9.springboot2.X整合redis-shiro
2020-03-06 16:30
1126 查看
1.整合有关redis依赖
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.0</version> </dependency> <!--shiro整合redis缓存,和之前的缓存不同--> <dependency> <groupId>org.crazycake</groupId> <artifactId>shiro-redis</artifactId> <version>2.4.2.1-RELEASE</version> </dependency> <!--springboot2.X没有jedis,你需要一个redis客户端3以下--> <dependency> <groupId>redis.clients</groupId> <artifactId>jedis</artifactId> <version>2.9.0</version> </dependency>
2.redis缓存简单的配置,像序列化策略啥的都是默认的
/** * redis配置 * * */ public class RedisConfig { /** * redisManager * * @return */ public RedisManager redisManager() { RedisManager redisManager = new RedisManager ( ); //主鸡地址 redisManager.setHost ("127.0.0.1"); //端口 redisManager.setPort (6379); // 配置过期时间 redisManager.setExpire (1800); return redisManager; } /** * cacheManager * * @return */ public RedisCacheManager cacheManager() { RedisCacheManager redisCacheManager = new RedisCacheManager ( ); redisCacheManager.setRedisManager (redisManager ( )); return redisCacheManager; } /** * redisSessionDAO */ public RedisSessionDAO redisSessionDAO() { RedisSessionDAO redisSessionDAO = new RedisSessionDAO ( ); redisSessionDAO.setRedisManager (redisManager ( )); return redisSessionDAO; } /** * sessionManager */ public DefaultWebSessionManager SessionManager() { DefaultWebSessionManager sessionManager = new DefaultWebSessionManager ( ); sessionManager.setSessionDAO (redisSessionDAO ( )); return sessionManager; } }
3.redis缓存配置到你的shiro配置里
@Bean DefaultWebSecurityManager securityManager() { DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( ); //自定义的Realm交给manager manager.setRealm (myRealm ( )); // 自定义缓存实现 使用redis manager.setCacheManager(new RedisConfig ().cacheManager ()); // 自定义session管理 使用redis manager.setSessionManager(new RedisConfig ().SessionManager ()); // 使用记住我,注入配置 manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ()); return manager; }
你想要缓存必须配置session管理器,redis管理器 ,redisSession
贴上配置代码:
@Configuration public class RememberMeConfig { /** * cookie设置 * */ public SimpleCookie rememberMeCookie(){ //这个参数是cookie的名称,对应前端的checkbox的name = rememberMe SimpleCookie simpleCookie = new SimpleCookie("rememberMe"); //cookie生效时间30天,单位秒; simpleCookie.setMaxAge(2592000); return simpleCookie; } /** * cookie管理对象;记住我功能 * @return */ public CookieRememberMeManager rememberMeManager(){ CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager(); cookieRememberMeManager.setCookie(rememberMeCookie()); // cookieRememberMeManager.setCipherKey用来设置加密的Key,参数类型byte[],字节数组长度要求16 // cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag==")); cookieRememberMeManager.setCipherKey("ZHANGXIAOHEI_CAT".getBytes()); return cookieRememberMeManager; } }
/*授权和认证逻*/ public class CustomRealm extends AuthorizingRealm { @Autowired UserService userService; @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println ("执行授权逻辑"); SimpleAuthorizationInfo simpleInfo = new SimpleAuthorizationInfo ( ); //获取登录用户名 String name = (String) principalCollection.getPrimaryPrincipal ( ); //之后在数据库查询他是什么角色 什么权限一一添加他们 List<String> listRoles = userService.listRoles (name); // simpleInfo.addRoles (listRoles);直接添加多个角色或者forench添加 for (String role : listRoles) { simpleInfo.addRole (role); } //添加角色下的权限 比如crud List<String> listPermissions = userService.listPermissions (name); System.out.println (listPermissions.size ( )); simpleInfo.addStringPermissions (listPermissions); //设置好权限返回 return simpleInfo; } @Override protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { ; //加这一步的目的是在Post请求的时候会先进认证,然后在到请求 if (null == authenticationToken.getPrincipal ( )) { return null; } System.out.println ("执行认证逻辑" + getName ( )); UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; //获取用户登陆的名 String name = token.getUsername ( ); //查出的密码和盐封装成User User user = userService.getPwdByName (name); if (null == user) { //用户名不存在 return null;//抛出一个空的对象 抛出异常UnknowAccountException } //密码 String pwd = user.getPassword ( ); //盐 String salt = user.getSalt ( ); //真盐=name+salt salt = name + salt; //这里验证authenticationToken和simpleAuthenticationInfo的信息 return new SimpleAuthenticationInfo (name, pwd, ByteSource.Util.bytes (salt), getName ( )); } }
你的这些配置也可以配到shiroConfig 方法里
/*常用的过滤器 * anon:无认证 * authc:必须认证 登陆即可 * user: 使用记住我可以直接访问 * perms: 必须有资源权限 比如crud * roles: 必须有角色权限 * */ @Configuration public class ShiroConfig { /** * 创建自定义配置的Realm */ @Bean CustomRealm myRealm() { CustomRealm customRealm = new CustomRealm ( ); //注入加密算法 customRealm.setCredentialsMatcher (hashedCredentialsMatcher ()); return customRealm; } /** * 创建DefaultWebSecurityManager管理器,使它管理自定义的Realm */ @Bean DefaultWebSecurityManager securityManager() { DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( ); //自定义的Realm交给manager manager.setRealm (myRealm ( )); // 自定义缓存实现 使用redis manager.setCacheManager(new RedisConfig ().cacheManager ()); // 自定义session管理 使用redis manager.setSessionManager(new RedisConfig ().SessionManager ()); // 使用记住我,注入配置 manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ()); return manager; } /** *创建shiroFilterFactoryBean * 关联一个securityManager ( )管理器 */ @Bean ShiroFilterFactoryBean shiroFilterFactoryBean() { ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean ( ); bean.setSecurityManager (securityManager ( )); //登陆页 bean.setLoginUrl ("/login"); //登陆成功后界面 bean.setSuccessUrl ("/index"); //未授权跳转到 bean.setUnauthorizedUrl ("/tip"); Map<String, String> map = new LinkedHashMap<> ( ); //anon是把限制权限改为无限制 //map.put ("/index", "anon"); //authc 登陆后可以访问 // map.put ("/**", "authc"); map.put ("/add", "authc"); //权限必须有addProduct才可以访问 map.put ("/update","perms[addProduct]"); //角色是admin 才可以访问超级管理员界面 map.put ("/admin","roles[admin]"); bean.setFilterChainDefinitionMap (map); return bean; } /**用于ShiroDialect和thymeleaf标签配合使用*/ @Bean(name = "shiroDialect") public ShiroDialect shiroDialect(){ return new ShiroDialect (); } /** * 密码加密算法设置 * @return */ @Bean public HashedCredentialsMatcher hashedCredentialsMatcher(){ HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(); hashedCredentialsMatcher.setHashAlgorithmName("md5"); //散列的次数 hashedCredentialsMatcher.setHashIterations(2); return hashedCredentialsMatcher; }; }
具体细节就是redis缓存具体的配置还没弄,很多默认的设置,比如序列化后都乱码了而不是json格式的? 解决办法百度把
- 点赞
- 收藏
- 分享
- 文章举报
相关文章推荐
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- spring boot shiro redis整合
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- springboot2.x整合redis知识点讲解
- spring boot整合redis实现shiro的分布式session共享的方法
- Spring boot整合redis实现shiro的分布式session共享
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- SpringBoot整合mybatis、shiro、redis实现基于数据库的细粒度动态权限管理系统实例(转)
- SpringBoot整合mybatis、shiro、redis实现基于数据库的细粒度动态权限管理系统实例
- spring boot 整合shiro和redis实现权限管理和登录功能
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- SpringBoot 2.x整合Redis实现RedisTemplate以及缓存
- spring boot整合redis,实现shiro的CacheManager
- spring boot整合redis实现shiro的分布式session共享
- 【转】springboot2.x+mybait-plus +vue整合redis
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- SpringBoot整合mybatis、shiro、redis实现基于数据库的细粒度动态权限管理系统实例
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析
- Spring Boot+Shiro+Redis(redisson)整合时,采用内嵌tomcat启动错误原因分析