码迷,mamicode.com
首页 > 编程语言 > 详细

springboot 整合shiro

时间:2019-06-18 19:48:41      阅读:118      评论:0      收藏:0      [点我收藏+]

标签:str   mis   conf   setfilter   gre   alc   doget   string   ==   

1.依赖添加

 <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.1</version>
        </dependency>

2.

package com.abc.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class MyShiroConfig {

//    Subject  关联SecurityManager
//    SecurityManager 关联Realm
//    Realm   关联数据

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        Map<String,String> map = new HashMap<String,String>();
        map.put("/user/login","anon");
        map.put("/user/toindex","anon");
//        map.put("/user/findUser","role");
        map.put("/user/findUser","perms[user:update]");
        map.put("/*","perms");
        map.put("/*","role");
        map.put("/*","authc");
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        shiroFilterFactoryBean.setLoginUrl("/user/login");
        shiroFilterFactoryBean.setLoginUrl("/user/");
        shiroFilterFactoryBean.setUnauthorizedUrl("/user/unAuth");
        return shiroFilterFactoryBean;
    }

    @Bean(name = "securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager securityManager =  new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    @Bean(name = "userRealm")
    public UserRealm getRealm(){
        return new UserRealm();
    }

    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }
}

3.

package com.abc.config;

import com.abc.User.service.IUserService;
import com.abc.beans.Permission;
import com.abc.beans.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

public class UserRealm extends AuthorizingRealm {

    @Autowired
    private IUserService userService;

    /*
    * 执行授权
    * */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Subject subject = SecurityUtils.getSubject();
        User user = (User) subject.getPrincipal();
        User dbUser = userService.findUserById(user.getId());
        System.out.println("角色为"+dbUser.getRole());
        List<String> list = userService.findPermissionByRoleId(dbUser.getRole());
        System.out.println(list);
//        info.addRole(String.valueOf(dbUser.getRole()));

        info.addStringPermissions(list);
        return info;
    }

    /*
        执行认证
    * */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        User user = userService.findUserByUsernameAndPassword(token.getUsername());
        if(user == null){
            return null;
        }
        return new SimpleAuthenticationInfo(user,user.getPassword(),"");
    }
}

4.

<div shiro:hasPermission="user:update">
<li><a  th:data-href="@{/user/findUser}" data-href="admin-role.html" data-title="角色管理" href="javascript:void(0)">角色管理</a></li>
</div>

 

springboot 整合shiro

标签:str   mis   conf   setfilter   gre   alc   doget   string   ==   

原文地址:https://www.cnblogs.com/mm163/p/11047140.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!