Spring boot 2.0 fully embraces java8, which greatly simplifies configuration items in security verification. When using shiro, security must be turned off. Security is turned on by default. In the boot1.x version, configuration items can be passed.
security:
basic:
enabled: false
management:
security:
enabled: false
To disable, but 2.0 due to security and ambiguity, the security-related configuration items are removed, then the integration of shiro has no effect.
By adding an annotation to the main method of startup:
@EnableAutoConfiguration(exclude = {
org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class
})
To prohibit the automatic startup configuration of security to achieve the effect of shiro integration, the specific shiro integration is the same as boot 1.x, please refer to my previous blog post on integrating shiro: https://my.oschina.net/u/3312115/blog/1600830
My open source project is based on spring boot 2.0 shiro background scaffolding: https://gitee.com/bweird/lenosp
available for reference