项目初始化，资源整合

src/main/resources/application.house.properties

@@ -5,12 +5,17 @@ jdbc.username=root
 jdbc.password=root
 
 jdbc.sql.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
+
 #dbcp settings
 dbcp.maxIdle=5
 dbcp.maxActive=40
 
+#hibernate settings
+#更新|创建|验证数据库表结构|不作改变     默认update(create,validate,none)
+hibernate.hbm2ddl.auto=update
+
 #sso
-sso.cas.service=http://58.49.94.60:8888/cas-oracle
-sso.local.service=http://localhost:8080/cms/shiro-cas
+#sso.cas.service=http://58.49.94.60:8888/cas-oracle
+#sso.local.service=http://localhost:8080/chinaData/shiro-cas
 
 project.setting.style=app

src/main/resources/application.parameter.properties

@@ -0,0 +1,10 @@
+#parameter setting
+parameter.YES = "YES"
+parameter.NO = "NO"
+
+parameter.NORMAL = "NORMAL"
+parameter.LOCKED = "LOCKED"
+
+parameter.MD5 = "md5"
+
+parameter.START = 0

src/main/resources/application.properties

@@ -1,16 +1,17 @@
 #oracle database setting
-jdbc.driver=oracle.jdbc.OracleDriver
-jdbc.url=jdbc:oracle:thin:@10.16.3.30:1521:csdev
-jdbc.username=csuser
-jdbc.password=csusr2013
-jdbc.sql.dialect=org.hibernate.dialect.Oracle10gDialect
+jdbc.driver=com.mysql.jdbc.Driver
+jdbc.url=jdbc:mysql://localhost/china_data?useUnicode=true&characterEncoding=utf-8
+jdbc.username=root
+jdbc.password=123
+
+jdbc.sql.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
 
 #dbcp settings
 dbcp.maxIdle=5
 dbcp.maxActive=40
 
 #sso
-sso.cas.service=http://10.16.3.30:8080/cas-server
-sso.local.service=http://10.16.3.30:8080/xqlc-cms/shiro-cas
+sso.cas.service=http://58.49.94.60:8888/cas-oracle
+sso.local.service=http://58.49.94.60/chinaData/shiro-cas
 
 project.setting.style=app

src/main/resources/applicationContext-shiro-cas.xml

@@ -1,63 +1,55 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
-	xsi:schemaLocation="
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xsi:schemaLocation="
             http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
             http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd"
-	default-lazy-init="true">
-
-	<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
-		<property name="securityManager" ref="securityManager" />
-		<!-- 设定角色的登录链接，这里为cas登录页面的链接可配置回调地址 -->
-		<property name="loginUrl"
-			value="${sso.cas.service}/login?service=${sso.local.service}" />
-		<property name="filters">
-			<util:map>
-				<!-- 添加casFilter到shiroFilter -->
-				<entry key="casFilter" value-ref="casFilter" />
-			</util:map>
-		</property>
-		<property name="filterChainDefinitions">
-			<value>
-				/shiro-cas = casFilter
-				/sso/** = anon
-				/static/** = anon
-				/server/rest/** = anon
-				/system/** = anon
-				/template/** = anon
-				/publish/** =anon
-				/** = user
-			</value>
-		</property>
-	</bean>
-
-	<bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
-		<!-- 配置验证错误时的失败页面 -->
-		<property name="failureUrl" value="/error.jsp" />
-	</bean>
-
-	<bean id="casRealm" class="org.apache.shiro.cas.CasRealm">
-		<property name="defaultRoles" value="ROLE_USER" />
-		<property name="casServerUrlPrefix" value="${sso.cas.service}" />
-		<!-- 客户端的回调地址设置，必须和下面的shiro-cas过滤器拦截的地址一致 -->
-		<property name="casService" value="${sso.local.service}" />
-	</bean>
-
-	<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
-		<property name="realm" ref="casRealm" />
-		<property name="subjectFactory" ref="casSubjectFactory" />
-	</bean>
-
-	<!-- 如果要实现cas的remember me的功能，需要用到下面这个bean，并设置到securityManager的subjectFactory中 -->
-	<bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory" />
-
-
-	<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
-
-	<bean
-		class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
-		<property name="staticMethod"
-			value="org.apache.shiro.SecurityUtils.setSecurityManager" />
-		<property name="arguments" ref="securityManager" />
-	</bean>
+       default-lazy-init="true">
+
+    <!-- 如果要实现cas的remember me的功能，需要用到下面这个bean，并设置到securityManager的subjectFactory中 -->
+    <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory"/>
+
+    <bean id="casRealm" class="org.apache.shiro.cas.CasRealm">
+        <property name="defaultRoles" value="ROLE_USER"/>
+        <property name="casServerUrlPrefix" value="${sso.cas.service}"/>
+        <!-- 客户端的回调地址设置，必须和下面的shiro-cas过滤器拦截的地址一致 -->
+        <property name="casService" value="${sso.local.service}"/>
+    </bean>
+
+    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
+        <property name="realm" ref="casRealm"/>
+        <property name="subjectFactory" ref="casSubjectFactory"/>
+    </bean>
+
+    <bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
+        <!-- 配置验证错误时的失败页面 -->
+        <property name="failureUrl" value="/error.jsp"/>
+    </bean>
+
+    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
+        <property name="securityManager" ref="securityManager"/>
+        <!-- 设定角色的登录链接，这里为cas登录页面的链接可配置回调地址 -->
+        <property name="loginUrl" value="${sso.cas.service}/login?service=${sso.local.service}"/>
+        <property name="filters">
+            <util:map>
+                <!-- 添加casFilter到shiroFilter -->
+                <entry key="casFilter" value-ref="casFilter"/>
+            </util:map>
+        </property>
+        <property name="filterChainDefinitions">
+            <value>
+                /logout = logout
+                /shiro-cas = casFilter
+                /static/** = anon
+                /** = user
+            </value>
+        </property>
+    </bean>
+
+    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
+
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
+        <property name="arguments" ref="securityManager"/>
+    </bean>
 </beans>

src/main/resources/applicationContext-shiro.xml

@@ -0,0 +1,171 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+       http://www.springframework.org/schema/beans/spring-beans-3.2.xsd"
+       default-lazy-init="true">
+
+    <description>Shiro安全配置</description>
+
+    <!-- 用户授权信息Cache, 采用EhCache -->
+    <bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
+        <property name="cacheManagerConfigFile" value="classpath:ehcache/ehcache-shiro.xml"/>
+    </bean>
+
+    <!-- 自定义凭证匹配器-->
+    <bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
+        <!--加密方式, 必须设置-->
+        <property name="hashAlgorithmName" value="MD5"/>
+        <!--加密迭代次数, 不设置默认为1次-->
+        <property name="hashIterations" value="2"/>
+        <!--不设置默认为True-->
+        <property name="storedCredentialsHexEncoded" value="true"/>
+    </bean>
+
+    <!-- 自定义凭证匹配器-->
+    <bean id="customerCredentialsMatcher" class="com.darknight.platform.security.shiro.credentialsMatcher.RetryLimitHashedCredentialsMatcher">
+        <constructor-arg ref="shiroEhcacheManager"/>
+        <property name="hashAlgorithmName" value="MD5"/>
+        <property name="hashIterations" value="2"/>
+        <property name="storedCredentialsHexEncoded" value="true"/>
+    </bean>
+
+    <!-- 由于Shiro不负责Realm的具体实现, 項目中必须实现自定义的Realm-->
+    <bean id="shiroRealm" class="com.darknight.platform.security.shiro.realm.impl.DefaultRealm">
+        <!--注入凭证匹配器, 用于比较用户信息-->
+        <!--Shiro提供默认的凭证匹配器-->
+        <property name="credentialsMatcher" ref="credentialsMatcher"/>
+        <!--自定义的凭证匹配器-->
+        <!--<property name="credentialsMatcher" ref="customerCredentialsMatcher"/>-->
+        <!--配置是否启用缓存-->
+        <property name="cachingEnabled" value="true"/>
+        <property name="authenticationCachingEnabled" value="true"/>
+        <property name="authenticationCacheName" value="authenticationCache"/>
+        <property name="authorizationCachingEnabled" value="true"/>
+        <property name="authorizationCacheName" value="authorizationCache"/>
+    </bean>
+
+    <!--Shiro Session管理 Begin-->
+    <!-- 会话ID生成器 -->
+    <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
+
+    <!-- 会话Cookie模板 -->
+    <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
+        <constructor-arg value="sid"/>
+        <property name="httpOnly" value="true"/>
+        <property name="maxAge" value="180000"/>
+    </bean>
+
+    <!-- 会话DAO -->
+    <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
+        <property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
+        <property name="sessionIdGenerator" ref="sessionIdGenerator"/>
+    </bean>
+
+    <!-- 会话验证调度器 -->
+    <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
+        <property name="sessionValidationInterval" value="1800000"/>
+        <property name="sessionManager" ref="sessionManager"/>
+    </bean>
+
+    <!-- 会话管理器 -->
+    <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
+        <property name="globalSessionTimeout" value="1800000"/>
+        <property name="deleteInvalidSessions" value="true"/>
+        <property name="sessionValidationSchedulerEnabled" value="true"/>
+        <property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
+        <property name="sessionDAO" ref="sessionDAO"/>
+        <property name="sessionIdCookieEnabled" value="true"/>
+        <property name="sessionIdCookie" ref="sessionIdCookie"/>
+    </bean>
+    <!--Shiro Session管理 End-->
+
+    <!-- Shiro's main business-tier object for web-enabled applications -->
+    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
+        <property name="realms">
+            <list><ref bean="shiroRealm"/></list>
+        </property>
+        <property name="sessionManager" ref="sessionManager"/>
+        <property name="cacheManager" ref="shiroEhcacheManager" />
+    </bean>
+
+    <!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
+    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
+        <property name="staticMethod"
+                  value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
+        <property name="arguments" ref="securityManager"/>
+    </bean>
+
+    <!-- Shiro默认基于Form表单的身份验证过滤器 -->
+    <bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
+        <!-- 登录账号和密码 -->
+        <property name="usernameParam" value="username"/>
+        <property name="passwordParam" value="password"/>
+        <!--&lt;!&ndash;登录地址 &ndash;&gt;-->
+        <!--<property name="loginUrl" value="/loginFilter" />-->
+        <!--&lt;!&ndash; 登录成功后跳转页面 &ndash;&gt;-->
+        <!--<property name="successUrl" value="/indexPage" />-->
+        <!-- 登录失败时返回的错误类型 -->
+        <property name="failureKeyAttribute" value="shiroLoginFailure"/>
+    </bean>
+
+    <!-- 自定义基于Form表单的身份验证过滤器 -->
+    <!--<bean id="formAuthenticationFilter" class="com.darknight.platform.security.shiro.filters.CustomerAuthenticationFilter">-->
+        <!--<property name="usernameParam" value="username"/>-->
+        <!--<property name="passwordParam" value="password"/>-->
+        <!--<property name="loginUrl" value="/system/login.jsp" />-->
+    <!--</bean>-->
+
+    <!-- Shiro默认Logout拦截器 -->
+    <bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter">
+        <!-- 当用户注销后进行跳转的地址, 默认为"/" -->
+        <property name="redirectUrl" value="/login" />
+    </bean>
+
+    <!-- Shiro Filter基于Controller来控制用户登录 -->
+    <!--<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">-->
+        <!--<property name="securityManager" ref="securityManager" />-->
+        <!--<property name="loginUrl" value="/loginPage" />-->
+        <!--<property name="successUrl" value="/indexPage" />-->
+        <!--<property name="unauthorizedUrl" value="/system/error.jsp"/>-->
+        <!--<property name="filterChainDefinitions">-->
+            <!--<value>-->
+                <!--/indexPage = authc-->
+                <!--/** = anon-->
+            <!--</value>-->
+        <!--</property>-->
+    <!--</bean>-->
+
+    <!-- Shiro Filter基于Shiro默认实现来控制用户登录 -->
+    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
+        <property name="securityManager" ref="securityManager" />
+        <property name="loginUrl" value="/login" />
+        <property name="successUrl" value="/indexPage" />
+        <property name="unauthorizedUrl" value="/system/error.jsp"/>
+        <property name="filters">
+            <map>
+                <entry key="authc" value-ref="formAuthenticationFilter"/>
+                <entry key="logout" value-ref="logoutFilter"/>
+            </map>
+        </property>
+        <property name="filterChainDefinitions">
+            <value>
+                <!--不拦截任何路径, 用于关闭权限测试页面-->
+                /login = authc
+                /indexPage = authc
+                /logout = logout
+                /** = anon
+
+                <!-- 权限拦截配置 -->
+                <!--/ = anon-->
+                <!--/welcome.html = anon-->
+                <!--/system/error.jsp = anon-->
+                <!--/system/login.jsp = authc-->
+                <!--/logout = logout-->
+                <!--/** = authc-->
+            </value>
+        </property>
+    </bean>
+
+    <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
+    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
+</beans>