package com.siyue.shiro.config;
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import com.siyue.shiro.common.ShrioUrl;
import com.siyue.shiro.realm.ShiroRealm;
import com.siyue.shiro.redis.RedisCacheManager;
import com.siyue.shiro.redis.RedisSessionDAO;
/**
*
*Title:ShiroConfiguration
*描述:shiro配置
*@author qiaopeng
*@date 2017年12月27日
*/
@Configuration
public class ShiroConfiguration {
/**
* 描述:自己现实的sessionDAO
* @return
*/
@Bean
@ConditionalOnMissingBean
public SessionDAO redisSessionDAO() {
return new RedisSessionDAO();
}
/**
*
* 描述:cacheManager对象
* @return
*/
// @Bean(destroyMethod = "destroy")
// @ConditionalOnMissingBean
// public CacheManager cacheManager(){
// EhCacheManager cacheManager = new EhCacheManager();
// cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
// return cacheManager;
// }
@Bean
@ConditionalOnMissingBean
public CacheManager cacheManager() {
return new RedisCacheManager();
}
/**
* simpleCookie,不定义在集群环境下会出现There is no session with id ....
* @return
*/
@Bean
@ConditionalOnMissingBean
public SimpleCookie simpleCookie() {
SimpleCookie cookie = new SimpleCookie("redis.session");
cookie.setPath("/");
return cookie;
}
/**
*
* 描述:sessionManager对象
* @return
*/
@Bean
@ConditionalOnMissingBean
public SessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionDAO(redisSessionDAO());
//sessionManager.setGlobalSessionTimeout(1800000);//默认值30分钟 : 1000 * 60 * 30 = 1800000
sessionManager.setCacheManager(cacheManager());
sessionManager.setSessionIdCookie(simpleCookie());
return sessionManager;
}
/**
*
* 描述:凭证匹配器
* @return
*/
@Bean
@ConditionalOnMissingBean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
matcher.setHashAlgorithmName("MD5");//可以MD5、SHA-1,如果对密码安全有更高要求可以用SHA-256或者更高
matcher.setHashIterations(1);//加密迭代次数
matcher.setStoredCredentialsHexEncoded(true);//storedCredentialsHexEncoded 默认是true,此时用的是密码加密用的是Hex编码;false时用Base64编码
return matcher;
}
/**
*
* 描述:自定义的realm
* @param cacheManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public ShiroRealm shiroRealm(CacheManager cacheManager, HashedCredentialsMatcher matcher){
ShiroRealm realm = new ShiroRealm();
realm.setAuthorizationCachingEnabled(true);
realm.setCacheManager(cacheManager);
realm.setName("authRealm");
realm.setCredentialsMatcher(matcher);
return realm;
}
/**
*
* 描述:securityManager对象
* @param shiroRealm
* @param cacheManager
* @param sessionManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public SecurityManager securityManager(ShiroRealm shiroRealm,
CacheManager cacheManager, SessionManager sessionManager){
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
manager.setRealm(shiroRealm);
manager.setCacheManager(cacheManager);
manager.setSessionManager(sessionManager);
return manager;
}
/**
*
* 描述:生命周期控制器
* @return
*/
@Bean
@ConditionalOnMissingBean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
/**
*
* 描述:开启注解模式
* @param securityManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor
(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
/**
*
* 描述:过滤器链
* @param securityManager
* @return
*/
@Bean(name = "shiroFilter")
@ConditionalOnMissingBean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
ShiroFilterFactoryBean factory = new ShiroFilterFactoryBean();
factory.setSecurityManager(securityManager);
factory.setLoginUrl(ShrioUrl.LoginURL.getUrl());
factory.setSuccessUrl(ShrioUrl.SuccessURL.getUrl());
factory.setUnauthorizedUrl(ShrioUrl.UnauthorizedURL.getUrl());
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
//过滤链定义,从上向下顺序执行,一般将/**放在最为下边
filterChainDefinitionMap.put("/user/login", "anon");
filterChainDefinitionMap.put("/user/tologin", "anon");
filterChainDefinitionMap.put("/api/**", "anon");
filterChainDefinitionMap.put("/assets/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/**", "authc");
factory.setFilterChainDefinitionMap(filterChainDefinitionMap);
return factory;
}
/**
*
* 描述:相当于调用SecurityUtils.setSecurityManager(securityManager)
* @param securityManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public MethodInvokingFactoryBean methodInvokingFactoryBean(SecurityManager securityManager){
MethodInvokingFactoryBean factoryBean = new MethodInvokingFactoryBean();
factoryBean.setArguments(securityManager);
factoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
return factoryBean;
}
/**
*
* 描述:注册shiro过滤器,相当于在web.xml中配置shiroFilter
* @return
*/
@Bean
@ConditionalOnMissingBean
public FilterRegistrationBean delegatingFilterProxy(){
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
DelegatingFilterProxy proxy = new DelegatingFilterProxy();
proxy.setTargetFilterLifecycle(true);
proxy.setTargetBeanName("shiroFilter");
filterRegistrationBean.setFilter(proxy);
return filterRegistrationBean;
}
}
springboot+shiro+redis整合
需积分: 28 19 浏览量
2018-03-12
16:38:08
上传
评论 2
收藏 88KB RAR 举报
shiro-cluster.rar (61个子文件) 
shiro 
.gitignore 249B .project 936B .mvn wrapper 
maven-wrapper.jar 46KB maven-wrapper.properties 110B pom.xml 6KB mvnw 6KB .settings org.eclipse.core.resources.prefs 150B org.eclipse.jdt.core.prefs 238B org.eclipse.wst.common.project.facet.core.xml 145B org.eclipse.m2e.core.prefs 86B src test java com siyue shiro ShiroApplicationTests.java 1KB main resources application.yml 665B properties jdbc.properties 242B ehcache.xml 2KB java com siyue shiro dao UserRepository.java 353B BaseJpaDao.java 965B impl BaseJpaDaoImpl.java 2KB BaseRepository.java 497B ShiroApplication.java 462B exception CustomExceptionResolver.java 2KB CustomException.java 494B vo SortDto.java 975B listener ExampleSessionListener.java 704B ExampleServletListener.java 728B controller TestController.java 449B UserController.java 3KB MainsiteErrorController.java 651B common FtpUtil.java 7KB PropUtils.java 464B SpringBeanUtils.java 4KB PageableTools.java 2KB SolrUtils.java 2KB HttpClientUtil.java 6KB BeanUtils.java 4KB SortTools.java 955B ShrioUrl.java 490B config RedisConfig.java 1KB MySpringMVCConfig.java 3KB WebConfig.java 1000B ShiroConfiguration.java 7KB SpringConfiguration.java 4KB filter RegistryFilter.java 1KB ExampleFilter.java 2KB redis RedisSessionDAO.java 2KB RedisObjectSerializer.java 2KB ShiroCache.java 2KB RedisCacheManager.java 967B realm ShiroRealm.java 2KB service BaseServiceI.java 1KB impl BaseServiceImpl.java 2KB UserServiceImpl.java 745B UserServiceI.java 169B pojo User.java 3KB AbstractEntiry.java 1KB webapp WEB-INF views login.jsp 973B test.jsp 797B error 403.jsp 333B 404.jsp 333B 500.jsp 333B mvnw.cmd 5KB .classpath 1KB资源评论
