shiro :spring整合shiro
阿新 • • 發佈:2020-12-27
1.導包
<!--shiro整合spring--> <!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.7.0</version> </dependency>
2.搭建基本環境
知識點回顧:
如何宣告自定義類是配置類? @Configuration
如何將自定義配置類的方法交給spring託管? @Bean
如何在springioc容器中指定@Bean?@Qualifier(裝配指定的@Bean)
2.1建立shiro配置類
2.1.1shiro配置類
@Configuration public class ShiroConfig { //ShiroFilterFactoryBean工廠:3 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("getDefaultWebSecurityManager") DefaultWebSecurityManager defaultWebSecurityManager){ ShiroFilterFactoryBean bean= new ShiroFilterFactoryBean(); //設定安全管理器 bean.setSecurityManager(defaultWebSecurityManager); //新增shiro內建過濾器 /* * anon:無需認證就能訪問 * authc:必須認證才能訪問 * user:必須擁有記住我功能才能使用 * perms:擁有對某個資源的許可權才能訪問 * role:擁有某個角色許可權才能訪問 * */ Map<String, String> filterMap=new LinkedHashMap<>(); //這裡面的路徑是請求路徑 filterMap.put("/user/add","authc"); filterMap.put("/user/update","authc"); bean.setFilterChainDefinitionMap(filterMap); //設定登入請求 bean.setLoginUrl("/toLogin"); return bean; } //DefaultWebSecurityManager:2 //@Qualifier作用,繫結指定的spring容器裡的bean @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm")UserRealm userRealm){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //關聯userRealm securityManager.setRealm(userRealm); return securityManager; } //建立 realm 物件,需要自定義類 :1 @Bean(name = "userRealm")//被spring容器接管 public UserRealm userRealm(){ return new UserRealm(); } }
2.1.2自定義UserRealm
package com.king.config; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; //自定義的 UserRealm public class UserRealm extends AuthorizingRealm { //授權 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println("執行了=>授權AuthorizationInfo"); return null; } //認證 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { System.out.println("執行了=>認證AuthenticationInfo"); return null; } }
2.2測試,Controlelr+View
package com.king.controller; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; @Controller public class MyController { //首頁 @RequestMapping({"/","/index"}) public String toIndex(Model model){ model.addAttribute("msg","Hello shiro"); return "index"; } @RequestMapping("user/add") public String add(){ return "user/add"; } @RequestMapping("user/update") public String update(){ return "user/update"; } @RequestMapping("toLogin") public String toLogin(){ return "login"; } }
檢視