• spring boot 集成shiro


    引入jar包 <spring -shiro >

    创建主配置类

    package com.aaa.pettyloan.config;

    import com.aaa.pettyloan.realm.MyRealm;
    import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
    import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
    import org.apache.shiro.mgt.SecurityManager;
    import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;

    import java.util.Map;

    /**
    * @author fei
    * @description shiro的主配置文件
    * @company AAA软件
    * @className QY95
    */
    @Configuration
    public class ShiroConfig {

    /**
    * 在spring 的工厂中创建ShiroFilterFactoryBean 的对象
    * @param securityManager
    * @return
    */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager){
    ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
    shiroFilterFactoryBean.setSecurityManager(securityManager);
    Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap();
    //没有登录跳转到的界面
    shiroFilterFactoryBean.setLoginUrl("/login");
    // 没有授权跳转到的界面
    shiroFilterFactoryBean.setUnauthorizedUrl("/toError");
    // 配置不能拦截的请求
    filterChainDefinitionMap.put("/logout","logout");
    filterChainDefinitionMap.put("/plugins/element-ui/fonts/**","anon");
    filterChainDefinitionMap.put("/plugins/element-ui/**","anon");
    filterChainDefinitionMap.put("/login","anon");
    filterChainDefinitionMap.put("/checkEmp","anon");
    filterChainDefinitionMap.put("/toError","anon");
    //配置员工必须有相对应的权限才能访问
    filterChainDefinitionMap.put("/sys/*","perms[sys]");
    filterChainDefinitionMap.put("/fan/*","perms[fan]");
    filterChainDefinitionMap.put("/cle/*","perms[cle]");
    filterChainDefinitionMap.put("/loan/*","perms[loan]");
    filterChainDefinitionMap.put("/check/*","perms[check]");
    filterChainDefinitionMap.put("/show/*","perms[show]");
    filterChainDefinitionMap.put("/other/*","perms[other]");
    // 所有其他请求都要经过登录校验
    filterChainDefinitionMap.put("/**","authc");
    return shiroFilterFactoryBean;
    }
    /**
    * 在spring工厂中创建SecurityManager 对象
    * @return
    */
    @Bean
    public SecurityManager getSecurityManager(){
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(getRealm());
    return securityManager;
    }
    /**
    * 创建realm的实现类对象
    * @return
    */
    @Bean
    public MyRealm getRealm(){
    MyRealm realm = new MyRealm();
    realm.setCredentialsMatcher(getMatcher());
    return realm;
    }
    /**
    * 创建凭证匹配器对象
    * @return
    */
    @Bean
    public HashedCredentialsMatcher getMatcher(){
    HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
    credentialsMatcher.setHashAlgorithmName("MD5");
    credentialsMatcher.setHashIterations(10);
    return credentialsMatcher;
    }
    }
    创建realm
    package com.aaa.pettyloan.realm;

    import com.aaa.pettyloan.entity.Employee;
    import com.aaa.pettyloan.entity.Users;
    import com.aaa.pettyloan.service.LoginService;
    import org.apache.shiro.authc.*;
    import org.apache.shiro.authz.AuthorizationInfo;
    import org.apache.shiro.authz.SimpleAuthorizationInfo;
    import org.apache.shiro.realm.AuthorizingRealm;
    import org.apache.shiro.subject.PrincipalCollection;
    import org.apache.shiro.util.ByteSource;
    import org.springframework.beans.factory.annotation.Autowired;

    import java.util.List;

    /**
    * @author fei
    * @description 自定义的realm域
    * @company AAA软件
    * @className QY95
    * 2019/7/17 19:26
    */

    public class MyRealm extends AuthorizingRealm {
    @Autowired
    private LoginService loginService;
    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    //获取用户对象
    Employee emp = (Employee) principalCollection.getPrimaryPrincipal();
    //根据用户id查询用户能操作的命名空间
    List<String> namespaces = loginService.queryPermitByshiro(emp);
    //吧命名空间放到shiro中
    SimpleAuthorizationInfo saf = new SimpleAuthorizationInfo();
    saf.addStringPermissions(namespaces);
    return saf;
    }
    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    //获取用户前台传来的用户名密码
    String empno = authenticationToken.getPrincipal().toString();
    //根据用户名查询用户对象
    Employee emp = loginService.findByUsername(empno);
    if(emp==null){
    throw new UnknownAccountException("用户名输入错误");
    }
    //传递密码时设置盐值
    ByteSource salt = ByteSource.Util.bytes(emp.getSalt());
    SimpleAuthenticationInfo slf = new SimpleAuthenticationInfo(emp,emp.getPassword(),salt,"MyRealm");
    return slf;
    }
    }
    之后再登录controller配置

    完成!

    
    
  • 相关阅读:
    虚拟环境和包
    1105471854403716
    Sunshine on my shoulders
    ERROR: Command errored out with exit status 1:
    JAVA调用SAP ODATA服务
    reacthooks学习
    mtalb 密度图 制作
    vue3.0 + vite + ts 完成自动导入 vue API 和 自动导入组件
    【报告笔记】作物顺式调控模块的挖掘与利用
    【WDL】5. 实践与建议
  • 原文地址:https://www.cnblogs.com/yinziqiang0909/p/11206073.html
Copyright © 2020-2023  润新知