spring boot 整合apache shiro
2018-02-02 00:00
183 查看
package books.shiro;
import books.pojo.Permission;
import books.service.PermissionService;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.annotation.Resource;
import java.util.LinkedHashMap;
import java.util.List;
/**
* @author: GPJ
* @Description: Shiro 核心配置
* @Date Created in 10:16 2018/1/22
* @Modified By:
*/
@Configuration
public class ShiroConfig {
@Resource
private PermissionService permissionService;
@Bean
public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") SecurityManager securityManager) {
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager);
// 默认配置
factoryBean.setLoginUrl("/s/login");
factoryBean.setSuccessUrl("/s/index");
factoryBean.setUnauthorizedUrl("/s/unauthorized");
// 权限配置
LinkedHashMap<String , String> filterChainDefinitionMap = new LinkedHashMap<String , String>();
// 数据库动态配置
List<Permission> permissionList = permissionService.list();
for (Permission permission : permissionList) {
if (permission.getStatus() == 1 && permission.getType() != 1) {
// 字符串拼接权限
filterChainDefinitionMap.put(permission.getUrl(), "rest[" + permission.getUrl() + "]");
}
}
// 其他配置
filterChainDefinitionMap.put("/web/grade/belong", "anon");
filterChainDefinitionMap.put("/s/index", "authc");
filterChainDefinitionMap.put("/s/login", "anon");
filterChainDefinitionMap.put("/s/unauthorized", "anon");
filterChainDefinitionMap.put("/s/logout", "logout");
filterChainDefinitionMap.put("/**", "authc");
factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return factoryBean;
}
@Bean("securityManager")
public SecurityManager securityManager(@Qualifier("myRealm") MyRealm myRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myRealm);
return securityManager;
}
@Bean("myRealm")
public MyRealm myRealm() {
// 定义加密
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
matcher.setHashAlgorithmName("MD5");
matcher.setHashIterations(21);
MyRealm realm = new MyRealm();
realm.setCredentialsMatcher(matcher);
return realm;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
creator.setProxyTargetClass(true);
return creator;
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Spring Boot系列(十五) 安全框架Apache Shiro(二)缓存-基于Hazelcast的分布式缓存
- Spring Boot整合jpa,Shiro进行权限管理
- Apache shiro 笔记整理之整合spring
- 将 Shiro 作为应用的权限基础 五:SpringMVC+Apache Shiro+JPA(hibernate)整合配置
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权
- Apache Shiro Web应用整合-配置
- Spring 整合 Apache Shiro 实现各等级的权限管理
- [转载] 【Shiro】Apache Shiro架构之实际运用(整合到Spring中)
- 【Shiro】Apache Shiro架构之实际运用(整合到Spring中)
- Apache Shiro与web整合
- apache shiro整合spring(一)
- Spring Boot整合Apache Shiro小节
- Apache Shiro之实际运用(整合到Spring中)将Shiro整到SSM中(基于maven)
- Apache shiro 笔记整理之web整合一
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权
- SpringMVC+Apache Shiro+JPA(hibernate)案例教学(一)整合配置
- Shiro04--Apache Shiro架构之实际运用(整合到Spring中)
- apache shiro整合spring(一)
- apache shiro与spring整合、动态filterChainDefinitions、以及认证、授权