spring boot 整合apache shiro
2018-02-02 00:00
183 查看
package books.shiro; import books.pojo.Permission; import books.service.PermissionService; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.annotation.Resource; import java.util.LinkedHashMap; import java.util.List; /** * @author: GPJ * @Description: Shiro 核心配置 * @Date Created in 10:16 2018/1/22 * @Modified By: */ @Configuration public class ShiroConfig { @Resource private PermissionService permissionService; @Bean public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") SecurityManager securityManager) { ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean(); factoryBean.setSecurityManager(securityManager); // 默认配置 factoryBean.setLoginUrl("/s/login"); factoryBean.setSuccessUrl("/s/index"); factoryBean.setUnauthorizedUrl("/s/unauthorized"); // 权限配置 LinkedHashMap<String , String> filterChainDefinitionMap = new LinkedHashMap<String , String>(); // 数据库动态配置 List<Permission> permissionList = permissionService.list(); for (Permission permission : permissionList) { if (permission.getStatus() == 1 && permission.getType() != 1) { // 字符串拼接权限 filterChainDefinitionMap.put(permission.getUrl(), "rest[" + permission.getUrl() + "]"); } } // 其他配置 filterChainDefinitionMap.put("/web/grade/belong", "anon"); filterChainDefinitionMap.put("/s/index", "authc"); filterChainDefinitionMap.put("/s/login", "anon"); filterChainDefinitionMap.put("/s/unauthorized", "anon"); filterChainDefinitionMap.put("/s/logout", "logout"); filterChainDefinitionMap.put("/**", "authc"); factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return factoryBean; } @Bean("securityManager") public SecurityManager securityManager(@Qualifier("myRealm") MyRealm myRealm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(myRealm); return securityManager; } @Bean("myRealm") public MyRealm myRealm() { // 定义加密 HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); matcher.setHashAlgorithmName("MD5"); matcher.setHashIterations(21); MyRealm realm = new MyRealm(); realm.setCredentialsMatcher(matcher); return realm; } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor; } @Bean public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator(); creator.setProxyTargetClass(true); return creator; } }
相关文章推荐
- Spring Boot系列(十五) 安全框架Apache Shiro(二)缓存-基于Hazelcast的分布式缓存
- Spring Boot整合jpa,Shiro进行权限管理
- Apache shiro 笔记整理之整合spring
- 将 Shiro 作为应用的权限基础 五:SpringMVC+Apache Shiro+JPA(hibernate)整合配置
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权
- Apache Shiro Web应用整合-配置
- Spring 整合 Apache Shiro 实现各等级的权限管理
- [转载] 【Shiro】Apache Shiro架构之实际运用(整合到Spring中)
- 【Shiro】Apache Shiro架构之实际运用(整合到Spring中)
- Apache Shiro与web整合
- apache shiro整合spring(一)
- Spring Boot整合Apache Shiro小节
- Apache Shiro之实际运用(整合到Spring中)将Shiro整到SSM中(基于maven)
- Apache shiro 笔记整理之web整合一
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权
- SpringMVC+Apache Shiro+JPA(hibernate)案例教学(一)整合配置
- Shiro04--Apache Shiro架构之实际运用(整合到Spring中)
- apache shiro整合spring(一)
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权