览器支持CSS3属性(圆角.阴影.渐变) 2012-1 ...