您好,登錄后才能下訂單哦!
這篇文章主要介紹“怎么用Springboot快速整合shiro安全框架”,在日常操作中,相信很多人在怎么用Springboot快速整合shiro安全框架問題上存在疑惑,小編查閱了各式資料,整理出簡單好用的操作方法,希望對大家解答”怎么用Springboot快速整合shiro安全框架”的疑惑有所幫助!接下來,請跟著小編一起來學習吧!
咱們先來普及一下什么是shiro,shiro原名Apache Shiro 是一個Java 的安全(權限)框架。Shiro 可以非常容易的開發出足夠好的應用,其不僅可以用在JavaSE環境,也可以用在JavaEE環境。Shiro可以完成,認證,授權,加密,會話管理,Web集成,緩存等高級應用。如圖看shiro的功能和架構圖:
話不多說,Springboot整合shiro,咱們直接上代碼
pom.xml文件
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.6.11</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.example</groupId> <artifactId>demo02</artifactId> <version>0.0.1-SNAPSHOT</version> <name>demo02</name> <description>demo02</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.1</version> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.0</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>8.0.31</version> </dependency> <!-- https://mvnrepository.com/artifact/log4j/log4j --> <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> <version>1.2.17</version> </dependency> <!-- https://mvnrepository.com/artifact/com.alibaba/druid --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.12</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <version>1.18.18</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.thymeleaf</groupId> <artifactId>thymeleaf</artifactId> </dependency> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-java8time</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>com.github.theborakompanioni</groupId> <artifactId>thymeleaf-extras-shiro</artifactId> <version>2.0.0</version> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.8.1</version> <configuration> <source>1.8</source> <target>1.8</target> <encoding>UTF-8</encoding> </configuration> </plugin> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>
然后我們建立一個數據庫
/*
Navicat MySQL Data Transfer
Source Server :
Source Server Version : 80030
Source Host : localhost:3306
Source Database : mybatis
Target Server Type : MYSQL
Target Server Version : 80030
File Encoding : 65001
Date: 2023-03-14 18:00:05
*/
SET FOREIGN_KEY_CHECKS=0;
– Table structure for user
DROP TABLE IF EXISTS user
;
CREATE TABLE user
(id
int NOT NULL AUTO_INCREMENT,name
varchar(255) DEFAULT NULL,pwd
varchar(255) DEFAULT NULL,perms
varchar(100) DEFAULT NULL,
PRIMARY KEY (id
)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
– Records of user
INSERT INTO user
VALUES (‘1’, ‘qin’, ‘d1b129656359e35e95ebd56a63d7b9e0’, ‘user:add’);
INSERT INTO user
VALUES (‘2’, ‘hai’, ‘123’, ‘user:insert’);
INSERT INTO user
VALUES (‘3’, ‘root’, ‘d1b129656359e35e95ebd56a63d7b9e0’, ‘user:update’);
application.yml文件
spring: datasource: username: xxxx password: xxxxxxxxxxxx url: jdbc:mysql://localhost:3306/mybatis driver-class-name: com.mysql.cj.jdbc.Driver type: com.alibaba.druid.pool.DruidDataSource mybatis: mapper-locations: classpath:mapper/*tat.slowSqlMillis=500
controller層MyController類
package com.example.demo02.controller; import lombok.extern.slf4j.Slf4j; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; @Controller @Slf4j public class MyController { @RequestMapping("/") public String toIndex(Model model){ model.addAttribute("msg","hello,shiro"); return "login"; } @RequestMapping("/user/add") public String add(){ return "user/add"; } @RequestMapping("/user/update") public String update(){ return "user/update"; } @RequestMapping("/toLogin") public String toLogin(){ return "login"; } @RequestMapping("/noauth") @ResponseBody public String noAuth(){ return "未經授權不能訪問此頁面"; } //登錄操作 @RequestMapping("/login") public String login(String username, String password, @RequestParam(defaultValue = "false")boolean rememberMe,Model model){ //使用shiro,編寫認證操作 //1. 獲取Subject Subject subject = SecurityUtils.getSubject(); //2. 封裝用戶的數據 UsernamePasswordToken token = new UsernamePasswordToken(username, password,rememberMe); //3. 執行登錄的方法,只要沒有異常就代表登錄成功! try { subject.login(token); //登錄成功!返回首頁 System.out.println("輸出認證成功跳轉頁面"); return "index"; } catch (UnknownAccountException e) { //用戶名不存在 model.addAttribute("msg","用戶名不存在"); return "login"; } catch (IncorrectCredentialsException e) { //密碼錯誤 model.addAttribute("msg","密碼錯誤"); return "login"; } } }
pojo層User
package com.example.demo02.pojo; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; @Data @AllArgsConstructor @NoArgsConstructor public class User { private int id; private String name; private String pwd; private String perms; }
config層配置兩個類
第一個類ShiroConfig
package com.example.demo02.config; import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.LinkedHashMap; import java.util.Map; //聲明為配置類 @Configuration public class ShiroConfig { //創建 ShiroFilterFactoryBean @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //設置安全管理器 shiroFilterFactoryBean.setSecurityManager(securityManager); /* 添加Shiro內置過濾器,常用的有如下過濾器: anon: 無需認證就可以訪問 authc: 必須認證才可以訪問 user: 如果使用了記住我功能就可以直接訪問 perms: 擁有某個資源權限才可以訪問 role: 擁有某個角色權限才可以訪問 * / */ //進行一個攔截 Map<String,String> filterMap = new LinkedHashMap<String, String>(); // filterMap.put("/user/add","authc"); // filterMap.put("/user/update","authc"); //授權 // filterMap.put("/user/add","perms[user:add]"); //大家記得注意順序! filterMap.put("/user/add","perms[user:add]"); filterMap.put("/user/update","perms[user:update]"); filterMap.put("/user/*","authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap); shiroFilterFactoryBean.setLoginUrl("/toLogin"); //未授權頁面 shiroFilterFactoryBean.setUnauthorizedUrl("/noauth"); return shiroFilterFactoryBean; } //創建 DefaultWebSecurityManager @Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealm userRealm){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //2創建加密對象,設置相關屬性 HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); //2.1采用md5加密 matcher.setHashAlgorithmName("md5"); //2.2迭代加密次數 matcher.setHashIterations(3); //3將加密對象存儲到myRealm中 userRealm.setCredentialsMatcher(matcher); //關聯Realm securityManager.setRealm(userRealm); return securityManager; } //創建 realm 對象 @Bean public UserRealm userRealm(){ return new UserRealm(); } //配置ShiroDialect:方言,用于 thymeleaf 和 shiro 標簽配合使用 @Bean public ShiroDialect getShiroDialect(){ return new ShiroDialect(); } }
UserRealm
package com.example.demo02.config; import com.example.demo02.pojo.User; import com.example.demo02.service.UserService; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import java.util.List; //自定義得UserRaelm public class UserRealm extends AuthorizingRealm { @Autowired UserService userService; //授權 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println("執行了=》授權doGetAuthorizationInfo"); SimpleAuthorizationInfo info=new SimpleAuthorizationInfo(); // info.addStringPermission("user:update"); info.addStringPermission("user:add"); //拿到當前用戶登陸對象 Subject subject= SecurityUtils.getSubject(); User currentUser= (User) subject.getPrincipal();//拿到User對象 info.addStringPermission(currentUser.getPerms());//設置當前用戶對象 return info; } //執行認證邏輯 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { System.out.println("執行了=>認證邏輯AuthenticationToken"); //假設數據庫的用戶名和密碼 // String name = "root"; // String password = "123456"; //1.判斷用戶名 UsernamePasswordToken userToken = (UsernamePasswordToken)token; //連接真實的數據庫 User user= userService.queryUserByName(userToken.getUsername()); // if(user==null){ return null; } Subject subject = SecurityUtils.getSubject(); subject.getSession().setAttribute("loginUser",user); //2. 驗證密碼,我們可以使用一個AuthenticationInfo實現類SimpleAuthenticationInfo // shiro會自動幫我們驗證!重點是第二個參數就是要驗證的密碼! return new SimpleAuthenticationInfo(user, user.getPwd(),ByteSource.Util.bytes("salt"),""); // if(user !=null){ // AuthenticationInfo info = new SimpleAuthenticationInfo( // token.getPrincipal(), // user.getPwd(), // ByteSource.Util.bytes("salt"), // token.getPrincipal().toString() // ); // return info; // } // return null; } }
service層
先是類UserServiceImpl
package com.example.demo02.service; import com.example.demo02.mapper.UserMapper; import com.example.demo02.pojo.User; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @Service public class UserServiceImpl implements UserService { @Autowired UserMapper userMapper; @Override public User queryUserByName(String name) { return userMapper.queryUserByName(name); } }
再是接口UserService
package com.example.demo02.service; import com.example.demo02.pojo.User; public interface UserService { public User queryUserByName(String name); }
mapper層
接口Usermapper
package com.example.demo02.mapper; import com.example.demo02.pojo.User; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select; import org.springframework.stereotype.Repository; @Repository //@Mapper public interface UserMapper { @Select("select * from user where name=#{name}") public User queryUserByName(@Param("name") String name); }
再就是前端resources里面的static和templates
后端實現鑒權圖
存入數據庫的數據為加密文件
到此,關于“怎么用Springboot快速整合shiro安全框架”的學習就結束了,希望能夠解決大家的疑惑。理論與實踐的搭配能更好的幫助大家學習,快去試試吧!若想繼續學習更多相關知識,請繼續關注億速云網站,小編會繼續努力為大家帶來更多實用的文章!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。