springboot 整合shiro

Posted mm163

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了springboot 整合shiro相关的知识,希望对你有一定的参考价值。

1.依赖添加

 <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.1</version>
        </dependency>

2.

package com.abc.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class MyShiroConfig 

//    Subject  关联SecurityManager
//    SecurityManager 关联Realm
//    Realm   关联数据

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager)
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        Map<String,String> map = new HashMap<String,String>();
        map.put("/user/login","anon");
        map.put("/user/toindex","anon");
//        map.put("/user/findUser","role");
        map.put("/user/findUser","perms[user:update]");
        map.put("/*","perms");
        map.put("/*","role");
        map.put("/*","authc");
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        shiroFilterFactoryBean.setLoginUrl("/user/login");
        shiroFilterFactoryBean.setLoginUrl("/user/");
        shiroFilterFactoryBean.setUnauthorizedUrl("/user/unAuth");
        return shiroFilterFactoryBean;
    

    @Bean(name = "securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm)
        DefaultWebSecurityManager securityManager =  new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        return securityManager;
    

    @Bean(name = "userRealm")
    public UserRealm getRealm()
        return new UserRealm();
    

    @Bean
    public ShiroDialect getShiroDialect()
        return new ShiroDialect();
    

3.

package com.abc.config;

import com.abc.User.service.IUserService;
import com.abc.beans.Permission;
import com.abc.beans.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

public class UserRealm extends AuthorizingRealm 

    @Autowired
    private IUserService userService;

    /*
    * 执行授权
    * */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) 

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Subject subject = SecurityUtils.getSubject();
        User user = (User) subject.getPrincipal();
        User dbUser = userService.findUserById(user.getId());
        System.out.println("角色为"+dbUser.getRole());
        List<String> list = userService.findPermissionByRoleId(dbUser.getRole());
        System.out.println(list);
//        info.addRole(String.valueOf(dbUser.getRole()));

        info.addStringPermissions(list);
        return info;
    

    /*
        执行认证
    * */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException 

        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        User user = userService.findUserByUsernameAndPassword(token.getUsername());
        if(user == null)
            return null;
        
        return new SimpleAuthenticationInfo(user,user.getPassword(),"");
    

4.

<div shiro:hasPermission="user:update">
<li><a  th:data-href="@/user/findUser" data-href="admin-role.html" data-title="角色管理" href="javascript:void(0)">角色管理</a></li>
</div>

 

以上是关于springboot 整合shiro的主要内容,如果未能解决你的问题,请参考以下文章

[SpringBoot系列]SpringBoot如何整合SSMP

springboot怎么整合activiti

SpringBoot完成SSM整合之SpringBoot整合junit

springboot整合jedis

SpringBoot 整合其他框架 -- SpringBoot整合Mybatis

SpringBoot 整合其他框架 -- SpringBoot整合Junit