shiro权限管理的配置
建立一個權限管理配置類,在類上添加注解@Configuration,如下:
1、設置安全管理
@Bean
public DefaultWebSecurityManager securityManager(CookieRememberMeManager rememberMeManager,
CacheManager cacheShiroManager,
SessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(this.shiroDbRealm());
securityManager.setCacheManager(cacheShiroManager);
//securityManager.setRememberMeManager(rememberMeManager);
securityManager.setSessionManager(sessionManager);
return securityManager;
}
2、 spring session管理器(多機環境)
@Bean
@ConditionalOnProperty(prefix = “oa”, name = “spring-session-open”, havingValue = “true”)
public ServletContainerSessionManager servletContainerSessionManager() {
return new ServletContainerSessionManager();
}
3、session管理器(單機環境)
@Bean
@ConditionalOnProperty(prefix = “oa”, name = “spring-session-open”, havingValue = “false”)
public DefaultWebSessionManager defaultWebSessionManager(CacheManager cacheShiroManager, OaProperties gunsProperties) {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setCacheManager(cacheShiroManager);
sessionManager.setSessionValidationInterval(gunsProperties.getSessionValidationInterval() * 1000);
sessionManager.setGlobalSessionTimeout(gunsProperties.getSessionInvalidateTime() * 1000);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);
cookie.setName(“shiroCookie”);
cookie.setHttpOnly(true);
sessionManager.setSessionIdCookie(cookie);
return sessionManager;
}
4、緩存管理器 使用Ehcache實現
@Bean
public CacheManager getCacheShiroManager(EhCacheManagerFactoryBean ehcache) {
EhCacheManager ehCacheManager = new EhCacheManager();
ehCacheManager.setCacheManager(ehcache.getObject());
return ehCacheManager;
}
5、項目自定義的Realm
@Bean
public ShiroDbRealm shiroDbRealm() {
return new ShiroDbRealm();
}
6、rememberMe管理器, cipherKey生成鍵
7、記住密碼Cookie
@Bean
public SimpleCookie rememberMeCookie() {
SimpleCookie simpleCookie = new SimpleCookie(“rememberMe”);
simpleCookie.setHttpOnly(true);
simpleCookie.setMaxAge(7 * 24 * 60 * 60);//7天
return simpleCookie;
}
8、Shiro的過濾器鏈
@Bean
public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setSecurityManager(securityManager);
/**
* 默認的登陸訪問url
/
shiroFilter.setLoginUrl("/login");
/*
* 登陸成功后跳轉的url
/
shiroFilter.setSuccessUrl("/");
/*
* 沒有權限跳轉的url
*/
shiroFilter.setUnauthorizedUrl("/global/error");
9、 在方法中 注入 securityManager,進行代理控制
@Bean
public MethodInvokingFactoryBean methodInvokingFactoryBean(DefaultWebSecurityManager securityManager) {
MethodInvokingFactoryBean bean = new MethodInvokingFactoryBean();
bean.setStaticMethod(“org.apache.shiro.SecurityUtils.setSecurityManager”);
bean.setArguments(securityManager);
return bean;
}
10、Shiro生命周期處理器
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
11、啟用shrio授權注解攔截方式,AOP式方法級權限檢查
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor =
new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
總結
以上是生活随笔為你收集整理的shiro权限管理的配置的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: vue解决mintui中使用Messag
- 下一篇: 普通话测试软件字体怎么调整,普通话考试常