實例:
spring-shiro.xml
|
1
2
3
|
/admin/repairType/index = roles[
"ROLE_ADMIN"
]
/admin/user=roles[
"ROLE_ADMIN"
]
/admin/complaint/list= roles[
"ROLE_SERVICE,ROLE_ADMIN"
]
|
jsp頁面:
|
1
2
3
4
5
6
7
8
9
|
<
shiro:hasRole
name="ROLE_ADMIN">
<
li
class="user"><
a
href="${ctx}/admin/user">用戶</
a
></
li
>
</
shiro:hasRole
>
<
shiro:hasAnyRoles
name="ROLE_ADMIN,ROLE_SERVICE">
<
li
class="complaint"><
a
href="${ctx}/admin/complaint/list">服務</
a
></
li
>
</
shiro:hasAnyRoles
>
<
shiro:hasRole
name="ROLE_ADMIN">
<
li
class="system"><
a
href="${ctx}/admin/repairType/index">系統設置</
a
></
li
>
</
shiro:hasRole
>
|
在使用Shiro標簽庫前,首先需要在JSP引入shiro標簽:
|
1
|
<%@ taglib prefix=
"shiro"
uri=
"http://shiro.apache.org/tags"
%>
|
1、介紹Shiro的標簽guest標簽 :驗證當前用戶是否為“訪客”,即未認證(包含未記住)的用戶。
|
1
2
3
4
5
|
<shiro:guest>
Hi there! Please <a href=
"login.jsp"
>Login</a> or <a href=
"signup.jsp"
>Signup</a> today!
</shiro:guest>
|
2、user標簽 :認證通過或已記住的用戶。
|
1
2
3
4
5
|
<shiro:user>
Welcome back John! Not John? Click <a href=
"login.jsp"
>here<a> to login.
</shiro:user>
|
3、authenticated標簽 :已認證通過的用戶。不包含已記住的用戶,這是與user標簽的區別所在。
|
1
2
3
4
5
|
<shiro:authenticated>
<a href=
"updateAccount.jsp"
>Update your contact information</a>.
</shiro:authenticated>
|
4、notAuthenticated標簽 :未認證通過用戶,與authenticated標簽相對應。與guest標簽的區別是,該標簽包含已記住用戶。
|
1
2
3
4
5
|
<shiro:notAuthenticated>
Please <a href=
"login.jsp"
>login</a> in order to update your credit card information.
</shiro:notAuthenticated>
|
5、principal 標簽 :輸出當前用戶信息,通常為登錄帳號信息。
|
1
|
Hello, <shiro:principal/>, how are you today?
|
6、hasRole標簽 :驗證當前用戶是否屬於該角色。
|
1
2
3
4
5
|
<shiro:hasRole name=
"administrator"
>
<a href=
"admin.jsp"
>Administer the system</a>
</shiro:hasRole>
|
7、lacksRole標簽 :與hasRole標簽邏輯相反,當用戶不屬於該角色時驗證通過。
|
1
2
3
4
5
|
<shiro:lacksRole name=
"administrator"
>
Sorry, you are not allowed to administer the system.
</shiro:lacksRole>
|
8、hasAnyRole標簽 :驗證當前用戶是否屬於以下任意一個角色。
|
1
2
3
4
5
|
<shiro:hasAnyRoles name=
"developer, project manager, administrator"
>
You are either a developer, project manager, or administrator.
</shiro:lacksRole>
|
9、hasPermission標簽 :驗證當前用戶是否擁有指定權限。
|
1
2
3
4
5
|
<shiro:hasPermission name=
"user:create"
>
<a href=
"createUser.jsp"
>Create a
new
User</a>
</shiro:hasPermission>
|
10、lacksPermission標簽 :與hasPermission標簽邏輯相反,當前用戶沒有制定權限時,驗證通過。
|
1
2
3
4
5
|
<shiro:hasPermission name=
"user:create"
>
<a href=
"createUser.jsp"
>Create a
new
User</a>
</shiro:hasPermission>
|