Spring java配置shiro動態數據庫權限
public class SpringShiroConfig {
@Bean
public EhCacheManager ehCacheManager() {
EhCacheManager ehCacheManager = new EhCacheManager();
ehCacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
return ehCacheManager;
}
// @Bean(name = "passwordService")
// public PasswordService passwordService() {
// DefaultPasswordService passwordService = new DefaultPasswordService();
// return passwordService;
// }
@Bean(name = "jdbcUserRealm")
public AuthorizingRealm jdbcUserRealm() {
AuthorizingRealm realm = new JdbcUserRealm();
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName("md5");
credentialsMatcher.setHashIterations(2);
credentialsMatcher.setStoredCredentialsHexEncoded(true);
realm.setCredentialsMatcher(credentialsMatcher);
return realm;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager securityManager(@Qualifier("jdbcUserRealm") Realm jdbcUserRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(jdbcUserRealm);
return securityManager;
}
@Bean(name = "formAuthenticationFilter")
public FormAuthenticationFilter formAuthenticationFilter() {
FormAuthenticationFilter filter = new FormAuthenticationFilter();
filter.setLoginUrl("/admin/login");
return filter;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilterFactoryBean(
@Qualifier("securityManager")SecurityManager securityManager,
@Qualifier("formAuthenticationFilter")FormAuthenticationFilter filter,
@Qualifier("permissionMapper")PermissionMapper permissionMapper) {
//ShiroFilterFactoryBean
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setLoginUrl("/admin/login");
shiroFilterFactoryBean.setSuccessUrl("/admin/main");
shiroFilterFactoryBean.setUnauthorizedUrl("/admin/unauthorized");
shiroFilterFactoryBean.setSecurityManager(securityManager);
// shiroFilterFactoryBean.setFilterChainDefinitions(
// "/admin/login = anon\n" +
// "/admin/logout = logout\n" +
// "/** = user\n" +
// "/resources/** = anon\n"
// );
Map<String, String> filterChainDefinitionMap = new HashMap<>();
filterChainDefinitionMap.put("/**", "user");
filterChainDefinitionMap.put("/resources/**", "anon");
filterChainDefinitionMap.put("/admin/login", "anon");
filterChainDefinitionMap.put("/admin/logout", "logout");
//database url permissions
List<Permission> permissionList = permissionMapper.listAll();
if(permissionList != null) {
permissionList.stream().filter(perm -> StringUtils.isNotBlank(perm.getUrl())).forEach(perm -> {
//"authc, roles[admin,user], perms[file:edit]"
String perms = perm.getPerms();
String permissionChain = genChainDefinitionString(perms, "perms");
String roles = perm.getRoles();
String roleChain = genChainDefinitionString(roles, "roles");
StringBuilder chainMerge = new StringBuilder();
boolean hasPerms = false;
if(StringUtils.isNotBlank(permissionChain)) {
chainMerge.append(permissionChain);
hasPerms = true;
}
if(StringUtils.isNotBlank(roleChain)) {
if(hasPerms) {
chainMerge.append(",");
}
chainMerge.append(roleChain);
hasPerms = true;
}
if(hasPerms) {
filterChainDefinitionMap.put(perm.getUrl(), chainMerge.toString());
}
});
}
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
//filters
Map<String, Filter> filters = new HashMap<>();
filters.put("authc", filter);
shiroFilterFactoryBean.setFilters(filters);
return shiroFilterFactoryBean;
}
/**
*
* @param permissionStr Splits by the comma-delimited
* @param filterName {@link org.apache.shiro.web.filter.mgt.DefaultFilter}
* @return
*/
private String genChainDefinitionString(String permissionStr, String filterName) {
StringBuilder chainDefinitionBuilder = new StringBuilder();
if(StringUtils.isNotBlank(permissionStr)) {
boolean isFirst = true;
for(String perm : permissionStr.split(",")) {
if(isFirst) {
isFirst = false;
} else {
chainDefinitionBuilder.append(",");
}
chainDefinitionBuilder.append(filterName).append("[").append(perm).append("]");
}
}
return chainDefinitionBuilder.toString();
}
}
java配置很是的簡單,若是用xml配置還要繼承DefaultFilterChainManager,配置起來有點繞(由於xml沒辦法拿到數據中的權限配置)java
xml配置能夠參考http://jinnianshilongnian.iteye.com/blog/2040929web
相關文章
- 1. shiro權限配置
- 2. spring security動態配置url權限
- 3. Shiro使用數據庫表配置權限
- 4. SpringMvc + Shiro[數據庫存權限] 配置 ;[附git.oschina的項目地址]
- 5. SpringBoot2.x配置Shiro實現權限管理,根據URL鑑權
- 6. springBoot2.0 配置shiro實現權限管理
- 7. spring+shiro權限判斷
- 8. Spring Boot Shiro權限控制
- 9. spring boot shiro權限管理
- 10. Shiro總結一架構,動態權限配置,登陸認證明現
- 更多相關文章...
- • IP地址分配(靜態分配+動態分配+零配置) - TCP/IP教程
- • Spring自動裝配Bean - Spring教程
- • Flink 數據傳輸及反壓詳解
- • IDEA下SpringBoot工程配置文件沒有提示
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 安裝cuda+cuDNN
- 2. GitHub的使用說明
- 3. phpDocumentor使用教程【安裝PHPDocumentor】
- 4. yarn run build報錯Component is not found in path 「npm/taro-ui/dist/weapp/components/rate/index「
- 5. 精講Haproxy搭建Web集羣
- 6. 安全測試基礎之MySQL
- 7. C/C++編程筆記:C語言中的複雜聲明分析,用實例帶你完全讀懂
- 8. Python3教程(1)----搭建Python環境
- 9. 李宏毅機器學習課程筆記2:Classification、Logistic Regression、Brief Introduction of Deep Learning
- 10. 阿里雲ECS配置速記
歡迎關注本站公眾號,獲取更多信息
