package com.siyue.shiro.config;
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import com.siyue.shiro.common.ShrioUrl;
import com.siyue.shiro.realm.ShiroRealm;
import com.siyue.shiro.redis.RedisCacheManager;
import com.siyue.shiro.redis.RedisSessionDAO;
/**
*
*Title:ShiroConfiguration
*描述:shiro配置
*@author qiaopeng
*@date 2017年12月27日
*/
@Configuration
public class ShiroConfiguration {
/**
* 描述:自己现实的sessionDAO
* @return
*/
@Bean
@ConditionalOnMissingBean
public SessionDAO redisSessionDAO() {
return new RedisSessionDAO();
}
/**
*
* 描述:cacheManager对象
* @return
*/
// @Bean(destroyMethod = "destroy")
// @ConditionalOnMissingBean
// public CacheManager cacheManager(){
// EhCacheManager cacheManager = new EhCacheManager();
// cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
// return cacheManager;
// }
@Bean
@ConditionalOnMissingBean
public CacheManager cacheManager() {
return new RedisCacheManager();
}
/**
* simpleCookie,不定义在集群环境下会出现There is no session with id ....
* @return
*/
@Bean
@ConditionalOnMissingBean
public SimpleCookie simpleCookie() {
SimpleCookie cookie = new SimpleCookie("redis.session");
cookie.setPath("/");
return cookie;
}
/**
*
* 描述:sessionManager对象
* @return
*/
@Bean
@ConditionalOnMissingBean
public SessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionDAO(redisSessionDAO());
//sessionManager.setGlobalSessionTimeout(1800000);//默认值30分钟 : 1000 * 60 * 30 = 1800000
sessionManager.setCacheManager(cacheManager());
sessionManager.setSessionIdCookie(simpleCookie());
return sessionManager;
}
/**
*
* 描述:凭证匹配器
* @return
*/
@Bean
@ConditionalOnMissingBean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
matcher.setHashAlgorithmName("MD5");//可以MD5、SHA-1,如果对密码安全有更高要求可以用SHA-256或者更高
matcher.setHashIterations(1);//加密迭代次数
matcher.setStoredCredentialsHexEncoded(true);//storedCredentialsHexEncoded 默认是true,此时用的是密码加密用的是Hex编码;false时用Base64编码
return matcher;
}
/**
*
* 描述:自定义的realm
* @param cacheManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public ShiroRealm shiroRealm(CacheManager cacheManager, HashedCredentialsMatcher matcher){
ShiroRealm realm = new ShiroRealm();
realm.setAuthorizationCachingEnabled(true);
realm.setCacheManager(cacheManager);
realm.setName("authRealm");
realm.setCredentialsMatcher(matcher);
return realm;
}
/**
*
* 描述:securityManager对象
* @param shiroRealm
* @param cacheManager
* @param sessionManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public SecurityManager securityManager(ShiroRealm shiroRealm,
CacheManager cacheManager, SessionManager sessionManager){
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
manager.setRealm(shiroRealm);
manager.setCacheManager(cacheManager);
manager.setSessionManager(sessionManager);
return manager;
}
/**
*
* 描述:生命周期控制器
* @return
*/
@Bean
@ConditionalOnMissingBean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
/**
*
* 描述:开启注解模式
* @param securityManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor
(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
/**
*
* 描述:过滤器链
* @param securityManager
* @return
*/
@Bean(name = "shiroFilter")
@ConditionalOnMissingBean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
ShiroFilterFactoryBean factory = new ShiroFilterFactoryBean();
factory.setSecurityManager(securityManager);
factory.setLoginUrl(ShrioUrl.LoginURL.getUrl());
factory.setSuccessUrl(ShrioUrl.SuccessURL.getUrl());
factory.setUnauthorizedUrl(ShrioUrl.UnauthorizedURL.getUrl());
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
//过滤链定义,从上向下顺序执行,一般将/**放在最为下边
filterChainDefinitionMap.put("/user/login", "anon");
filterChainDefinitionMap.put("/user/tologin", "anon");
filterChainDefinitionMap.put("/api/**", "anon");
filterChainDefinitionMap.put("/assets/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/**", "authc");
factory.setFilterChainDefinitionMap(filterChainDefinitionMap);
return factory;
}
/**
*
* 描述:相当于调用SecurityUtils.setSecurityManager(securityManager)
* @param securityManager
* @return
*/
@Bean
@ConditionalOnMissingBean
public MethodInvokingFactoryBean methodInvokingFactoryBean(SecurityManager securityManager){
MethodInvokingFactoryBean factoryBean = new MethodInvokingFactoryBean();
factoryBean.setArguments(securityManager);
factoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
return factoryBean;
}
/**
*
* 描述:注册shiro过滤器,相当于在web.xml中配置shiroFilter
* @return
*/
@Bean
@ConditionalOnMissingBean
public FilterRegistrationBean delegatingFilterProxy(){
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
DelegatingFilterProxy proxy = new DelegatingFilterProxy();
proxy.setTargetFilterLifecycle(true);
proxy.setTargetBeanName("shiroFilter");
filterRegistrationBean.setFilter(proxy);
return filterRegistrationBean;
}
}
没有合适的资源?快使用搜索试试~ 我知道了~
springboot+shiro+redis整合
共61个文件
java:41个
jsp:5个
prefs:3个
需积分: 28 90 下载量 19 浏览量
2018-03-12
16:38:08
上传
评论 2
收藏 88KB RAR 举报
温馨提示
springboot 整合shiro的认证,redis实现session共享案例
资源推荐
资源详情
资源评论
收起资源包目录
shiro-cluster.rar (61个子文件)
shiro
.gitignore 249B
.project 936B
.mvn
wrapper
maven-wrapper.jar 46KB
maven-wrapper.properties 110B
pom.xml 6KB
mvnw 6KB
.settings
org.eclipse.core.resources.prefs 150B
org.eclipse.jdt.core.prefs 238B
org.eclipse.wst.common.project.facet.core.xml 145B
org.eclipse.m2e.core.prefs 86B
src
test
java
com
siyue
shiro
ShiroApplicationTests.java 1KB
main
resources
application.yml 665B
properties
jdbc.properties 242B
ehcache.xml 2KB
java
com
siyue
shiro
dao
UserRepository.java 353B
BaseJpaDao.java 965B
impl
BaseJpaDaoImpl.java 2KB
BaseRepository.java 497B
ShiroApplication.java 462B
exception
CustomExceptionResolver.java 2KB
CustomException.java 494B
vo
SortDto.java 975B
listener
ExampleSessionListener.java 704B
ExampleServletListener.java 728B
controller
TestController.java 449B
UserController.java 3KB
MainsiteErrorController.java 651B
common
FtpUtil.java 7KB
PropUtils.java 464B
SpringBeanUtils.java 4KB
PageableTools.java 2KB
SolrUtils.java 2KB
HttpClientUtil.java 6KB
BeanUtils.java 4KB
SortTools.java 955B
ShrioUrl.java 490B
config
RedisConfig.java 1KB
MySpringMVCConfig.java 3KB
WebConfig.java 1000B
ShiroConfiguration.java 7KB
SpringConfiguration.java 4KB
filter
RegistryFilter.java 1KB
ExampleFilter.java 2KB
redis
RedisSessionDAO.java 2KB
RedisObjectSerializer.java 2KB
ShiroCache.java 2KB
RedisCacheManager.java 967B
realm
ShiroRealm.java 2KB
service
BaseServiceI.java 1KB
impl
BaseServiceImpl.java 2KB
UserServiceImpl.java 745B
UserServiceI.java 169B
pojo
User.java 3KB
AbstractEntiry.java 1KB
webapp
WEB-INF
views
login.jsp 973B
test.jsp 797B
error
403.jsp 333B
404.jsp 333B
500.jsp 333B
mvnw.cmd 5KB
.classpath 1KB
共 61 条
- 1
资源评论
magnum4545
- 粉丝: 0
- 资源: 13
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功