文章目錄

依賴

<properties><project.build.sourceEncoding>UTF-8</project.build.sourceEncoding><project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding><java.version>1.8</java.version><mybatis.spring.boot.version>1.3.1</mybatis.spring.boot.version><druid.version>1.0.28</druid.version><shiro.version>1.3.2</shiro.version><kaptcha.version>0.0.9</kaptcha.version></properties><!-- 集成shiro版本 --><properties><shiro.version>1.3.2</shiro.version><kaptcha.version>0.0.9</kaptcha.version></properties><!-- spring集成shiro --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring</artifactId><version>${shiro.version}</version></dependency><!-- shiro緩存 --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-ehcache</artifactId><version>${shiro.version}</version></dependency><dependency><groupId>org.mybatis.spring.boot</groupId><artifactId>mybatis-spring-boot-starter</artifactId><version>${mybatis.spring.boot.version}</version></dependency><!-- 集成驗證碼 --><dependency><groupId>com.github.axet</groupId><artifactId>kaptcha</artifactId><version>${kaptcha.version}</version></dependency>

Shiro 配置類

package com.qf.config;import com.qf.realm.UserRealm; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.session.mgt.SessionManager; import org.apache.shiro.spring.LifecycleBeanPostProcessor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.CookieRememberMeManager; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.apache.shiro.web.servlet.Cookie; import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration;import java.util.LinkedHashMap; import java.util.Map;@Configuration public class ShiroConfig {//1,創建 SessionManager 管理會話@Bean(name = "sessionManager")//<bean class="">public SessionManager sessionManager(){DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();//設置過期時間sessionManager.setGlobalSessionTimeout(1000*60*30);//設置后臺線程 清理過期的會話sessionManager.setSessionValidationSchedulerEnabled(true);//設置地址比拼接sessionidsessionManager.setSessionIdUrlRewritingEnabled(false);return sessionManager;}//2,創建SecurityManager@Bean(name="securityManager")public SecurityManager securityManager(SessionManager sessionManager,UserRealm userRealm){DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();securityManager.setSessionManager(sessionManager);//緩存管理EhCacheManager cacheManager = new EhCacheManager();cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");securityManager.setCacheManager(cacheManager);//cookie管理CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();Cookie cookie = cookieRememberMeManager.getCookie();cookie.setMaxAge(60*60*24*3);cookie.setPath("/");securityManager.setRememberMeManager(cookieRememberMeManager);//設置自定義realmsecurityManager.setRealm(userRealm);return securityManager;}//3,創建ShiroFilter@Bean(name="shiroFilter")public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();shiroFilterFactoryBean.setSecurityManager(securityManager);//設置登錄頁面shiroFilterFactoryBean.setLoginUrl("/login.html");shiroFilterFactoryBean.setSuccessUrl("/index.html");shiroFilterFactoryBean.setUnauthorizedUrl("unauthorized.html");//攔截的路徑的詳細設置//什么Map是存取有序的？Map<String,String> map = new LinkedHashMap<>();map.put("/sys/login","anon");//匿名訪問map.put("/captcha.jpg","anon");//驗證碼放行map.put("/**","authc");shiroFilterFactoryBean.setFilterChainDefinitionMap(map);return shiroFilterFactoryBean;}//4,BeanLifeCycle 生命周期@Bean(name="lifecycleBeanPostProcessor")public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){LifecycleBeanPostProcessor lifecycleBeanPostProcessor = new LifecycleBeanPostProcessor();return lifecycleBeanPostProcessor;}//5,開啟aop對shiro的bean動態代理@Bean(name = "defaultAdvisorAutoProxyCreator")public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);//cglib方式return defaultAdvisorAutoProxyCreator;}/*** 6.開啟shiro的注解** @param securityManager* @return*/@Bean(name = "authorizationAttributeSourceAdvisor")public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();advisor.setSecurityManager(securityManager);return advisor;} }

自定義Realm

package com.qf.realm;import com.qf.pojo.SysUser; import com.qf.service.MenuService; import com.qf.service.RoleService; import com.qf.service.SysUserService; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component;import java.util.List;@Component public class UserRealm extends AuthorizingRealm {@Autowiredprivate SysUserService sysUserService;@Autowiredprivate RoleService roleService;@Autowiredprivate MenuService menuService;/*** 先認證** @param token* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {//1.得到用戶名和密碼UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken)token;String username = usernamePasswordToken.getUsername();//默認獲取password的類型為char[]，轉換處理String password = new String(usernamePasswordToken.getPassword());//2.從數據庫根據用戶名查詢用戶信息SysUser byUsername = sysUserService.findByUsername(username);//判斷查詢出的用戶對象(sysUser)是否為空if(byUsername==null){throw new UnknownAccountException("賬戶不存在");}//判斷查詢出的用戶對象的用戶密碼和頁面從頁面傳遞過來的密碼進行比較是否相同if(!byUsername.getPassword().equals(password)){throw new IncorrectCredentialsException("密碼不正確");}//判斷查詢出的用戶對象的用戶的可用狀態 0 -> 賬戶凍結狀態if(byUsername.getStatus()==0){throw new LockedAccountException("賬戶被凍結");}SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(byUsername,password,this.getName());return info;}/*** 后授權** @param principals* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {//1.從principals中獲取用戶信息SysUser sysUser = (SysUser)principals.getPrimaryPrincipal();//2.獲取userIdLong userId = sysUser.getUserId();//3.通過userId獲取當前用戶的角色信息List<String> rolsByUserID = roleService.findRolsByUserID(userId);//4.通過userId獲取當前用戶的權限信息List<String> permsByUserId = menuService.findPermsByUserId(userId);//5.把角色和權限信息封裝到SimpleAuthorizationInfo中，進行返回SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();info.addRoles(rolsByUserID);info.addStringPermissions(permsByUserId);return info;} } 創作挑戰賽新人創作獎勵來咯，堅持創作打卡瓜分現金大獎

總結

以上是生活随笔為你收集整理的SpringBoot 整合Shiro Ehcache的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。