溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章給大家分享的是有關springboot集成shiro的示例分析的內容。小編覺得挺實用的,因此分享給大家做個參考,一起跟隨小編過來看看吧。
我們開發時候有時候要把傳統spring shiro轉成spring boot項目,或者直接集成,name我們要搞清楚一個知識,就是 xml配置和spring bean代碼配置的關系,這一點很重要,因為spring boot是沒有xml配置文件的(也不絕對,spring boot也是可以引用xml配置的)
引入依賴:
<dependency> <artifactId>ehcache-core</artifactId> <groupId>net.sf.ehcache</groupId> <version>2.5.0</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-ehcache</artifactId> <version>1.2.2</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> <version>1.7.25</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-web</artifactId> <version>1.2.3</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.2.3</version> </dependency>
如果你出現錯誤 找不到slf4j,引入依賴
<dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> <version>1.7.25</version> </dependency>
傳統xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"> <context:component-scan base-package="com.len"/> <!--定義realm--> <bean id="myRealm" class="com.len.core.shiro.LoginRealm"> <property name="credentialsMatcher" ref="credentialsMatcher"/> </bean> <bean id="permissionFilter" class="com.len.core.filter.PermissionFilter"/> <!--目前去掉自定義攔截驗證 由個人處理登錄業務--> <!--<bean id="customAdvicFilter" class="com.len.core.filter.CustomAdvicFilter"> <property name="failureKeyAttribute" value="shiroLoginFailure"/> </bean>--> <bean id="verfityCodeFilter" class="com.len.core.filter.VerfityCodeFilter"> <property name="failureKeyAttribute" value="shiroLoginFailure"/> <property name="jcaptchaParam" value="code"/> <property name="verfitiCode" value="true"/> </bean> <!-- Shiro過濾器 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <property name="loginUrl" value="/login"/> <property name="unauthorizedUrl" value="/goLogin" /> <property name="filters"> <map> <entry key="per" value-ref="permissionFilter"/> <entry key="verCode" value-ref="verfityCodeFilter"/> <!--<entry key="main" value-ref="customAdvicFilter"/>--> </map> </property> <property name="filterChainDefinitions"> <value> <!-- /** = anon所有url都可以匿名訪問 --> /login = verCode,anon /getCode = anon /logout = logout /plugin/** = anon <!-- /** = authc 所有url都必須認證通過才可以訪問--> /user/**=per <!-- /login = main--> /** = authc </value> </property> </bean> <!--安全管理器--> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="myRealm"/> <property name="cacheManager" ref="cacheManager" /> <!--<property name="rememberMeManager" ref="rememberMeManager" />--> </bean> <!-- 憑證匹配器 --> <bean id="credentialsMatcher" class="com.len.core.shiro.RetryLimitCredentialsMatcher"> <constructor-arg index="0" ref="cacheManager"/> <constructor-arg index="1" value="5"/> <property name="hashAlgorithmName" value="md5"/> <property name="hashIterations" value="4"/> </bean> <!--緩存--> <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> <property name="cacheManagerConfigFile" value="classpath:ehcache/ehcache.xml"/> </bean> <!--開啟注解--> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> <property name="securityManager" ref="securityManager" /> </bean> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> </beans>
轉換成bean 新建類ShiroConfig
@Configuration
public class ShiroConfig {
@Bean
public RetryLimitCredentialsMatcher getRetryLimitCredentialsMatcher(){
RetryLimitCredentialsMatcher rm=new RetryLimitCredentialsMatcher(getCacheManager(),"5");
rm.setHashAlgorithmName("md5");
rm.setHashIterations(4);
return rm;
}
@Bean
public LoginRealm getLoginRealm(){
LoginRealm realm= new LoginRealm();
realm.setCredentialsMatcher(getRetryLimitCredentialsMatcher());
return realm;
}
@Bean
public EhCacheManager getCacheManager(){
EhCacheManager ehCacheManager=new EhCacheManager();
ehCacheManager.setCacheManagerConfigFile("classpath:ehcache/ehcache.xml");
return ehCacheManager;
}
@Bean
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean(name="securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(){
DefaultWebSecurityManager dwm=new DefaultWebSecurityManager();
dwm.setRealm(getLoginRealm());
dwm.setCacheManager(getCacheManager());
return dwm;
}
@Bean
public PermissionFilter getPermissionFilter(){
PermissionFilter pf=new PermissionFilter();
return pf;
}
@Bean
public VerfityCodeFilter getVerfityCodeFilter(){
VerfityCodeFilter vf= new VerfityCodeFilter();
vf.setFailureKeyAttribute("shiroLoginFailure");
vf.setJcaptchaParam("code");
vf.setVerfitiCode(true);
return vf;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(){
ShiroFilterFactoryBean sfb = new ShiroFilterFactoryBean();
sfb.setSecurityManager(getDefaultWebSecurityManager());
sfb.setLoginUrl("/login");
sfb.setUnauthorizedUrl("/goLogin");
Map<String, Filter> filters=new HashMap<>();
filters.put("per",getPermissionFilter());
filters.put("verCode",getVerfityCodeFilter());
sfb.setFilters(filters);
Map<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/login","verCode,anon");
//filterMap.put("/login","anon");
filterMap.put("/getCode","anon");
filterMap.put("/logout","logout");
filterMap.put("/plugin/**","anon");
filterMap.put("/user/**","per");
filterMap.put("/**","authc");
sfb.setFilterChainDefinitionMap(filterMap);
return sfb;
}
@Bean
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
advisorAutoProxyCreator.setProxyTargetClass(true);
return advisorAutoProxyCreator;
}
@Bean
public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){
AuthorizationAttributeSourceAdvisor as=new AuthorizationAttributeSourceAdvisor();
as.setSecurityManager(getDefaultWebSecurityManager());
return as;
}
@Bean
public FilterRegistrationBean delegatingFilterProxy(){
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
DelegatingFilterProxy proxy = new DelegatingFilterProxy();
proxy.setTargetFilterLifecycle(true);
proxy.setTargetBeanName("shiroFilter");
filterRegistrationBean.setFilter(proxy);
return filterRegistrationBean;
}其中有個別類是自定義的攔截器和 realm,此時spring 即能注入shiro 也就是 spring boot集成上了 shiro
如果你因為其他配置引起一些失敗,可以參考開源項目 lenos快速開發腳手架 spring boot版本,其中有對shiro的集成。
感謝各位的閱讀!關于“springboot集成shiro的示例分析”這篇文章就分享到這里了,希望以上內容可以對大家有一定的幫助,讓大家可以學到更多知識,如果覺得文章不錯,可以把它分享出去讓更多的人看到吧!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
