Springboot統合shiro構成
6388 ワード
1、LifecycleBeanPostProcessor管理ライフサイクルの構成2、ShiroFilterFactoryBeanの構成認証が必要なパスを設定3、shiro Aop注釈をオンにするAuthorizationAttributeSourceAdvisor 4、SecurityManagerの構成カスタムRealm、session、キャッシュRealmのログイン認証の実現、セッション設定のタイムアウト時間の許可、sessionDAOの設定(sessionキャッシュの場所はshiroが持参してもradisを使用してもよい)、sessionモニタキャッシュの設定はshiroがカスタマイズしたものを設定してもよいし、radis shiro Config/***Created by lenovo on 2019/4/2を設定してもよい.*/@Configuration public class shiroConfig {//1、構成LifecycleBeanPostProcessor管理ライフサイクル//2、構成ShiroFilterFactoryBean設定どのパスが認証を必要とするか、どれが//3を必要としないか、shiro Aop注釈をオンにしてAuthorizationAttributeSourceAdvisor//4をサポートするか、構成SecurityManager管理カスタムRealm、session、キャッシュ//Realm実装ログイン認証、許可//session設定タイムアウト時間、設定sessionDAOをセットする(sessionキャッシュの場所はshiroが持参してもradisを使用してもよい)、sessionモニタを設定する//キャッシュはshiroがカスタマイズしたものを設定してもよいし、radisを設定してもよい
UserRealm
統合springboot+spring+mybaits+shrioソースコード:https://github.com/ww520lyx1314/shiro
//session
@Value("${server.session-timeout}")
private int tomcatTimeout;
// shiro bean
@Bean
public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean("shiroFilter")
ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl("/login");
shiroFilterFactoryBean.setSuccessUrl("/index");
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
LinkedHashMap filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/login","anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/docs/**", "anon");
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/upload/**", "anon");
filterChainDefinitionMap.put("/files/**", "anon");/*
filterChainDefinitionMap.put("/logout", "logout");*/
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/blog/open/**", "anon");
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
/**
* shiro aop .
* ; ;
*
* @param securityManager
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
// realm.
securityManager.setRealm(userRealm());
// redis
securityManager.setCacheManager(ehCacheManager());
securityManager.setSessionManager(sessionManager());
return securityManager;
}
// Realm
@Bean
UserRealm userRealm() {
UserRealm userRealm = new UserRealm();
return userRealm;
}
// shiro
@Bean
public SessionDAO sessionDAO() {
return new MemorySessionDAO();
}
/**
* shiro session
*/
@Bean
public DefaultWebSessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
//session
sessionManager.setGlobalSessionTimeout(tomcatTimeout * 1000);
sessionManager.setSessionDAO(sessionDAO());
Collection listeners = new ArrayList();
sessionManager.setSessionListeners(listeners);
return sessionManager;
}
//ehCahe
@Bean
public EhCacheManager ehCacheManager() {
EhCacheManager em = new EhCacheManager();
em.setCacheManager(cacheManager());
return em;
}
@Bean("cacheManager2")
CacheManager cacheManager(){
return CacheManager.create();
}
}
UserRealm
public class UserRealm extends AuthorizingRealm {
/* @Autowired
UserDao userMapper;
@Autowired
MenuService menuService;*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
UserDO usrDo = (UserDO)SecurityUtils.getSubject().getPrincipal();
MenuService menuService = ApplicationContextRegister.getBean(MenuService.class);
Set perms = menuService.listPerms(usrDo.getUserId());
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.setStringPermissions(perms);
return info;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String) token.getPrincipal();
Map map = new HashMap<>(16);
map.put("username", username);
String password = new String((char[]) token.getCredentials());
UserDao userMapper = ApplicationContextRegister.getBean(UserDao.class);
//
UserDO user = userMapper.list(map).get(0);
//
if (user == null) {
throw new UnknownAccountException(" ");
}
//
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException(" ");
}
//
if (user.getStatus() == 0) {
throw new LockedAccountException(" , ");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
統合springboot+spring+mybaits+shrioソースコード:https://github.com/ww520lyx1314/shiro