springboot 與 shiro 整合 (簡潔版)
前言:
網上有不少springboot 與 shiro 整合的資料,有些確實寫得很好, 對學習shiro和springboot 都有很大的幫助。 有些朋友比較省事, 直接轉發或者複製粘貼。可是沒有通過本身鍵盤敲打過的代碼, 不是本身的代碼。因此, 我這裏就來記錄一個簡潔版的。 不牽涉db的。 廢話很少說, 開始。web
一. jar包引入
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-autoconfigure -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.4.0</version>
<exclusions>
<exclusion>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- 因爲前面的包裏面不包含這個,因此要單獨引入, 若是不引入, shiro的權限註解不起做用 -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>5.0.7.RELEASE</version>
</dependency>
二. MyShiroRealm
public class MyShiroRealm extends AuthorizingRealm { //角色權限和對應權限添加 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //獲取登陸用戶名 String name = (String) principalCollection.getPrimaryPrincipal(); //添加角色和權限 SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); //添加角色 simpleAuthorizationInfo.addRole("admin"); //添加權限 simpleAuthorizationInfo.addStringPermission("create"); return simpleAuthorizationInfo; } //用戶認證 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken atoken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) atoken; String name = token.getUsername(); if (name == null) { return null; }//這裏驗證authenticationToken和simpleAuthenticationInfo的信息 SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(name, "123456", getName()); return simpleAuthenticationInfo; } }
這裏因爲沒有鏈接數據庫, 因此一些動態的地方, 直接寫死。spring
三. 配置文件
@Configuration public class ShiroConfiguration { //將本身的驗證方式加入容器 @Bean public MyShiroRealm myShiroRealm() { MyShiroRealm myShiroRealm = new MyShiroRealm(); return myShiroRealm; } //權限管理,配置主要是Realm的管理認證 @Bean public org.apache.shiro.mgt.SecurityManager securityManager(CacheManager cacheManager, SessionManager sessionManager) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setSessionManager(sessionManager); securityManager.setRealm(myShiroRealm()); securityManager.setCacheManager(cacheManager); return securityManager; } //Filter工廠,設置對應的過濾條件和跳轉條件 @Bean public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); Map<String,String> map = new HashMap<String, String>(); //登出 map.put("/logout","logout"); map.put("/doLogin", "anon");//對全部用戶認證 map.put("/**","authc"); //登陸 shiroFilterFactoryBean.setLoginUrl("/login"); //首頁 shiroFilterFactoryBean.setSuccessUrl("/index"); //錯誤頁面,認證不經過跳轉 shiroFilterFactoryBean.setUnauthorizedUrl("/error"); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } //加入註解的使用,不加入這個註解不生效 @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor; } @Bean public CacheManager cacheManager(){ return new EhCacheManager(); } @Bean public SessionDAO sessionDAO(){ return new EnterpriseCacheSessionDAO(); } @Bean public SessionManager sessionManager(SessionDAO sessionDAO){ DefaultWebSessionManager manager = new DefaultWebSessionManager(); manager.setSessionDAO(sessionDAO); manager.setGlobalSessionTimeout(3600000); manager.setSessionValidationInterval(3600000); return manager; } }
四. 控制器
@RestController public class LoginController { @GetMapping("/login") public String login(){ return "need login"; } /登陸 @GetMapping("/doLogin") public String doLogin(String uid, String pwd){ //添加用戶認證信息 Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(uid,pwd); try{ //進行驗證,這裏能夠捕獲異常,而後返回對應信息 subject.login(token); } catch(Exception e){ return "login failed"; } return "login success"; } @RequestMapping(value = "/index") public String index(){ return "index"; } //登出 @RequestMapping(value = "/logout") public String logout(){ return "logout"; } //錯誤頁面展現 @GetMapping("/error") public String error(){ return "error ok!"; } @RequiresRoles("admin") @RequiresPermissions("create") @RequestMapping(value = "/create") public String create(){ return "Create success!"; } @RequiresPermissions("detail") @RequestMapping(value = "/detail") public String detail(){ return "uid"; } }
到這裏, 代碼就敲完了。數據庫
application.yml裏面, 只要兩行代碼:apache
server:springboot
port: 8080session
五. 結果檢驗
1. 訪問頁面: http://localhost:8080/doLogin?uid=abc&pwd=123456
2. 訪問: http://localhost:8080/createapp
3. 訪問: http://localhost:8080/detailide
相關文章
- 1. SpringBoot整合Shiro(完整版)
- 2. springboot整合ueditor 後端篇(簡潔版)
- 3. SpringBoot與Shiro整合-概述
- 4. SpringBoot - Shiro簡單整合
- 5. springboot整合shiro
- 6. springboot+shiro整合
- 7. Springboot整合Shiro
- 8. SpringBoot整合Shiro
- 9. Springboot 整合 shiro
- 10. SpringBoot 整合shiro
- 更多相關文章...
- • MyBatis與Spring的整合步驟 - MyBatis教程
- • MyBatis與Spring的整合實例 - MyBatis教程
- • Github 簡明教程
- • Composer 安裝與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 安裝cuda+cuDNN
- 2. GitHub的使用說明
- 3. phpDocumentor使用教程【安裝PHPDocumentor】
- 4. yarn run build報錯Component is not found in path 「npm/taro-ui/dist/weapp/components/rate/index「
- 5. 精講Haproxy搭建Web集羣
- 6. 安全測試基礎之MySQL
- 7. C/C++編程筆記:C語言中的複雜聲明分析,用實例帶你完全讀懂
- 8. Python3教程(1)----搭建Python環境
- 9. 李宏毅機器學習課程筆記2:Classification、Logistic Regression、Brief Introduction of Deep Learning
- 10. 阿里雲ECS配置速記
歡迎關注本站公眾號,獲取更多信息
