shiro注意点总结

目录

shiroConfig

package com.qh.yyxt.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * 用来整合shiro框架相关的配置类
 */
@Configuration
public class ShiroConfig {

    @Bean
    public DefaultWebSessionManager mySessionManager(){
        DefaultWebSessionManager defaultSessionManager = new DefaultWebSessionManager();
        //将sessionIdUrlRewritingEnabled属性设置成false
        defaultSessionManager.setSessionIdUrlRewritingEnabled(false);
        return defaultSessionManager;
    }
    //1.创建shiroFilter,负责拦截所有请求
    @Bean
    public ShiroFilterFactoryBean getShiroFilerFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //给filter设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);

        //配置系统受限资源、配置系统公共资源
        Map<String,String> map = new LinkedHashMap<>();
        /**
         *可以实现与权限有关的拦截器
         *   anon:无需认证可以访问
         *   authc:必须认证才能访问
         *   user:若使用rememberMe功能可以直接访问
         *   perms:资源必须得到资源权限才能访问
         *   role:该资源必须得到角色权限才能访问
         */
       //http://localhost:8080/user/register?username=2&pwd=2
        map.put("/static/**","anon");

        map.put("/user/login","anon");
        map.put("/user/register","anon");

        map.put("/user/**","authc");
        map.put("/user/logout","authc");
        map.put("/admin/*","roles[1]");
        map.put("/admin2/*","roles[2]");

        map.put("/index","authc");

//        默认认证界面路径
        shiroFilterFactoryBean.setLoginUrl("/login");
        shiroFilterFactoryBean.setUnauthorizedUrl("/login");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }

    //2.创建安全管理器
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //给安全管理器设置realm
        defaultWebSecurityManager.setRealm(realm);
        return defaultWebSecurityManager;
    }

    //3.创建自定义realm
    @Bean("realm")
    public Realm getRealm(){

        UserRealm userRealm = new UserRealm();
        //修改凭证校验匹配器
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName("MD5");
        credentialsMatcher.setHashIterations(1024);
        userRealm.setCredentialsMatcher(credentialsMatcher);

        //开器缓存管理
        userRealm.setCacheManager(new EhCacheManager());
        //开启全局缓存
        userRealm.setCachingEnabled(true);
        //开启认证缓存
        userRealm.setAuthenticationCachingEnabled(true);
        userRealm.setAuthenticationCacheName("AuthenticationCache");
        //开启授权缓存
        userRealm.setAuthorizationCachingEnabled(true);
        userRealm.setAuthorizationCacheName("AuthorizationCache");
        return userRealm;
    }
    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }
}

anon设置要在authc前面 而且map是linkedHashmap!!!!!

上一篇:vue中template和render的区别


下一篇:shiro + redis 实现session 缓存