标签:
INI配置文件是一种key/value的键值对配置,提供了分类的概念,每一个类中的key不可重复。在这个示例中我们使用一个INI文件来配置Shiro SecurityManager,首先,在pom.xml同目录中创建一个src/main/resources子目录,在该子目录中创建一个shiro.ini文件,内容如下:
# =======================# Shiro INI 配置# =======================[main]# 对象和它们的属性在这里定义# 例如 SecurityManager, Realms 等。[users]# 用户在这里定义,如果只是一小部分用户。(实际使用中,使用这种配置显然不合适)[roles]# 角色在这里定义,(实际应用中也不会在这里定义角色,一般都是存储于数据库中)[urls]# web系统中,基于url的权限配置,web章节会介绍。
[main]sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatchermyRealm = com.company.security.shiro.DatabaseRealmmyRealm.connectionTimeout = 30000myRealm.username = jsmithmyRealm.password = secretmyRealm.credentialsMatcher = $sha256MatchersecurityManager.sessionManager.globalSessionTimeout = 1800000
[main]myRealm = com.company.shiro.realm.MyRealm...
...myRealm.connectionTimeout = 30000myRealm.username = jsmith...
...myRealm.setConnectionTimeout(30000);myRealm.setUsername("jsmith");...
...sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher...myRealm.credentialsMatcher = $sha256Matcher...
...securityManager.sessionManager.globalSessionTimeout = 1800000...
securityManager.getSessionManager().setGlobalSessionTimeout(1800000);
数组类型注入:
# ‘cipherKey‘ 是数组类型的默认使用Base64编码- securityManager.rememberMeManager.cipherKey = kPH+bIxk5D2deZiIxcaaaA==
...
securityManager.rememberMeManager.cipherKey = 0x3707344A4093822299F31D008
集合类型的注入:
Array/Set/List setter,多个值通过逗号分隔
sessionListener1 = com.company.my.SessionListenerImplementation...sessionListener2 = com.company.my.other.SessionListenerImplementation...securityManager.sessionManager.sessionListeners = $sessionListener1, $sessionListener2
object1 = com.company.some.Classobject2 = com.company.another.Class...anObject = some.class.with.a.Map.propertyanObject.mapProperty = key1:$object1, key2:$object2
anObject.map = $objectKey1:$objectValue1, $objectKey2:$objectValue2...
注入顺序:
...myRealm = com.company.security.MyRealm...myRealm = com.company.security.DatabaseRealm...
默认值:
...securityManager = com.company.security.shiro.MyCustomSecurityManager...
[users]admin = 123lonestarr = 123, role1,role2darkhelmet = 123, role1,role2
username = password, roleName1, roleName2, ..., roleNameN
[main]...sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher...iniRealm.credentialsMatcher = $sha256Matcher...[users]# user1 = sha256-hashed-hex-encoded password, role1, role2, ...user1 = 2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b, role1, role2, ...
[main]...# true = hex, false = base64:sha256Matcher.storedCredentialsHexEncoded = false
[roles]# ‘admin‘ 拥有所有权限admin = *# ‘schwartz‘ 拥有lightsaber下所有权限schwartz = lightsaber:*# ‘goodguy‘ 拥有winnebago下的‘drive‘ 下的‘eagle5‘权限goodguy = winnebago:drive:eagle5
rolename = permissionDefinition1, permissionDefinition2, ..., permissionDefinitionN
[urls]- /admin/** = authc, roles[admin], perms["permission1"]
Apache shiro集群实现 (二) shiro 的INI配置
标签:
原文地址:http://blog.csdn.net/lishehe/article/details/45218605
