shiro配置springboot的基本配置

visionzheng

2019-12-25

标准配置

对比 https://www.cnblogs.com/xiaozhang666/p/12058341.html 的对应注入查看

shiro配置springboot的基本配置

package com.zys.sys.config;

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;

@ConfigurationProperties(prefix ="shiro")
@Data
public class ShiroPeopertoes {
    private String hashAlgorithmName = "md5";
    //散列次数
    private Integer hashIterations = 2;
    //登陆页面
    private String loginUrl;
    //未授权的页面
    private String unauthorizedUrl;

    private String[] anonUrls;

    private String logoutUrl;

    private String[] authcUrls;



}

package com.zys.sys.config;


import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.sun.org.apache.bcel.internal.generic.RETURN;
import com.zys.sys.UserRealm.UserRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Configuration
@EnableConfigurationProperties(ShiroPeopertoes.class)
public class ShiroAutoCofig {

    @Autowired
    private ShiroPeopertoes sp;

    /*
    * 创建凭证匹配器
    *
    * */
    @Bean
    public HashedCredentialsMatcher credentialsMatcher(){
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName(sp.getHashAlgorithmName());
        credentialsMatcher.setHashIterations(sp.getHashIterations());
        return credentialsMatcher;
    }
    /*
    * 创建 Realm
    * */

    @Bean
    public UserRealm userRealm(HashedCredentialsMatcher credentialsMatcher){
        UserRealm userRealm = new UserRealm();
        //注入凭证匹配器
        userRealm.setCredentialsMatcher(credentialsMatcher);
        return userRealm;
    }

    /**
     * 声明安全管理器
     */

    @Bean("securityManager")
    public SecurityManager securityManager(UserRealm userRealm){
        DefaultWebSecurityManager dwm = new DefaultWebSecurityManager();
        dwm.setRealm(userRealm);
        return dwm;
    }

    /*
        配置shiro的过滤器  这里面的id必须和web.xml里面的配置一样
     */
    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //注入登陆页面
        shiroFilterFactoryBean.setLoginUrl(sp.getLoginUrl());
        //注入未授权的页面地址
        shiroFilterFactoryBean.setUnauthorizedUrl(sp.getUnauthorizedUrl());
        //注入过滤器
        Map<String,String> filter = new HashMap<>();
        //注入放行的地址
        if(sp.getAnonUrls() != null && sp.getAnonUrls().length > 0){
            String[] anonUrls = sp.getAnonUrls();
            for (String anonUrl : anonUrls) {
                filter.put(anonUrl,"anon");
            }
        }
        //注入登出地址
        if(sp.getLogoutUrl() != null){
            filter.put(sp.getLogoutUrl(),"logout");
        }
        //注入拦截的地址
        if(sp.getAuthcUrls() != null && sp.getAuthcUrls().length > 0){
            String[] authcUrls = sp.getAuthcUrls();
            for (String authcUrl : authcUrls) {
                filter.put(authcUrl,"authc");
            }
        }
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filter);
        return shiroFilterFactoryBean;
    }

    /*
    注册过滤器 web.xml
     */
    @Bean
    public FilterRegistrationBean<DelegatingFilterProxy> filterRegistrationBean(){
        FilterRegistrationBean<DelegatingFilterProxy> bean = new FilterRegistrationBean<>();
        DelegatingFilterProxy proxy = new DelegatingFilterProxy();
        bean.addInitParameter("targetFilterLifecycle","true");
        bean.addInitParameter("targetBeanName","shiroFilter");
        List<String> servletNames = new ArrayList<>();
        servletNames.add(DispatcherServletAutoConfiguration.DEFAULT_DISPATCHER_SERVLET_BEAN_NAME);
        bean.setServletNames(servletNames);
        return bean;
    }
    /*
        再html页面能用shiro标签
    */
    @Bean(name = "shiroDialect")
    public ShiroDialect shiroDialect(){
        return new ShiroDialect();
    }



}

shiro boot string apache