springboot 整合shiro
Posted mm163
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了springboot 整合shiro相关的知识,希望对你有一定的参考价值。
1.依赖添加
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
2.
package com.abc.config; import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.Map; @Configuration public class MyShiroConfig // Subject 关联SecurityManager // SecurityManager 关联Realm // Realm 关联数据 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager) ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); Map<String,String> map = new HashMap<String,String>(); map.put("/user/login","anon"); map.put("/user/toindex","anon"); // map.put("/user/findUser","role"); map.put("/user/findUser","perms[user:update]"); map.put("/*","perms"); map.put("/*","role"); map.put("/*","authc"); shiroFilterFactoryBean.setSecurityManager(securityManager); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); shiroFilterFactoryBean.setLoginUrl("/user/login"); shiroFilterFactoryBean.setLoginUrl("/user/"); shiroFilterFactoryBean.setUnauthorizedUrl("/user/unAuth"); return shiroFilterFactoryBean; @Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(userRealm); return securityManager; @Bean(name = "userRealm") public UserRealm getRealm() return new UserRealm(); @Bean public ShiroDialect getShiroDialect() return new ShiroDialect();
3.
package com.abc.config; import com.abc.User.service.IUserService; import com.abc.beans.Permission; import com.abc.beans.User; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import java.util.List; public class UserRealm extends AuthorizingRealm @Autowired private IUserService userService; /* * 执行授权 * */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); Subject subject = SecurityUtils.getSubject(); User user = (User) subject.getPrincipal(); User dbUser = userService.findUserById(user.getId()); System.out.println("角色为"+dbUser.getRole()); List<String> list = userService.findPermissionByRoleId(dbUser.getRole()); System.out.println(list); // info.addRole(String.valueOf(dbUser.getRole())); info.addStringPermissions(list); return info; /* 执行认证 * */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; User user = userService.findUserByUsernameAndPassword(token.getUsername()); if(user == null) return null; return new SimpleAuthenticationInfo(user,user.getPassword(),"");
4.
<div shiro:hasPermission="user:update"> <li><a th:data-href="@/user/findUser" data-href="admin-role.html" data-title="角色管理" href="javascript:void(0)">角色管理</a></li> </div>
以上是关于springboot 整合shiro的主要内容,如果未能解决你的问题,请参考以下文章
[SpringBoot系列]SpringBoot如何整合SSMP
SpringBoot完成SSM整合之SpringBoot整合junit