spring boot集成shiro详细教程(小结)

spring boot集成shiro详细教程(小结)

我们开发时候有时候要把传统spring shiro转成spring boot项目，或者直接集成，name我们要搞清楚一个知识，就是 xml配置和spring bean代码配置的关系，这一点很重要，因为spring boot是没有xml配置文件的(也不绝对，spring boot也是可以引用xml配置的)

引入依赖：

ehcache-core

net.sf.ehcache

2.5.0

org.apache.shiro

shiro-ehcache

1.2.2

　　org.slf4j

　　slf4j-api

　　1.7.25

org.apache.shiro

shiro-core

1.2.3

org.apache.shiro

shiro-web

1.2.3

org.apache.shiro

shiro-spring

1.2.3

如果你出现错误 找不到slf4j，引入依赖

　　org.slf4j

　　slf4j-log4j12

　　1.7.25

传统xml配置如下：

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xmlns:context="http://springframework.org/schema/context"

xmlns:aop="http://springframework.org/schema/aop"

xmlns:tx="http://springframework.org/schema/tx"

xsi:schemaLocation="http://springframework.org/schema/beans

http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/context

http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/aop

http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/tx

http://springframework.org/schema/tx/spring-tx.xsd">

/login = verCode,anon

/getCode = anon

/logout = logout

/plugin/** = anon

/user/**=per

/** = authc

class="com.len.core.shiro.RetryLimitCredentialsMatcher">

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xmlns:context="http://springframework.org/schema/context"

xmlns:aop="http://springframework.org/schema/aop"

xmlns:tx="http://springframework.org/schema/tx"

xsi:schemaLocation="http://springframework.org/schema/beans

http://springframework.org/schema/beans/spring-beans.xsd

http://springframework.org/schema/context

http://springframework.org/schema/context/spring-context.xsd

http://springframework.org/schema/aop

http://springframework.org/schema/aop/spring-aop.xsd

http://springframework.org/schema/tx

http://springframework.org/schema/tx/spring-tx.xsd">

/login = verCode,anon

/getCode = anon

/logout = logout

/plugin/** = anon

/user/**=per

/** = authc

class="com.len.core.shiro.RetryLimitCredentialsMatcher">

class="com.len.core.shiro.RetryLimitCredentialsMatcher">

转换成bean 新建类ShiroConfig

@Configuration

public class ShiroConfig {

@Bean

public RetryLimitCredentialsMatcher getRetryLimitCredentialsMatcher(){

RetryLimitCredentialsMatcher rm=new RetryLimitCredentialsMatcher(getCacheManager(),"5");

rm.setHashAlgorithmName("md5");

rm.setHashIterations(4);

return rm;

}

@Bean

public LoginRealm getLoginRealm(){

LoginRealm realm= new LoginRealm();

realm.setCredentialsMatcher(getRetryLimitCredentialsMatcher());

return realm;

}

@Bean

public EhCacheManager getCacheManager(){

EhCacheManager ehCacheManager=new EhCacheManager();

ehCacheManager.setCacheManagerConfigFile("classpath:ehcache/ehcache.xml");

return ehCacheManager;

}

@Bean

public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {

return new LifecycleBeanPostProcessor();

}

@Bean(name="securityManager")

public DefaultWebSecurityManager getDefaultWebSecurityManager(){

DefaultWebSecurityManager dwm=new DefaultWebSecurityManager();

dwm.setRealm(getLoginRealm());

dwm.setCacheManager(getCacheManager());

return dwm;

}

@Bean

public PermissionFilter getPermissionFilter(){

PermissionFilter pf=new PermissionFilter();

return pf;

}

@Bean

public VerfityCodeFilter getVerfityCodeFilter(){

VerfityCodeFilter vf= new VerfityCodeFilter();

vf.setFailureKeyAttribute("shiroLoginFailure");

vf.setJcaptchaParam("code");

vf.setVerfitiCode(true);

return vf;

}

@Bean(name = "shiroFilter")

public ShiroFilterFactoryBean getShiroFilterFactoryBean(){

ShiroFilterFactoryBean sfb = new ShiroFilterFactoryBean();

sfb.setSecurityManager(getDefaultWebSecurityManager());

sfb.setLoginUrl("/login");

sfb.setUnauthorizedUrl("/goLogin");

Map filters=new HashMap<>();

filters.put("per",getPermissionFilter());

filters.put("verCode",getVerfityCodeFilter());

sfb.setFilters(filters);

Map filterMap = new LinkedHashMap<>();

filterMap.put("/login","verCode,anon");

//filterMap.put("/login","anon");

filterMap.put("/getCode","anon");

filterMap.put("/logout","logout");

filterMap.put("/plugin/**","anon");

filterMap.put("/user/**","per");

filterMap.put("/**","authc");

sfb.setFilterChainDefinitionMap(filterMap);

return sfb;

}

@Bean

public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {

DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();

advisorAutoProxyCreator.setProxyTargetClass(true);

return advisorAutoProxyCreator;

}

@Bean

public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){

AuthorizationAttributeSourceAdvisor as=new AuthorizationAttributeSourceAdvisor();

as.setSecurityManager(getDefaultWebSecurityManager());

return as;

}

@Bean

public FilterRegistrationBean delegatingFilterProxy(){

FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();

DelegatingFilterProxy proxy = new DelegatingFilterProxy();

proxy.setTargetFilterLifecycle(true);

proxy.setTargetBeanName("shiroFilter");

filterRegistrationBean.setFilter(proxy);

return filterRegistrationBean;

}

其中有个别类是自定义的拦截器和 realm，此时spring 即能注入shiro 也就是 spring boot集成上了 shiro

如果你因为其他配置引起一些失败，可以参考开源项目 lenos快速开发脚手架 spring boot版本，其中有对shiro的集成，可以用来学习

地址：https://gitee.com/bweird/lenosp

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。