这里用的是SpringMVC-3.2.4和Shiro-1.2.2，示例代码如下

首先是web.xml

[html]  view plain  copy

print ?

2. <web-app version="2.5"

3. xmlns="http://java.sun.com/xml/ns/javaee"

4. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

5. xsi:schemaLocation="http://java.sun.com/xml/ns/javaee

6. http://java.sun.com/xml/ns/javaee/web-app\_2\_5.xsd"\>

11. <context-param>

12. <param-name>contextConfigLocation</param-name>

13. <param-value>classpath:applicationContext.xml</param-value>

14. </context-param>

17. <listener>

18. <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>

19. </listener>

25. <listener>

26. <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

27. </listener>

31. <filter>

32. <filter-name>SpringEncodingFilter</filter-name>

33. <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>

34. <init-param>

35. <param-name>encoding</param-name>

36. <param-value>UTF-8</param-value>

37. </init-param>

38. <init-param>

39. <param-name>forceEncoding</param-name>

40. <param-value>true</param-value>

41. </init-param>

42. </filter>

43. <filter-mapping>

44. <filter-name>SpringEncodingFilter</filter-name>

45. <url-pattern>/*</url-pattern>

46. </filter-mapping>

51. <filter>

52. <filter-name>shiroFilter</filter-name>

53. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

54. <init-param>

56. <param-name>targetFilterLifecycle</param-name>

57. <param-value>true</param-value>

58. </init-param>

59. </filter>

60. <filter-mapping>

61. <filter-name>shiroFilter</filter-name>

62. <url-pattern>/*</url-pattern>

63. </filter-mapping>

65. <servlet>

66. <servlet-name>SpringMVC</servlet-name>

67. <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>

68. <init-param>

69. <param-name>contextConfigLocation</param-name>

70. <param-value>classpath:applicationContext.xml</param-value>

71. </init-param>

72. </servlet>

73. <servlet-mapping>

74. <servlet-name>SpringMVC</servlet-name>

75. <url-pattern>/</url-pattern>

76. </servlet-mapping>

83. <context:component-scan base-package="com.jadyer"/>

85. mvc:annotation-driven/

88. <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">

89. <property name="prefix" value="/"/>

90. <property name="suffix" value=".jsp"/>

91. </bean>

93. <mvc:view-controller path="/" view-name="forward:/login.jsp"/>

97. <mvc:resources mapping="/js/**" location="/resources/js/"/>

98. <mvc:resources mapping="/css/**" location="/resources/css/"/>

99. <mvc:resources mapping="/WEB-INF/**" location="/WEB-INF/"/>

102. <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">

103. <property name="exceptionMappings">

104. <props>

106. <prop key="org.springframework.web.multipart.MaxUploadSizeExceededException">WEB-INF/error_fileupload</prop>

108. <prop key="java.lang.Throwable">WEB-INF/500</prop>

109. </props>

110. </property>

111. </bean>

113. <bean id="myRealm" class="com.jadyer.realm.MyRealm"/>

117. <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">

118. <property name="realm" ref="myRealm"/>

119. </bean>

122. <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">

124. <property name="securityManager" ref="securityManager"/>

126. <property name="loginUrl" value="/"/>

131. <property name="unauthorizedUrl" value="/"/>

137. <property name="filterChainDefinitions">

138. <value>

139. /mydemo/login=anon

140. /mydemo/getVerifyCodeImage=anon

141. /main**=authc

142. /user/info**=authc

143. /admin/listUser**=authc,perms[admin:manage]

144. </value>

145. </property>

146. </bean>

148. <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>