文章目录
基本过滤器
- anon:不拦截
- authc:需要登陆
- logout:登出
- roles:角色
- perms:权限
设置登陆页:authc.loginUrl
案例
主页:
@RequestMapping("")
public String index() {
return "/login.jsp";
}
<form action="<%=request.getContextPath()%>/login" method="post">
<input type="text" name="username"/>
<input type="password" name="password"/>
<button type="submit">登陆</button>
</form>
登陆:/login
@RequestMapping(value = "/login", produces = "application/json;charset=utf-8")
@ResponseBody
public String login(String username, String password) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject subject = SecurityUtils.getSubject();
try {
subject.login(token);
return "登陆成功";
} catch (AuthenticationException e) {
return "登陆失败";
}
}
登出:/logout
@RequestMapping("/logout")
public String logout() {
return "";
}
一个内容页:/u1
@RequestMapping("/u1")
@ResponseBody
public String u1() {
return "u1";
}
主配置文件
[users]
abc = 123,user
[roles]
user = u1,u2,u3
[urls]
/logout = logout # 登出
/u1 = perms["u1"] # 需要权限
运行效果
未登录时访问u1
登陆后访问u1
