package net.xdclass.rbac_shiro.config;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager){
System.out.println("执行 ShiroFilterFactoryBean.shiroFilter()");
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//必须设置securityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
//需要登录的接口,如果访问某个接口,需要登录却没登录,则调用此接口(如果不是前后端分离,则跳转页面)
shiroFilterFactoryBean.setLoginUrl("/pub/need_login");
//登录成功,跳转url,如果前后端分离,则没这个调用
shiroFilterFactoryBean.setSuccessUrl("/");
//没有权限,未授权就会调用此方法, 先验证登录-》再验证是否有权限
shiroFilterFactoryBean.setUnauthorizedUrl("/pub/not_permit");
//设置自定义filter
Map<String,Filter> filterMap = new LinkedHashMap<>();
filterMap.put("roleOrFilter",new CustomRolesOrAuthorizationFilter());
shiroFilterFactoryBean.setFilters(filterMap);
//拦截器路径,坑一,部分路径无法进行拦截,时有时无;因为同学使用的是hashmap, 无序的,应该改为LinkedHashMap
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
//退出过滤器
filterChainDefinitionMap.put("/logout","logout");
//匿名可以访问,也是就游客模式
filterChainDefinitionMap.put("/pub/**","anon");
//登录用户才可以访问
filterChainDefinitionMap.put("/authc/**","authc");
//管理员角色才可以访问
filterChainDefinitionMap.put("/admin/**","roleOrFilter[admin,root]");
//有编辑权限才可以访问
filterChainDefinitionMap.put("/video/update","perms[video_update]");
//坑二: 过滤链是顺序执行,从上而下,一般讲/** 放到最下面
//authc : url定义必须通过认证才可以访问
//anon : url可以匿名访问
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager securityManager(){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//如果不是前后端分离,则不必设置下面的sessionManager
securityManager.setSessionManager(sessionManager());
//使用自定义的cacheManager
securityManager.setCacheManager(cacheManager());
//设置realm(推荐放到最后,不然某些情况会不生效)
securityManager.setRealm(customRealm());
return securityManager;
}
/**
* 自定义realm
* @return
*/
@Bean
public CustomRealm customRealm(){
CustomRealm customRealm = new CustomRealm();
customRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return customRealm;
}
/**
* 密码加解密规则
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
//设置散列算法:这里使用的MD5算法
credentialsMatcher.setHashAlgorithmName("md5");
//散列次数,好比散列2次,相当于md5(md5(xxxx))
credentialsMatcher.setHashIterations(2);
return credentialsMatcher;
}
//自定义sessionManager
@Bean
public SessionManager sessionManager(){
CustomSessionManager customSessionManager = new CustomSessionManager();
//超时时间,默认 30分钟,会话超时;方法里面的单位是毫秒
//customSessionManager.setGlobalSessionTimeout(20000);
//配置session持久化
customSessionManager.setSessionDAO(redisSessionDAO());
return customSessionManager;
}
/**
* 配置redisManager
*
*/
public RedisManager getRedisManager(){
RedisManager redisManager = new RedisManager();
redisManager.setHost("localhost");
redisManager.setPort(6379);
return redisManager;
}
/**
* 配置具体cache实现类
* @return
*/
public RedisCacheManager cacheManager(){
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(getRedisManager());
//设置过期时间,单位是秒,20s
redisCacheManager.setExpire(20);
return redisCacheManager;
}
/**
* 自定义session持久化
* @return
*/
public RedisSessionDAO redisSessionDAO(){
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(getRedisManager());
//设置sessionid生成器
redisSessionDAO.setSessionIdGenerator(new CustomSessionIdGenerator());
return redisSessionDAO;
}
/**
* 管理shiro一些bean的生命周期 即bean初始化 与销毁
* @return
*/
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
/**
* api controller 层面
* 加入注解的使用,不加入这个AOP注解不生效(shiro的注解 例如 @RequiresGuest)
*
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
return authorizationAttributeSourceAdvisor;
}
/**
* 用来扫描上下文寻找所有的Advistor(通知器),
* 将符合条件的Advisor应用到切入点的Bean中,需要在LifecycleBeanPostProcessor创建后才可以创建
* @return
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator=new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setUsePrefix(true);
return defaultAdvisorAutoProxyCreator;
}
}
基于springboot的shiro完整项目案例
需积分: 50 172 浏览量
2022-03-10
08:27:30
上传
评论
收藏 129KB RAR 举报
基于springboot的shiro完整项目案例 (163个子文件) 
ShiroConfig.class 6KB PublicController.class 4KB CustomRealm.class 4KB JsonData.class 3KB User.class 2KB UserServiceImpl.class 2KB CustomRolesOrAuthorizationFilter.class 2KB Role.class 2KB CustomSessionManager.class 1KB OrderController.class 1KB AdminController.class 1KB RoleMapper.class 1KB CustomSessionIdGenerator.class 1018B Permission.class 1017B RolePermission.class 966B UserRole.class 930B UserMapper.class 909B RbacShiroApplication.class 854B VideoController.class 830B Md5Test.class 822B UserQuery.class 782B PermissionMapper.class 669B RbacShiroApplicationTests.class 649B LogoutController.class 440B UserService.class 415B mvnw.cmd 6KB .gitignore 303B .gitignore 184B rbac_shiro.iml 12KB
maven-wrapper.jar 47KB ShiroConfig.java 7KB MavenWrapperDownloader.java 5KB CustomRealm.java 3KB PublicController.java 2KB JsonData.java 2KB CustomSessionManager.java 1KB User.java 1KB CustomRolesOrAuthorizationFilter.java 1KB UserServiceImpl.java 1KB RoleMapper.java 1KB Role.java 907B AdminController.java 844B LogoutController.java 772B OrderController.java 763B UserMapper.java 609B RolePermission.java 593B UserService.java 569B Permission.java 559B UserRole.java 521B PermissionMapper.java 519B VideoController.java 478B CustomSessionIdGenerator.java 452B RbacShiroApplication.java 412B UserQuery.java 373B Md5Test.java 343B RbacShiroApplicationTests.java 342B HELP.md 694B mvnw 9KB application.properties 750B application.properties 750B maven-wrapper.properties 116B workspace.xml 45KB pom.xml 3KB jarRepositories.xml 1KB compiler.xml 801B Maven__org_springframework_boot_spring_boot_starter_validation_2_2_0_M2.xml 722B Maven__org_springframework_boot_spring_boot_test_autoconfigure_2_2_0_M2.xml 722B Maven__org_mybatis_spring_boot_mybatis_spring_boot_autoconfigure_2_0_1.xml 718B Maven__com_fasterxml_jackson_module_jackson_module_parameter_names_2_9_8.xml 717B Maven__org_springframework_boot_spring_boot_starter_logging_2_2_0_M2.xml 701B Maven__org_springframework_boot_spring_boot_starter_tomcat_2_2_0_M2.xml 694B Maven__com_vaadin_external_google_android_json_0_0_20131108_vaadin1.xml 688B Maven__org_springframework_boot_spring_boot_autoconfigure_2_2_0_M2.xml 687B Maven__org_springframework_boot_spring_boot_starter_jdbc_2_2_0_M2.xml 680B Maven__org_springframework_boot_spring_boot_starter_json_2_2_0_M2.xml 680B Maven__org_springframework_boot_spring_boot_starter_test_2_2_0_M2.xml 680B Maven__com_fasterxml_jackson_datatype_jackson_datatype_jsr310_2_9_8.xml 676B Maven__org_mybatis_spring_boot_mybatis_spring_boot_starter_2_0_1.xml 676B Maven__org_springframework_boot_spring_boot_starter_web_2_2_0_M2.xml 673B Maven__org_hibernate_validator_hibernate_validator_6_0_16_Final.xml 669B Maven__com_fasterxml_jackson_datatype_jackson_datatype_jdk8_2_9_8.xml 662B Maven__org_apache_tomcat_embed_tomcat_embed_websocket_9_0_17.xml 648B Maven__com_google_errorprone_error_prone_annotations_2_0_18.xml 647B Maven__org_springframework_boot_spring_boot_starter_2_2_0_M2.xml 645B Maven__org_codehaus_mojo_animal_sniffer_annotations_1_14.xml 638B Maven__com_fasterxml_jackson_core_jackson_annotations_2_9_0.xml 632B Maven__org_springframework_boot_spring_boot_test_2_2_0_M2.xml 624B Maven__jakarta_validation_jakarta_validation_api_2_0_1.xml 621B Maven__jakarta_activation_jakarta_activation_api_1_2_1.xml 621B Maven__jakarta_annotation_jakarta_annotation_api_1_3_4.xml 621B Maven__org_apache_tomcat_embed_tomcat_embed_core_9_0_17.xml 613B Maven__org_springframework_spring_expression_5_2_0_M1.xml 611B Maven__com_fasterxml_jackson_core_jackson_databind_2_9_8.xml 611B Maven__commons_collections_commons_collections_3_2_2.xml 604B Maven__org_apache_tomcat_embed_tomcat_embed_el_9_0_17.xml 599B Maven__jakarta_xml_bind_jakarta_xml_bind_api_2_3_2.xml 599B Maven__org_jboss_logging_jboss_logging_3_3_2_Final.xml 596B Maven__org_apache_logging_log4j_log4j_to_slf4j_2_11_2.xml 596B Maven__org_apache_shiro_shiro_crypto_cipher_1_4_0.xml 592B Maven__org_springframework_spring_context_5_2_0_M1.xml 590B共 163 条
- 1
- 2
评论0