跟我学 Shiro——http://jinnianshilongnian.iteye.com/
2
目 录
写给自己的话 .................................................................................................................................. 1
目 录 ............................................................................................................................................. 2
第一章 SHIRO 简介 ....................................................................................................................... 5
简介 ................................................................................................................................................... 5
第二章 身份验证 .......................................................................................................................... 9
环境准备............................................................................................................................................ 9
登录/退出 ........................................................................................................................................ 10
身份认证流程 .................................................................................................................................. 12
REALM ................................................................................................................................................ 12
AUTHENTICATOR 及 AUTHENTICATIONSTRATEGY........................................................................................ 16
第三章 授权 ................................................................................................................................ 20
授权方式.......................................................................................................................................... 21
授权 ................................................................................................................................................. 21
PERMISSION ......................................................................................................................................... 24
授权流程.......................................................................................................................................... 28
AUTHORIZER、PERMISSIONRESOLVER 及 ROLEPERMISSIONRESOLVER .......................................................... 29
第四章 INI 配置 .......................................................................................................................... 35
根对象 SECURITYMANAGER ................................................................................................................. 35
INI 配置 ............................................................................................................................................ 37
第五章 编码/加密....................................................................................................................... 41
编码/解码 ........................................................................................................................................ 41
散列算法.......................................................................................................................................... 41
加密/解密 ........................................................................................................................................ 43
PASSWORDSERVICE/CREDENTIALSMATCHER .............................................................................................. 44
第六章 REALM 及相关对象 ........................................................................................................ 49
REALM ................................................................................................................................................ 49
AUTHENTICATIONTOKEN ........................................................................................................................ 53
AUTHENTICATIONINFO ........................................................................................................................... 54
PRINCIPALCOLLECTION ........................................................................................................................... 55
AUTHORIZATIONINFO ............................................................................................................................ 58
SUBJECT .............................................................................................................................................. 59
跟我学 Shiro——http://jinnianshilongnian.iteye.com/
3
第七章 与WEB 集成 ................................................................................................................... 63
准备环境.......................................................................................................................................... 63
SHIROFILTER 入口 ............................................................................................................................... 64
WEB INI 配置 .................................................................................................................................... 66
第八章 拦截器机制 ...................................................................................................................... 74
拦截器介绍...................................................................................................................................... 74
拦截器链.......................................................................................................................................... 76
自定义拦截器 .................................................................................................................................. 79
默认拦截器...................................................................................................................................... 86
第九章 JSP 标签 ............................................................................................................................ 88
第十章 会话管理 ........................................................................................................................ 91
会话 ................................................................................................................................................. 91
会话管理器...................................................................................................................................... 92
会话监听器...................................................................................................................................... 95
会话存储/持久化 ............................................................................................................................ 95
会话验证.......................................................................................................................................... 99
SESSIONFACTORY ................................................................................................................................ 101
第十一章 缓存机制 .................................................................................................................. 103
REALM 缓存 ..................................................................................................................................... 104
SESSION 缓存 ................................................................................................................................... 106
第十二章 与SPRING 集成 ........................................................................................................ 107
JAVASE 应用 .................................................................................................................................... 107
WEB 应用 ........................................................................................................................................ 109
SHIRO 权限注解 .............................................................................................................................. 112
第十三章 REMEMBERME .......................................................................................................... 114
REMEMBERME 配置 .......................................................................................................................... 114
第十四章 SSL ............................................................................................................................ 117
第十五章 单点登录 .................................................................................................................. 120
服务器端........................................................................................................................................ 120
客户端 ........................................................................................................................................... 122
第十六章 综合实例 .................................................................................................................. 126
第十七章 OAUTH2 集成 ........................................................................................................... 136
跟我学 Shiro——http://jinnianshilongnian.iteye.com/
4
服务器端........................................................................................................................................ 137
客户端 ........................................................................................................................................... 147
第十八章 并发登录人数控制 ..................................................................................................... 155
第十九章 动态 URL 权限控制..................................................................................................... 159
第二十章 无状态 WEB 应用集成................................................................................................ 170
服务器端........................................................................................................................................ 170
客户端 ........................................................................................................................................... 175
第二十一章 授予身份及切换身份 ............................................................................................. 179
第二十二章 集成验证码 ............................................................................................................. 184
第二十三章 多项目集中权限管理及分布式会话 ....................................................................... 191
部署架构........................................................................................................................................ 191
项目架构........................................................................................................................................ 192
模块关系依赖 ................................................................................................................................ 193
SHIRO-EXAMPLE-CHAPTER23-POM 模块 ................................................................................................ 194
SHIRO-EXAMPLE-CHAPTER23-CORE 模块 ................................................................................................ 195
SHIRO-EXAMPLE-CHAPTER23-SERVER 模块 ............................................................................................. 196
SHIRO-EXAMPLE-CHAPTER23-CLIENT 模块 .............................................................................................. 201
SHIRO-EXAMPLE-CHAPTER23-APP*模块 ................................................................................................ 208
测试 ............................................................................................................................................... 211
本示例缺点.................................................................................................................................... 214
第二十四章 在线会话管理 ......................................................................................................... 215