1. 程式人生 > >SpringBoot 整合shiro的簡單應用

SpringBoot 整合shiro的簡單應用

寫在前面,本次 SpringBoot 整合shiro 用的是 shiro-spring 更優雅的方式應該是 shiro-spring-boot-starter ,這個整合詳見官網教程:https://shiro.apache.org/spring-boot.html

好了,下面是本次整合的教程。

二.然後就是加入依賴

<dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <!--shiro  和 spring 整合依賴-->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.0</version>
        </dependency>

三.建立shiro的pe配置類

@Configuration
@Data
public class ShiroConfig {

    /*這個map用來控制url需要哪些許可權,key是路徑,value是需要的許可權*/
    @Bean("filterChainDefinitionMap")
    public LinkedHashMap<String, String> getFilterChainDefinitionMap() {
        LinkedHashMap<String, String> map = new LinkedHashMap();
        map.put("/index", "anon");
        map.put("/userLogin", "anon");
        map.put("/add", "perms[user:add]");//新增頁面一定要有user:add這個許可權
        map.put("/*", "authc");
        return map;
    }


    /*建立ShiroFilterFactoryBean*/
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager,
                                                            @Qualifier("filterChainDefinitionMap") LinkedHashMap map) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //設定安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //設計登陸頁面
        shiroFilterFactoryBean.setLoginUrl("/login");
        //新增shiro內建過濾器
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }


    /*建立 DefaultWebSecurityManager*/
    @Bean("securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(userRealm);
        return defaultWebSecurityManager;
    }

    /*建立Realm*/
    @Bean("userRealm")
    public UserRealm getRealm() {
        return new UserRealm();
    }
}

四.建立一個Realm,這個類是用來授權和認證的

public class UserRealm extends AuthorizingRealm {
    /*授權*/
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principalCollection) {
        System.out.println("授權 ");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //獲取當前使用者
        Subject currentUser = SecurityUtils.getSubject();
        //強轉
        User u = (User) currentUser.getPrincipal();
        if (u.getUserName().equals("tom")) {
            info.addStringPermission("user:add");
        }

        return info;
    }

    /*認證,就是登陸*/
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("認證");
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //這個應該獲取資料庫中的資料,然後進行比對
        User user = new User();
        user.setPassword(token.getPassword().toString());
        user.setUserName(token.getUsername().toString());
        //比對的過程由shiro幫我們完成,密碼為123就可以登入,你可以點進去看其他都建構函式,這裡用一個比較簡單的
        //這裡把user傳進去,然後再授權的時候可以獲取這個user物件,在26行
        return new SimpleAuthenticationInfo(user, "123", getName());
    }
}

五.然後就是簡單的跳轉和一些靜態頁面

這裡就不一一貼出來了

如有錯誤,請海涵。