SpringBoot整合Shiro 一：搭建環境

時間 2020-05-01

標籤 springboot 整合 shiro 搭建環境欄目 Spring 简体版

原文原文鏈接

Java項目的安全框架通常使用 shiro 與 spring securityhtml

　　具體怎麼選擇能夠參考文章：安全框架 Shiro 和 Spring Security 如何選擇web

我這裏選擇使用Shirospring

環境搭建

建立SpringBoot項目apache

導入Maven依賴

<dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-web</artifactId>
 </dependency>
 
 <dependency>
     <groupId>org.apache.shiro</groupId>
     <artifactId>shiro-spring</artifactId>
     <version>1.5.1</version>
 </dependency>
 
 <dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-thymeleaf</artifactId>
     <version>2.2.5.RELEASE</version>
 </dependency>

建立 Realm 類

　　須要繼承 AuthorizingRealm安全

package com.zy.config;
 
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 
 public class UserRealm extends AuthorizingRealm {
 
     //受權
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
         System.out.println("執行了=>受權doGetAuthorizationInfo");
         return null;
     }
 
     //認證
     @Override
     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
         System.out.println("執行了=>認證doGetAuthenticationInfo");
         return null;
     }
 }

Shiro配置類

步驟1

　建立realm對象app

//建立realm對象(步驟1)
 @Bean(name = "userRealm")
 public UserRealm userRealm(){
     return new UserRealm();
 }

步驟2

　DefaultWebSecurityManager框架

　　　--> import org.apache.shiro.web.mgt.DefaultWebSecurityManager;ide

//DefaultWebSecurityManager(步驟2)
 @Bean(name = "defaultWebSecurityManager")
 public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
 
     DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
     securityManager.setRealm(userRealm());
     return securityManager;
 
 }

步驟3

　ShiroFilterFactoryBeanspring-boot

//ShiroFilterFactoryBean(步驟3)
 @Bean(name = "shiroFilterFactoryBean")
 //@Bean
 public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
     ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
 
     bean.setSecurityManager(defaultWebSecurityManager);
     return bean;
 }

ShiroConfig搭建完成

package com.zy.config;
 
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
 public class ShiroConfig {
 
     //ShiroFilterFactoryBean(步驟3)
     @Bean(name = "shiroFilterFactoryBean")
     //@Bean
     public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
         ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
 
         bean.setSecurityManager(defaultWebSecurityManager);
         return bean;
     }
 
     //DefaultWebSecurityManager(步驟2)
     @Bean(name = "defaultWebSecurityManager")
     public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
 
         DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
         securityManager.setRealm(userRealm());
         return securityManager;
 
     }
 
     //建立realm對象(步驟1)
     @Bean(name = "userRealm")
     public UserRealm userRealm(){
         return new UserRealm();
     }
 
 }

Controller

　首先是index頁面

index.html測試

<!DOCTYPE html>
 <html lang="en" xmlns:th="http://www.thymeleaf.org"
       xmlns:shiro="http://www.thymeleaf.org/thymeleaf-extras-shiro">
 <head>
     <meta charset="UTF-8">
     <title>Title</title>
 </head>
 <body>
 
 <h1>首頁</h1>
 <p th:text="${msg}"></p>
 
 <a th:href="@{/user/add}">add</a> | <a th:href="@{/user/update}">update</a>
 
 </body>
 </html>

對應Controller

@RequestMapping({"/","/index"})
 public String toIndex(Model model){
     model.addAttribute("msg","HelloShiro");
 
     return "index";
 }

add頁面

add.html

<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <title>Title</title>
 </head>
 <body>
 
 <h1>add</h1>
 
 </body>
 </html>

對應Controller

 @RequestMapping("/user/add")
 public String add(){
 
     return "user/add";
 }

update頁面

update.html

 <!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <title>Title</title>
 </head>
 <body>
 
 <h1>update</h1>
 
 </body>
 </html>

對應Controller

@RequestMapping("/user/update")
 public String update(){
 
     return "user/update";
 }

MyController（總）

 package com.zy.controller;
 
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 
 @Controller
 public class MyController {
 
     @RequestMapping({"/","/index"})
     public String toIndex(Model model){
         model.addAttribute("msg","HelloShiro");
 
         return "index";
     }
 
     @RequestMapping("/user/add")
     public String add(){
 
         return "user/add";
     }
 
     @RequestMapping("/user/update")
     public String update(){
 
         return "user/update";
     }
 }