package net.xdclass.rbac_shiro.config;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager){
System.out.println("执行 ShiroFilterFactoryBean.shiroFilter()");
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//必须设置securityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
//需要登录的接口,如果访问某个接口,需要登录却没登录,则调用此接口(如果不是前后端分离,则跳转页面)
shiroFilterFactoryBean.setLoginUrl("/pub/need_login");
//登录成功,跳转url,如果前后端分离,则没这个调用
shiroFilterFactoryBean.setSuccessUrl("/");
//没有权限,未授权就会调用此方法, 先验证登录-》再验证是否有权限
shiroFilterFactoryBean.setUnauthorizedUrl("/pub/not_permit");
//设置自定义filter
Map<String,Filter> filterMap = new LinkedHashMap<>();
filterMap.put("roleOrFilter",new CustomRolesOrAuthorizationFilter());
shiroFilterFactoryBean.setFilters(filterMap);
//拦截器路径,坑一,部分路径无法进行拦截,时有时无;因为同学使用的是hashmap, 无序的,应该改为LinkedHashMap
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
//退出过滤器
filterChainDefinitionMap.put("/logout","logout");
//匿名可以访问,也是就游客模式
filterChainDefinitionMap.put("/pub/**","anon");
//登录用户才可以访问
filterChainDefinitionMap.put("/authc/**","authc");
//管理员角色才可以访问
filterChainDefinitionMap.put("/admin/**","roleOrFilter[admin,root]");
//有编辑权限才可以访问
filterChainDefinitionMap.put("/video/update","perms[video_update]");
//坑二: 过滤链是顺序执行,从上而下,一般讲/** 放到最下面
//authc : url定义必须通过认证才可以访问
//anon : url可以匿名访问
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager securityManager(){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//如果不是前后端分离,则不必设置下面的sessionManager
securityManager.setSessionManager(sessionManager());
//使用自定义的cacheManager
securityManager.setCacheManager(cacheManager());
//设置realm(推荐放到最后,不然某些情况会不生效)
securityManager.setRealm(customRealm());
return securityManager;
}
/**
* 自定义realm
* @return
*/
@Bean
public CustomRealm customRealm(){
CustomRealm customRealm = new CustomRealm();
customRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return customRealm;
}
/**
* 密码加解密规则
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
//设置散列算法:这里使用的MD5算法
credentialsMatcher.setHashAlgorithmName("md5");
//散列次数,好比散列2次,相当于md5(md5(xxxx))
credentialsMatcher.setHashIterations(2);
return credentialsMatcher;
}
//自定义sessionManager
@Bean
public SessionManager sessionManager(){
CustomSessionManager customSessionManager = new CustomSessionManager();
//超时时间,默认 30分钟,会话超时;方法里面的单位是毫秒
//customSessionManager.setGlobalSessionTimeout(20000);
//配置session持久化
customSessionManager.setSessionDAO(redisSessionDAO());
return customSessionManager;
}
/**
* 配置redisManager
*
*/
public RedisManager getRedisManager(){
RedisManager redisManager = new RedisManager();
redisManager.setHost("localhost");
redisManager.setPort(6379);
return redisManager;
}
/**
* 配置具体cache实现类
* @return
*/
public RedisCacheManager cacheManager(){
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(getRedisManager());
//设置过期时间,单位是秒,20s
redisCacheManager.setExpire(20);
return redisCacheManager;
}
/**
* 自定义session持久化
* @return
*/
public RedisSessionDAO redisSessionDAO(){
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(getRedisManager());
//设置sessionid生成器
redisSessionDAO.setSessionIdGenerator(new CustomSessionIdGenerator());
return redisSessionDAO;
}
/**
* 管理shiro一些bean的生命周期 即bean初始化 与销毁
* @return
*/
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
/**
* api controller 层面
* 加入注解的使用,不加入这个AOP注解不生效(shiro的注解 例如 @RequiresGuest)
*
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
return authorizationAttributeSourceAdvisor;
}
/**
* 用来扫描上下文寻找所有的Advistor(通知器),
* 将符合条件的Advisor应用到切入点的Bean中,需要在LifecycleBeanPostProcessor创建后才可以创建
* @return
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator=new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setUsePrefix(true);
return defaultAdvisorAutoProxyCreator;
}
}
没有合适的资源?快使用搜索试试~ 我知道了~
资源详情
资源评论
资源推荐
收起资源包目录
基于springboot的shiro完整项目案例 (163个子文件)
ShiroConfig.class 6KB
PublicController.class 4KB
CustomRealm.class 4KB
JsonData.class 3KB
User.class 2KB
UserServiceImpl.class 2KB
CustomRolesOrAuthorizationFilter.class 2KB
Role.class 2KB
CustomSessionManager.class 1KB
OrderController.class 1KB
AdminController.class 1KB
RoleMapper.class 1KB
CustomSessionIdGenerator.class 1018B
Permission.class 1017B
RolePermission.class 966B
UserRole.class 930B
UserMapper.class 909B
RbacShiroApplication.class 854B
VideoController.class 830B
Md5Test.class 822B
UserQuery.class 782B
PermissionMapper.class 669B
RbacShiroApplicationTests.class 649B
LogoutController.class 440B
UserService.class 415B
mvnw.cmd 6KB
.gitignore 303B
.gitignore 184B
rbac_shiro.iml 12KB
maven-wrapper.jar 47KB
ShiroConfig.java 7KB
MavenWrapperDownloader.java 5KB
CustomRealm.java 3KB
PublicController.java 2KB
JsonData.java 2KB
CustomSessionManager.java 1KB
User.java 1KB
CustomRolesOrAuthorizationFilter.java 1KB
UserServiceImpl.java 1KB
RoleMapper.java 1KB
Role.java 907B
AdminController.java 844B
LogoutController.java 772B
OrderController.java 763B
UserMapper.java 609B
RolePermission.java 593B
UserService.java 569B
Permission.java 559B
UserRole.java 521B
PermissionMapper.java 519B
VideoController.java 478B
CustomSessionIdGenerator.java 452B
RbacShiroApplication.java 412B
UserQuery.java 373B
Md5Test.java 343B
RbacShiroApplicationTests.java 342B
HELP.md 694B
mvnw 9KB
application.properties 750B
application.properties 750B
maven-wrapper.properties 116B
workspace.xml 45KB
pom.xml 3KB
jarRepositories.xml 1KB
compiler.xml 801B
Maven__org_springframework_boot_spring_boot_starter_validation_2_2_0_M2.xml 722B
Maven__org_springframework_boot_spring_boot_test_autoconfigure_2_2_0_M2.xml 722B
Maven__org_mybatis_spring_boot_mybatis_spring_boot_autoconfigure_2_0_1.xml 718B
Maven__com_fasterxml_jackson_module_jackson_module_parameter_names_2_9_8.xml 717B
Maven__org_springframework_boot_spring_boot_starter_logging_2_2_0_M2.xml 701B
Maven__org_springframework_boot_spring_boot_starter_tomcat_2_2_0_M2.xml 694B
Maven__com_vaadin_external_google_android_json_0_0_20131108_vaadin1.xml 688B
Maven__org_springframework_boot_spring_boot_autoconfigure_2_2_0_M2.xml 687B
Maven__org_springframework_boot_spring_boot_starter_jdbc_2_2_0_M2.xml 680B
Maven__org_springframework_boot_spring_boot_starter_json_2_2_0_M2.xml 680B
Maven__org_springframework_boot_spring_boot_starter_test_2_2_0_M2.xml 680B
Maven__com_fasterxml_jackson_datatype_jackson_datatype_jsr310_2_9_8.xml 676B
Maven__org_mybatis_spring_boot_mybatis_spring_boot_starter_2_0_1.xml 676B
Maven__org_springframework_boot_spring_boot_starter_web_2_2_0_M2.xml 673B
Maven__org_hibernate_validator_hibernate_validator_6_0_16_Final.xml 669B
Maven__com_fasterxml_jackson_datatype_jackson_datatype_jdk8_2_9_8.xml 662B
Maven__org_apache_tomcat_embed_tomcat_embed_websocket_9_0_17.xml 648B
Maven__com_google_errorprone_error_prone_annotations_2_0_18.xml 647B
Maven__org_springframework_boot_spring_boot_starter_2_2_0_M2.xml 645B
Maven__org_codehaus_mojo_animal_sniffer_annotations_1_14.xml 638B
Maven__com_fasterxml_jackson_core_jackson_annotations_2_9_0.xml 632B
Maven__org_springframework_boot_spring_boot_test_2_2_0_M2.xml 624B
Maven__jakarta_validation_jakarta_validation_api_2_0_1.xml 621B
Maven__jakarta_activation_jakarta_activation_api_1_2_1.xml 621B
Maven__jakarta_annotation_jakarta_annotation_api_1_3_4.xml 621B
Maven__org_apache_tomcat_embed_tomcat_embed_core_9_0_17.xml 613B
Maven__org_springframework_spring_expression_5_2_0_M1.xml 611B
Maven__com_fasterxml_jackson_core_jackson_databind_2_9_8.xml 611B
Maven__commons_collections_commons_collections_3_2_2.xml 604B
Maven__org_apache_tomcat_embed_tomcat_embed_el_9_0_17.xml 599B
Maven__jakarta_xml_bind_jakarta_xml_bind_api_2_3_2.xml 599B
Maven__org_jboss_logging_jboss_logging_3_3_2_Final.xml 596B
Maven__org_apache_logging_log4j_log4j_to_slf4j_2_11_2.xml 596B
Maven__org_apache_shiro_shiro_crypto_cipher_1_4_0.xml 592B
Maven__org_springframework_spring_context_5_2_0_M1.xml 590B
共 163 条
- 1
- 2
ITzhongzi
- 粉丝: 1102
- 资源: 25
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0