spring-boot shiro

spring-boot maven配置：

Markup
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.7.RELEASE</version>
<relativePath />

</parent>
Markup
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-mongodb</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
shiro maven配置：

Markup
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-guice</artifactId>
<version>1.2.4</version>
</dependency>
spring-boot shiro @Configuration配置

Java
@Configuration
public class ShiroConfig {

private static Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();

   @Bean(name = "cacheShiroManager")
   public CacheManager getCacheManage() {
       return new EhCacheManager();
   }

   @Bean(name = "lifecycleBeanPostProcessor")
   public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
       return new LifecycleBeanPostProcessor();
   }

   @Bean(name = "sessionValidationScheduler")
   public ExecutorServiceSessionValidationScheduler getExecutorServiceSessionValidationScheduler() {
       ExecutorServiceSessionValidationScheduler scheduler = new ExecutorServiceSessionValidationScheduler();
       scheduler.setInterval(900000);
       return scheduler;
   }

   @Bean(name = "hashedCredentialsMatcher")
   public HashedCredentialsMatcher getHashedCredentialsMatcher() {
       HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
       credentialsMatcher.setHashAlgorithmName("MD5");
       credentialsMatcher.setHashIterations(1);
       credentialsMatcher.setStoredCredentialsHexEncoded(true);
       return credentialsMatcher;
   }

   @Bean(name = "sessionIdCookie")
   public SimpleCookie getSessionIdCookie() {
       SimpleCookie cookie = new SimpleCookie("sid");
       cookie.setHttpOnly(true);
       cookie.setMaxAge(-1);
       return cookie;
   }

   @Bean(name = "rememberMeCookie")
   public SimpleCookie getRememberMeCookie() {
       SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
       simpleCookie.setHttpOnly(true);
       simpleCookie.setMaxAge(2592000);
       return simpleCookie;
   }

   @Bean
   public CookieRememberMeManager getRememberManager(){
       CookieRememberMeManager meManager = new CookieRememberMeManager();
       meManager.setCipherKey(Base64.decode("4AvVhmFLUs0KTA3Kprsdag=="));
       meManager.setCookie(getRememberMeCookie());
       return meManager;
   }

   @Bean(name = "sessionManager")
   public DefaultWebSessionManager getSessionManage() {
       DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
       sessionManager.setGlobalSessionTimeout(1800000);
       sessionManager.setSessionValidationScheduler(getExecutorServiceSessionValidationScheduler());
       sessionManager.setSessionValidationSchedulerEnabled(true);
       sessionManager.setDeleteInvalidSessions(true);
       sessionManager.setSessionIdCookieEnabled(true);
       sessionManager.setSessionIdCookie(getSessionIdCookie());
       EnterpriseCacheSessionDAO cacheSessionDAO = new EnterpriseCacheSessionDAO();
       cacheSessionDAO.setCacheManager(getCacheManage());
       sessionManager.setSessionDAO(cacheSessionDAO);
       // -----可以添加session 创建、删除的监听器

       return sessionManager;
   }

   @Bean(name = "myRealm")
   public AuthorizingRealm getShiroRealm() {
       AuthorizingRealm realm = new ShiroRealm(getCacheManage(), getHashedCredentialsMatcher());
       realm.setName("shiro_auth_cache");
       realm.setAuthenticationCache(getCacheManage().getCache(realm.getName()));
       realm.setAuthenticationTokenClass(UserAuthenticationToken.class);
       return realm;
   }

   @Bean(name = "securityManager")
   public DefaultWebSecurityManager getSecurityManager() {
       DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
       securityManager.setCacheManager(getCacheManage());
       securityManager.setSessionManager(getSessionManage());
       securityManager.setRememberMeManager(getRememberManager());
       securityManager.setRealm(getShiroRealm());
       return securityManager;
   }

   @Bean
   public MethodInvokingFactoryBean getMethodInvokingFactoryBean(){
       MethodInvokingFactoryBean factoryBean = new MethodInvokingFactoryBean();
       factoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
       factoryBean.setArguments(new Object[]{getSecurityManager()});
       return factoryBean;
   }

   @Bean
   @DependsOn("lifecycleBeanPostProcessor")
   public DefaultAdvisorAutoProxyCreator getAutoProxyCreator(){
       DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
       creator.setProxyTargetClass(true);
       return creator;
   }

   @Bean
   public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){
       AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
       advisor.setSecurityManager(getSecurityManager());
       return advisor;
   }

   @Bean(name = "shiroFilter")
   public ShiroFilterFactoryBean getShiroFilterFactoryBean(){
       ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
       factoryBean.setSecurityManager(getSecurityManager());
       factoryBean.setLoginUrl("/toLogin");
       filterChainDefinitionMap.put("/resources/**", "anon");
       filterChainDefinitionMap.put("/login**", "anon");
       filterChainDefinitionMap.put("/**", "user");
       factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
       return factoryBean;
   }
}
Shiro AuthorizingRealm：

Java
public class ShiroRealm extends AuthorizingRealm {

   public ShiroRealm(CacheManager cacheManager, CredentialsMatcher matcher) {
       super(cacheManager, matcher);
   }

@Autowired
private ManageUserService userService;

   @Override
   protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection paramPrincipalCollection) {
       SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
       LoginUser user = (LoginUser) SecurityUtils.getSubject().getSession().getAttribute(AuthAppConfig.LOGIN_USER);
       if (user != null) {
           // 当前用户角色编码集合
           List<String> roleIds = new ArrayList<>();

           for (LoginUserRole role : userService.findLoginUserRoles(user)) {
               roleIds.add(String.valueOf(role.getId()));
           }
           authorizationInfo.addRoles(roleIds);

//TODO add permits
//authorizationInfo.addStringPermissions(null);

       }
       return authorizationInfo;
   }

   @Override
   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
       UserAuthenticationToken token = (UserAuthenticationToken) authenticationToken;
       if (StringUtils.isEmpty(token.getUsername())) {
           throw new IncorrectCredentialsException("username is null!");
       } else if (StringUtils.isEmpty(token.getCredentials())) {
           throw new IncorrectCredentialsException("password is null!");
       }
       LoginUser user = userService.findByUsername(token.getUsername());
       if (user == null) { // 用户不存在
           throw new UnknownAccountException("The user does not exist");
       }
       String userPassword = userService.getUserPassword(user.getId());
       return new SimpleAuthenticationInfo(token.getUsername(), userPassword, getName());
   }
}
自定义UserAuthenticationToken：

Java
public class UserAuthenticationToken implements AuthenticationToken, RememberMeAuthenticationToken {
   private static final long serialVersionUID = 1L;
   private String username;
   private String password;
   private boolean rememberMe;

   public UserAuthenticationToken(String username, String password, boolean rememberMe) {
       super();
       this.username = username;
       this.password = password;
       this.rememberMe = rememberMe;
   }

   /**
   * 是否记住密码
   */
   @Override
   public boolean isRememberMe() {
       return rememberMe;
   }

   /**
   * 获取用户密码
   */
   @Override
   public Object getCredentials() {
       return this.password.toCharArray();
   }

   /**
   * 获取用户登录名
   */
   @Override
   public String getPrincipal() {
       return username;
   }

   public String getPassword() {
       return password;
   }

   public void setPassword(String password) {
       this.password = password;
   }

   public String getUsername() {
       return username;
   }
}
这个就是spring-boot 集成 shiro权限框架。

转载：码农博客 » Spring Boot集成Shiro权限框架

猜你喜欢