宽屏绿色新闻资讯网站织梦模板,郑州做网站排名,主机做网站,南宁网红夜市目录
前言
一、加入DWZ J-UI框架
二、实现登录页面
三、实现主页面菜单显示 前言
大家好#xff01;写文章之前先列出几篇相关文章。本文内容也在其项目中接续实现。
一. SSM项目集成Spring Security 4.X版本#xff08;使用spring-security.xml 配置文件方式#xff…目录
前言
一、加入DWZ J-UI框架
二、实现登录页面
三、实现主页面菜单显示 前言
大家好写文章之前先列出几篇相关文章。本文内容也在其项目中接续实现。
一. SSM项目集成Spring Security 4.X版本使用spring-security.xml 配置文件方式_spring security4.x 会话管理配置文件版-CSDN博客https://blog.csdn.net/u011529483/article/details/135699004?spm1001.2014.3001.5501
二. SpringSecurity认证登录成功后获取角色菜单-CSDN博客https://blog.csdn.net/u011529483/article/details/135763209?spm1001.2014.3001.5501
三. Spring Security 4.XXML文件配置session超时单点登录-session并发控制退出/logout_spring security session过期时间 xml-CSDN博客https://blog.csdn.net/u011529483/article/details/136043238?spm1001.2014.3001.5501 一、加入DWZ J-UI框架
1. 下载DWZ J-UI框架并解压
https://download.csdn.net/download/u011529483/87930662
以上为个人下载地址。
2. 在项目中新建dwz文件如下图 然后将解压后的 J-UI 框架的内容全部拷贝到 dwz 文件夹中。我解压后的效果如下 具体可以参考文章记dwzJUI前端框架使用一_dwz框架-CSDN博客https://blog.csdn.net/u011529483/article/details/129150062?spm1001.2014.3001.5501
注意此项目中由于加入了 spring-security 所以需要对dwz文件夹进行配置下图标红处 好了现在可以直接访问到 dwz 文件夹中的静态资源了。要复用dwz中的某一个页面只需要拷贝到指定位置修改成想要的模样就可以了。
二、实现登录页面
1. 将 dwz 文件夹中的 login.html 页面拷贝到 webapp 目录下修改为jsp页面。如下图 2. 修改 login.jsp 页面代码
% page contentTypetext/html;charsetUTF-8 languagejava pageEncodingutf-8 %
% page isELIgnoredfalse %
% taglib prefixc urihttp://java.sun.com/jsp/jstl/core %
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
html xmlnshttp://www.w3.org/1999/xhtml
headtitlewqxx系统登录页面/titlelink href./dwz/themes/css/login.css relstylesheet typetext/css /
/head
body
div idlogindiv idlogin_headerh1 classlogin_logoa href#img src./dwz/themes/default/images/login_logo.gif //a/h1div classlogin_headerContentdiv classnavListullia href#设为首页/a/lilia href#反馈/a/lilia href./dwz/doc/dwz-user-guide.pdf target_blank帮助/a/li/ul/divh2 classlogin_titleimg src./dwz/themes/default/images/login_title.png //h2/div/divdiv idlogin_contentdiv classloginFormform action${pageContext.request.contextPath}/spring_security_check methodpostplabel用户名/labelinput typetext nameusername size20 classlogin_input //pplabel密码/labelinput typepassword namepassword size20 classlogin_input //pplabel验证码/labelinput classcode typetext size5 /spanimg src./dwz/themes/default/images/header_bg.png alt width75 height24 //span/pdiv classlogin_barinput classsub typesubmit value //div/form/divdiv classlogin_bannerimg src./dwz/themes/default/images/login_banner.jpg //divdiv classlogin_maindiv classlogin_inner/div/div/divdiv idlogin_footerCopyright copy; 2009 www.dwzjs.com Inc. All Rights Reserved./div
/div/body
/html主要注意 CSS, 图片等资源的路劲修改指向./dwz/目录中。
用户名密码输入控件的修改与你的后台名称绑定。form表单提交请求的修改因为使用了spring-security所以提交路径为 spring-security.xml 文件中配置的路径
form action${pageContext.request.contextPath}/spring_security_check methodpost
到此登录页面完成如有页面显示差异自己微调CSS等。运行项目效果如下 另附上 spring-security.xml 配置文件代码登录的后台代码参考前言中的第一篇文章。
?xml version1.0 encodingUTF-8?
beans xmlnshttp://www.springframework.org/schema/beansxmlns:securityhttp://www.springframework.org/schema/securityxmlns:xsihttp://www.w3.org/2001/XMLSchema-instancexsi:schemaLocationhttp://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsdhttp://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security.xsd!--指定不受Spring Security管理--security:http securitynone pattern/login /!--放行DWZ的静态资源--security:http securitynone pattern/dwz/** /!--spring过滤器链配置1) 需要拦截什么资源2) 什么资源对应什么角色权限3) 定制认证方式: HttpBasic or FormLogin4) 自定义登录页面,定义登录请求地址,定义错误处理方式--security:http!--使用form-login的方式进行认证login-page:指定获取登录页面的url(需要编写controller返回登录页面)login-processing-url:指定登录页面中post请求提交到哪里的url(不需要编写controller框架已实现)default-target-url:指定登录成功后跳转到哪个url(需要编写controller)authentication-success-handler-ref:指定登录成功后由哪个类来进行处理authentication-failure-handler-ref:指定登录失败后由哪个类来进行处理username-parameter指定登录表单中用户名的input中name值如果这里不配置则默认为usernamepassword-parameter指定登录表单中密码的input中name值如果这里不配置则默认为password--security:form-login login-page/login login-processing-url/spring_security_checkauthentication-success-handler-refmyAuthenticationSuccessHandlerauthentication-failure-handler-refmyAuthenticationFailureHandler/!-- 关闭csrf的保护--security:csrf disabledtrue/!-- 配置资源拦截规则pattern属性指定资源目录: 即需要拦截的资源 /* 代表根目录下的一级目录 /** 代表根目录下的所有目录access(SpEL)方法执行Spring EL表达式。提供如下表达式permitALL():设置那些路径可以直接访问不需要认证。直接返回trueisAnonymous():只有匿名用户可以访问登录用户不可访问isAuthenticated()需要身份认证成功才能访问。如果认证用户不是匿名用户则返回true认证通过isFullyAuthenticated():需要身份认证成功才能访问。如果认证用户不是匿名用户或记住我的用户则返回true认证通过其它自行查找......--!--开始配置拦截规则注意拦截规则的位置顺序如不需要身份认证的规则要放在前面需要身份认证的规则放在后面--!--permitAll()不需要身份认证无条件放行--!--security:intercept-url pattern/login accesspermitAll()/--!--security:intercept-url pattern/system/index accesspermitAll()/--security:intercept-url pattern/s_timeout.jsp accesspermitAll()/!--进行权限划分hasRole(ROLE_USER)表示拥有 ROLE_USER 权限的用户可以访问hasRole(ROLE_ALL)表示拥有 ROLE_ALL 权限的用户可以访问。指定特定权限访问--security:intercept-url pattern/system/add accesshasAuthority(admin)/security:intercept-url pattern/system/list accesshasAuthority(ROLE_ALL)/!--permitAll()不需要身份认证无条件放行静态资源--security:intercept-url pattern/js/** accesspermitAll()/!--拦截所有页面需要身份认证成功才能访问。如果认证用户不是匿名用户或记住我的用户则返回true认证通过--security:intercept-url pattern/** accessisFullyAuthenticated()/!--结束配置拦截规则--!-- 自定义用户访问权限不足的处理方式(需要编写controller返回权限不足的页面) --security:access-denied-handler error-page/accessDeny/!-- session管理invalid-session-url指定使用已经超时的sessionId保存在Cookie中进行请求需要重定向的页面或路径。max-sessions默认值为1session并发数量控制。控制同一用户在系统中同时允许存在的已经通过认证的session数量。当超过这个值时Spring Security的默认策略是将先前的设为无效。如果要限制用户再次登录可以设置concurrency-control的error-if-maximum-exceeded的值为true。--security:session-management invalid-session-url/s_timeout.jspsecurity:concurrency-control max-sessions1 error-if-maximum-exceededfalse//security:session-management!--security:session-management session-authentication-error-url/session invalid-session-url/sessionsecurity:concurrency-control max-sessions1 session-registry-aliassessionRegistry error-if-maximum-exceededfalse expired-url/session//security:session-management--!--加上Remember Me功能token-validity-seconds有效时间(秒)--!--security:remember-me token-repository-refjdbcTokenRepository token-validity-seconds604800/--!--security:logout/注销功能logout-url/logout退出过滤器默认的拦截路径springSecurity内LogoutFilter要拦截的url(向这/logout发送请求来注销)logout-success-url用户退出后要被重定向的urlinvalidate-session默认为true,用户在退出后Http session失效success-handler-ref指定一个bean(需要实现LogoutSuccessHandler接口)用来自定义退出成功后的操作delete-cookiesJSESSIONID删除session对应的cookie--security:logout logout-url/logout logout-success-url/login invalidate-sessiontrue delete-cookiesJSESSIONID//security:http!--身份验证管理器--security:authentication-manager!--自定义授权提供类MyUserDetailsService获得登录用户的用户详情信息。此类实现UserDetailsService接口。user-service-refmyUserDetailsService 指定 UserDetailsService 接口的实现类最终都要返回一个UserDetail用户详情--security:authentication-provider user-service-refmyUserDetailsService!-- 配置加密算法对用户输入的密码进行加密然后和数据库的密码进行配对 --!--security:password-encoder refbCryptPasswordEncoder/--/security:authentication-provider/security:authentication-manager!--创建 springSecurity 密码加密工具类使用PasswordEncoder 接口的实现也可以使用别的--!--bean idbCryptPasswordEncoder classorg.springframework.security.crypto.bcrypt.BCryptPasswordEncoder/bean--!--springSecurity实现 remember me 功能如果用户登录选择 remember me springSecurity会将其cookie值存入数据库来实现remember me 功能JdbcTokenRepositoryImpl 用来存取cookie值--!--bean idjdbcTokenRepository classorg.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImplproperty namedataSource refdataSource/ lt;!ndash;数据库数据源ndash;gt;lt;!ndash;property namecreateTableOnStartup valuetrue/ndash;gt; lt;!ndash;createTableOnStartup属性是当项目启动时springSecurity创建表存储remember me相关信息第二次启动时要注释这个属性ndash;gt;/bean--/beans三、实现主页面菜单显示 1. 将 dwz 文件夹中的 index.html 页面拷贝到自定义项目目录 main 中修改为 jsp页面如下图 2. 修改 index.jsp 页面代码
% page contentTypetext/html;charsetUTF-8 languagejava pageEncodingutf-8 %
% taglib urihttp://java.sun.com/jsp/jstl/core prefixc %
% taglib urihttp://java.sun.com/jsp/jstl/functions prefixfn %
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
html xmlnshttp://www.w3.org/1999/xhtml
headmeta http-equivContent-Type contenttext/html; charsetutf-8 /title百炼成神管理系统/titlelink href../dwz/themes/default/style.css relstylesheet typetext/css mediascreen/link href../dwz/themes/css/core.css relstylesheet typetext/css mediascreen/link href../dwz/themes/css/print.css relstylesheet typetext/css mediaprint/link href../dwz/uploadify/css/uploadify.css relstylesheet typetext/css mediascreen/!--[if IE]link href../dwz/themes/css/ieHack.css relstylesheet typetext/css mediascreen/![endif]--!--[if lt IE 9]script src../dwz/js/speedup.js typetext/javascript/scriptscript src../dwz/js/jquery-1.12.4.js typetext/javascript/script![endif]--!--[if gte IE 9]!--script src../dwz/js/jquery-3.4.1.js typetext/javascript/script!--![endif]--script src../dwz/js/jquery.cookie.js typetext/javascript/scriptscript src../dwz/js/jquery.validate.js typetext/javascript/script!--script srcjs/jquery.bgiframe.js typetext/javascript/script--script src../dwz/xheditor/xheditor-1.2.2.min.js typetext/javascript/scriptscript src../dwz/xheditor/xheditor_lang/zh-cn.js typetext/javascript/scriptscript src../dwz/uploadify/scripts/jquery.uploadify.js typetext/javascript/scriptscript typetext/javascript src../dwz/chart/echarts.min.js/scriptscript src../dwz/js/dwz.core.js typetext/javascript/scriptscript src../dwz/js/dwz.util.date.js typetext/javascript/scriptscript src../dwz/js/dwz.validate.method.js typetext/javascript/scriptscript src../dwz/js/dwz.barDrag.js typetext/javascript/scriptscript src../dwz/js/dwz.drag.js typetext/javascript/scriptscript src../dwz/js/dwz.tree.js typetext/javascript/scriptscript src../dwz/js/dwz.accordion.js typetext/javascript/scriptscript src../dwz/js/dwz.ui.js typetext/javascript/scriptscript src../dwz/js/dwz.theme.js typetext/javascript/scriptscript src../dwz/js/dwz.switchEnv.js typetext/javascript/scriptscript src../dwz/js/dwz.alertMsg.js typetext/javascript/scriptscript src../dwz/js/dwz.contextmenu.js typetext/javascript/scriptscript src../dwz/js/dwz.navTab.js typetext/javascript/scriptscript src../dwz/js/dwz.tab.js typetext/javascript/scriptscript src../dwz/js/dwz.resize.js typetext/javascript/scriptscript src../dwz/js/dwz.dialog.js typetext/javascript/scriptscript src../dwz/js/dwz.dialogDrag.js typetext/javascript/scriptscript src../dwz/js/dwz.sortDrag.js typetext/javascript/scriptscript src../dwz/js/dwz.cssTable.js typetext/javascript/scriptscript src../dwz/js/dwz.stable.js typetext/javascript/scriptscript src../dwz/js/dwz.taskBar.js typetext/javascript/scriptscript src../dwz/js/dwz.ajax.js typetext/javascript/scriptscript src../dwz/js/dwz.pagination.js typetext/javascript/scriptscript src../dwz/js/dwz.database.js typetext/javascript/scriptscript src../dwz/js/dwz.selectedLoad.js typetext/javascript/scriptscript src../dwz/js/dwz.datepicker.js typetext/javascript/scriptscript src../dwz/js/dwz.effects.js typetext/javascript/scriptscript src../dwz/js/dwz.panel.js typetext/javascript/scriptscript src../dwz/js/dwz.checkbox.js typetext/javascript/scriptscript src../dwz/js/dwz.history.js typetext/javascript/scriptscript src../dwz/js/dwz.combox.js typetext/javascript/scriptscript src../dwz/js/dwz.file.js typetext/javascript/scriptscript src../dwz/js/dwz.print.js typetext/javascript/script!-- 可以用dwz.min.js替换前面全部dwz.*.js (注意替换时下面dwz.regional.zh.js还需要引入)script srcbin/dwz.min.js typetext/javascript/script--script src../dwz/js/dwz.regional.zh.js typetext/javascript/scriptscript typetext/javascript$(function(){DWZ.init(../dwz/dwz.frag.xml, {loginUrl:../dwz/login_dialog.html, loginTitle:登录, // 弹出登录对话框
// loginUrl:login.html, // 跳到登录页面statusCode:{ok:200, error:300, timeout:301}, //【可选】pageInfo:{pageNum:pageNum, numPerPage:numPerPage, orderField:orderField, orderDirection:orderDirection}, //【可选】keys: {statusCode:statusCode, message:message}, //【可选】ui:{hideMode:offsets}, //【可选】hideMode:navTab组件切换的隐藏方式支持的值有’display’’offsets’负数偏移位置的值默认值为’display’debug:false, // 调试模式 【true|false】callback:function(){initEnv();$(#themeList).theme({themeBase:themes}); // themeBase 相对于index页面的主题base路径}});});/script/headbody
div idlayoutdiv idheaderdiv classheaderNava classlogo href#标志/aul classnavli idswitchEnvBoxa hrefjavascript:span北京/span切换城市/aullia href../dwz/sidebar_1.html北京/a/lilia href../dwz/sidebar_2.html上海/a/lilia href../dwz/sidebar_2.html南京/a/lilia href../dwz/sidebar_2.html深圳/a/lilia href../dwz/sidebar_2.html广州/a/lilia href../dwz/sidebar_2.html天津/a/lilia href../dwz/sidebar_2.html杭州/a/li/ul/lilia href../dwz/changepwd.html targetdialog relchangepwd width600设置/a/lilia hrefc:url value/logout/退出系统/a/li/ulul classthemeList idthemeListli themedefaultdiv classselected蓝色/div/lili themegreendiv绿色/div/li!--li themereddiv红色/div/li--li themepurplediv紫色/div/lili themesilverdiv银色/div/lili themeazurediv天蓝/div/li/ul/div!-- navMenu --/divdiv idleftsidediv idsidebar_sdiv classcollapsediv classtoggleCollapsediv/div/div/div/divdiv idsidebardiv classtoggleCollapseh2主菜单界面/h2div收缩/div/divdiv classaccordion fillSpacesidebardiv classaccordionHeaderh2spanFolder/span导航列表/h2/divdiv classaccordionContentul classtree treeFolder!-- 菜单开始 --c:choosec:when test${listMenu.size()0}c:forEach varlstMenu items${listMenu} varStatusstatusc:if test${lstMenu.parentId eq 10000}lia href${lstMenu.url} targetnavTab${lstMenu.name}/ac:forEach varmenuChild items${listMenu}c:if test${menuChild.parentId eq lstMenu.id}ullia href${menuChild.url} targetnavTab relpage1 freshfalse${menuChild.name}/a/li/ul/c:if/c:forEach/li/c:if/c:forEach/c:whenc:otherwisep没有查询到菜单列表/p/c:otherwise/c:choose!-- 菜单结束 --/ul/div/div/div/divdiv idcontainerdiv idnavTab classtabsPagediv classtabsPageHeaderdiv classtabsPageHeaderContent!-- 显示左右控制时添加 classtabsPageHeaderMargin --ul classnavTab-tabli tabidmain classmaina hrefjavascript:;spanspan classhome_icon我的主页/span/span/a/li/ul/divdiv classtabsLeftleft/div!-- 禁用只需要添加一个样式 classtabsLeft tabsLeftDisabled --div classtabsRightright/div!-- 禁用只需要添加一个样式 classtabsRight tabsRightDisabled --div classtabsMoremore/div/divul classtabsMoreListlia hrefjavascript:;我的主页/a/li/uldiv classnavTab-panel tabsPageContent layoutBoxdiv classpage unitBoxdiv classpageFormContent layoutH80 stylemargin-right:230px/div%-- div stylewidth:230px;position: absolute;top:60px;right:0 layoutH80iframe width100% height430 classshare_self frameborder0 scrollingno src//widget.weibo.com/weiboshow/index.php?width0height430fansRow2ptype1skin1isTitle0noborder1isWeibo1isFans0uid1739071261verifierc683dfe7/iframe/div--%/div/div/div/div/divdiv idfooterCopyright copy; 2020 a hrefdemo_page2.html targetdialogDWZ团队/a 京ICP备15053290号-2/div/body
/html
主要引入JSP页面需要的标签库修改所有dwz静态资源的访问路径。其它用不到的代码直接删除掉即可如下图 到此基本的主页修改完成现在我们来动态显示后台请求到的菜单。将index.jsp页面的菜单部分多余代码删除然后替换为下图代码 动态菜单必须通过后台请求查询得到所以此时我们修改spring-security.xml文件中登录成功后的处理类MyAuthenticationSuccessHandler 的逻辑即保存登录用户信息后重定向到Controller的./system/index请求代码如下
另注释掉spring-security.xml文件中/system/index请求路径的放行配置即需要身份认证成功才能访问。 package com.wqbr.wqdemotwo.service.impl;import com.fasterxml.jackson.databind.ObjectMapper;
import com.wqbr.wqdemotwo.domain.SysUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Service;import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;/*** 登录成功后的处理类* author lv* date 2024年1月16日*/
Service
public class MyAuthenticationSuccessHandler implements AuthenticationSuccessHandler {// new 一个 jackson 的 对象private ObjectMapper objectMapper new ObjectMapper();/*** 此方法会在登录成功后进行回调** param authentication表示认证成功后的信息*/Overridepublic void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {System.out.println(********* onAuthenticationSuccess);HttpSession session request.getSession();System.out.println(session对象session);System.out.println(----session.getId()session.getId());System.out.println(*****session.isNew()session.isNew());try {SysUser user (SysUser) authentication.getPrincipal();session.setAttribute(loginInfo, user);response.sendRedirect(./system/index); //重定向到Controller中指定的路径} catch (Exception e) {e.printStackTrace();}}
}SystemController类中的index方法代码修改如下即./system/index请求的方法 RequestMapping(path /index)public ModelAndView index(Authentication authentication, HttpServletRequest request, HttpServletResponse response) {HttpSession session request.getSession();System.out.println(session对象 session);System.out.println(----session.getId() session.getId());System.out.println(*****session.isNew() session.isNew());System.out.println(index 页面进入......);ModelAndView model new ModelAndView(main/index);SysUser user (SysUser) authentication.getPrincipal();String username user.getUsername();if (username ! null) {ListMenus listMenu new ArrayList();ListSysPermission pList systemService.findPermissionByUsername(username);System.out.println(-----大小为 pList.size());for (SysPermission permission : pList) {if (permission.getResource_type().equals(menu)) {Menus menu new Menus();menu.setId(Long.parseLong(permission.getId()));menu.setName(permission.getName());menu.setParentId(Long.parseLong(permission.getParent_id()));menu.setParentIds(Long.parseLong(permission.getParent_ids()));menu.setUrl(permission.getUrl());listMenu.add(menu);}}model.addObject(listMenu, listMenu);}return model;}
spring-security认证登录成功后获取菜单资源的实现可具体参考前言提到的第二篇文章。
到此已经可以实现登录后获取主页左边的动态菜单显示了运行项目登录后显示效果如下 好了此文章的码字就到此结束了再见
