Shiro 中的权限如何与数据库进行交互

话不多说直接上代码以及xml

shiro.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/aop
        http://www.springframework.org/schema/aop/spring-aop.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd">

    <!-- 自定义Realm,就是继承AuthorizingRealm的类-->
    <bean id="myRealm" class="com.easyit.shiro.realm.MyRealm" />

     <!-- 安全管理器 -->
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="realm" ref="myRealm" />
    </bean>

     <!-- Shiro过滤器 (***这里注意了*** class跟自己的java类路径)-->
    <bean id="shiroFilter" class="com.easyit.shiro.realm.MyShiroFilterFactoryBean">
        <!-- Shiro的核心安全接口,这个属性是必须的 -->
        <property name="securityManager" ref="securityManager" />
        <!-- 登录的URL地址 -->
        <property name="loginUrl" value="/login" />
        <!-- 登录成功后跳转的URL地址 -->
        <property name="successUrl" value="/index" />
        <!-- 权限认证失败，则跳转到指定页面 -->
        <property name="unauthorizedUrl" value="/unauthor" />
        <!-- Shiro连接约束配置,即过滤链的定义 -->
        <property name="filterChainDefinitions">
            <value>
                 ##登录的路径
                 /login = anon
                 ##退出登录的路径
                 /logout = logout
            </value>
        </property>

    </bean>

     <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />

    <bean
        class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
        depends-on="lifecycleBeanPostProcessor" />

    <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
    <bean
        class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager" />
    </bean>



</beans>

下面是刚才的类代码操作

package com.easyit.shiro.realm;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.springframework.beans.factory.annotation.Autowired;

import com.easyit.shiro.model.ShiroPower;
import com.easyit.shiro.model.ShiroRoles;
import com.easyit.shiro.model.ShiroRolesPower;
import com.easyit.shiro.service.ShiroService;

//最重要的就是要继承ShiroFilterFactoryBean类
public class MyShiroFilterFactoryBean extends ShiroFilterFactoryBean {



    //重写这个方法
    @Override
    public void setFilterChainDefinitionMap(Map<String, String> filterChainDefinitionMap) {

        //这里是将权限加入map集合里面,也可以从数据库里面查询权限数据加入map集合里面

        //比如加入一个   /admin/delete = authc,roles[admin],perms[admin:delete]

        /代码如下
        filterChainDefinitionMap.put("/admin/delete","authc,roles[admin],perms[admin:delet]");

    //让后就将 权限加入到shiro.xml的value中了

        super.setFilterChainDefinitionMap(filterChainDefinitionMap);
    }

}