SpringBoot - shiro 作登录认证和拦截
2020-04-19 22:55
513 查看
SpringBoot - shiro 作登录认证和拦截
Controller
/** * @author Shu * @date 2020/3/26 上午11:45 */ @Api (tags = "管理系统登录页面", value = "账号密码认证") @RestController public class LoginController { @Autowired private LoginService loginService; @PostMapping("/login") public BaseResponseUtil login(@RequestParam("userName") String userName, @RequestParam ("password") String password){ //获取当前用户 Subject subject = SecurityUtils.getSubject(); //封装用户的登录数据 UsernamePasswordToken token = new UsernamePasswordToken(userName, password); try { subject.login(token); return DataResponseUtil.success(CodeEnum.SUCCESS,"登录成功"); }catch (UnknownAccountException e){ return DataResponseUtil.error (CodeEnum.BAD_REQUEST, "用户名或密码错误"); }catch (IncorrectCredentialsException e){ return DataResponseUtil.error(CodeEnum.BAD_REQUEST,"用户名或密码错误"); } } }
ShiroConfig
/** * @author Shu * @date 2020/4/14 上午9:13 */ @Configuration public class ShiroConfig { //shiroFilterFactoryBean:`````3`````` @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //设置安全管理器 shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager); //添加shiro的内置过滤器 /* * anon:无须认证即可访问 * authc:必须认证才可以访问 * user:必须有 记住我 功能 才能用 * perms:拥有对某个资源的权限才可以访问 * role:拥有某个角色权限才可以访问 * */ //拦截 Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>(); filterChainDefinitionMap.put("*/login","anon"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); //设置登录页面 shiroFilterFactoryBean.setLoginUrl("/login"); return shiroFilterFactoryBean; } //DefaultWebSecurityManager:`````2`````` @Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){ DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); defaultWebSecurityManager.setRealm(userRealm); return defaultWebSecurityManager; } //Realm对象,需要自定义:`````1`````` @Bean(name = "userRealm") public UserRealm userRealm(){ return new UserRealm(); } }
UserRealm
/** * @author Shu * @date 2020/4/14 上午9:06 */ public class UserRealm extends AuthorizingRealm { @Autowired private LoginService loginService; //授权 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null; } //认证 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = ((UsernamePasswordToken) token).getUsername(); Login login = loginService.selectUserByName(username); if (login==null){ return null; } String password = login.getPassword(); String realmName = getName(); // 盐值加密 ByteSource credentialsSalt = ByteSource.Util.bytes(username); SimpleAuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, password,credentialsSalt,realmName); return authcInfo; } }
- 点赞 1
- 收藏
- 分享
- 文章举报
相关文章推荐
- springboot+jwt+shiro集成实现前后端分离的登录认证和拦截
- springboot(十四):springboot整合shiro-登录认证和权限管理
- SpringBoot+shiro整合学习之登录认证和权限控制
- springboot整合shiro(一):登录认证
- spring-boot(八) springboot整合shiro-登录认证和权限管理
- springboot整合shiro-登录认证和权限管理
- springboot+mybatis+shiro——登录认证和权限控制
- SpringBoot整合Shiro实现登录认证的方法
- springboot shiro登录成功拦截到首页
- SpringBoot+shiro整合学习之登录认证和权限控制
- springboot整合shiro-登录认证和权限管理
- shiro,基于springboot,基于前后端分离,从登录认证到鉴权,从入门到放弃
- SpringBoot整合Shiro登录认证和授权(附demo)
- spring boot(十四)shiro登录认证与权限管理
- SpringBoot+shiro整合学习之登录认证和权限控制
- Spring Boot 整合 Shiro 进行登录认证
- springboot(十四):springboot整合shiro-登录认证和权限管理(转)
- Spring Cloud之路:(七)SpringBoot+Shiro实现登录认证和权限管理
- SpringBoot+shiro整合学习之登录认证和权限控制
- springboot(十四):springboot整合shiro-登录认证和权限管理