关于java:SpringBootShiroThymeleaf

50次阅读

共计 1747 个字符,预计需要花费 5 分钟才能阅读完成。

1、增加 Shiro 依赖

        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.1</version>
        </dependency>

2、创立 ShiroConfig

@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager") DefaultWebSecurityManager defaultWebSecurityManager){ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        // 设置平安管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        // 增加 shiro 的内置过滤器
        /*
            anon: 无需认证能够拜访
            authc: 必须认证能力拜访
            user: 必须领有 记住我 性能能力用
            perms: 领有对某个资源的权限能力拜访
            role: 领有某个角色权限能力拜访
         */

        // 拦挡
        Map<String, String> filterMap = new LinkedHashMap<>();

//        filterMap.put("/user/add","authc");
//        filterMap.put("/user/update","authc");
        filterMap.put("/login/*","anon");

        bean.setFilterChainDefinitionMap(filterMap);

        // 验证失败跳转页面
        bean.setLoginUrl("/Text");

        return bean;
    }

    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    @Bean
    public UserRealm userRealm(){return new UserRealm();
    }

}

3、Realm 受权、认证

public class UserRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {System.out.println("受权执行");
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {System.out.println("认证执行");

//        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
//
//        // 连贯实在的数据库
//        User user = userService.queryUserByName(token.getUsername());
//
//        if (user == null){// 没有此用户
//            return null;
//        }

        // 明码认证  shiro 做
        return new SimpleAuthenticationInfo("",token.getPassword(),"");
    }
}

正文完
 0