欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

spring boot 集成shiro的配置方法

程序员文章站 2023-12-17 20:56:16
spring boot提供了一个自带的认证框架,同时也提供自定义的javaconfig配置扩展,spring-sercurity同样也是优秀的框架,但是习惯了用apache...

spring boot提供了一个自带的认证框架,同时也提供自定义的javaconfig配置扩展,spring-sercurity同样也是优秀的框架,但是习惯了用apache shiro框架,而且原项目就是集成的shiro框架,到网上找了一下配置方式,没找到完全配置的方法,因此决定自己动手,丰衣足食!

        要在spring boot上集成其他框架,首先要会spring javaconfig方法,利用此方法同样可以配置其他模块,废话少说,开始。。。

        开始前需要导入maven依赖(shiro-web可选):         

  <dependency> 
  <groupid>org.apache.shiro</groupid> 
  <artifactid>shiro-core</artifactid> 
  <version>${shiro.version}</version> 
</dependency> 
<dependency> 
  <groupid>org.apache.shiro</groupid> 
  <artifactid>shiro-web</artifactid> 
  <version>${shiro.version}</version> 
</dependency> 
<dependency> 
  <groupid>org.apache.shiro</groupid> 
  <artifactid>shiro-spring</artifactid> 
  <version>${shiro.version}</version> 
</dependency> 
<dependency> 
  <groupid>org.apache.shiro</groupid> 
  <artifactid>shiro-ehcache</artifactid> 
  <version>${shiro.version}</version> 
</dependency>

        原shiro集成spring的配置拿出来,如下:

<?xml version="1.0" encoding="utf-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" 
xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd" 
default-lazy-init="true"> 
<description>shiro安全配置 来源于: http://shiro.apache.org/spring.html 
</description> 
<bean id="securitymanager" class="org.apache.shiro.web.mgt.defaultwebsecuritymanager"> 
<!-- single realm app. if you have multiple realms, use the 'realms' property 
instead. --> 
<property name="realm" ref="shirorealmimpl" /> 
<property name="cachemanager" ref="shiroehcachemanager" /> 
</bean> 
<!-- define the realm you want to use to connect to your back-end security 
datasource: --> 
<bean id="shirorealmimpl" class="com.wechatserver.web.services.system.impl.shirorealmimpl" /> 
<bean id="shirofilter" class="org.apache.shiro.spring.web.shirofilterfactorybean"> 
<property name="securitymanager" ref="securitymanager" /> 
<property name="loginurl" value="/login" /> <!-- 没有权限或者失败后跳转的页面 --> 
<property name="successurl" value="/sa/index" /> 
<property name="filterchaindefinitions"> 
<!-- , roles[admin], perms[document:read] --> 
<value> 
<!-- 
/user/** = authc 
/role/edit/* = perms[role:edit] 
/role/save = perms [role:edit] 
/role/list = perms [role:view] 
--> 
/sa/** = authc 
/** = anon 
</value> 
</property> 
</bean> 
<!-- 用户授权/认证信息cache, 采用ehcache 缓存 --> 
<bean id="shiroehcachemanager" class="org.apache.shiro.cache.ehcache.ehcachemanager"> 
<property name="cachemanagerconfigfile" value="classpath:ehcache-shiro.xml" /> 
</bean> 
<!-- 保证实现了shiro内部lifecycle函数的bean执行 --> 
<bean id="lifecyclebeanpostprocessor" class="org.apache.shiro.spring.lifecyclebeanpostprocessor" /> 
<!-- aop式方法级权限检查 --> 
<!-- enable shiro annotations for spring-configured beans. only run after --> 
<!-- the lifecyclebeanprocessor has run: --> 
<bean 
class="org.springframework.aop.framework.autoproxy.defaultadvisorautoproxycreator" 
depends-on="lifecyclebeanpostprocessor"> 
<property name="proxytargetclass" value="true" /> 
</bean> 
<bean 
class="org.apache.shiro.spring.security.interceptor.authorizationattributesourceadvisor"> 
<property name="securitymanager" ref="securitymanager" /> 
</bean> 
</beans>

好多类啊,没办法一个一个配置,javaconfig文件如下:

import java.util.linkedhashmap; 
import java.util.map; 
import org.apache.shiro.cache.ehcache.ehcachemanager; 
import org.apache.shiro.spring.lifecyclebeanpostprocessor; 
import org.apache.shiro.spring.security.interceptor.authorizationattributesourceadvisor; 
import org.apache.shiro.spring.web.shirofilterfactorybean; 
import org.apache.shiro.web.mgt.defaultwebsecuritymanager; 
import org.springframework.aop.framework.autoproxy.defaultadvisorautoproxycreator; 
import org.springframework.context.annotation.bean; 
import org.springframework.context.annotation.configuration; 
@configuration 
public class shiroconfiguration { 
  private static map<string, string> filterchaindefinitionmap = new linkedhashmap<string, string>(); 
  @bean(name = "shirorealmimpl") 
  public shirorealmimpl getshirorealm() { 
    return new shirorealmimpl(); 
  } 
  @bean(name = "shiroehcachemanager") 
  public ehcachemanager getehcachemanager() { 
    ehcachemanager em = new ehcachemanager(); 
    em.setcachemanagerconfigfile("classpath:ehcache-shiro.xml"); 
    return em; 
  } 
  @bean(name = "lifecyclebeanpostprocessor") 
  public lifecyclebeanpostprocessor getlifecyclebeanpostprocessor() { 
    return new lifecyclebeanpostprocessor(); 
  } 
  @bean 
  public defaultadvisorautoproxycreator getdefaultadvisorautoproxycreator() { 
    defaultadvisorautoproxycreator daap = new defaultadvisorautoproxycreator(); 
    daap.setproxytargetclass(true); 
    return daap; 
  } 
  @bean(name = "securitymanager") 
  public defaultwebsecuritymanager getdefaultwebsecuritymanager() { 
    defaultwebsecuritymanager dwsm = new defaultwebsecuritymanager(); 
    dwsm.setrealm(getshirorealm()); 
    dwsm.setcachemanager(getehcachemanager()); 
    return dwsm; 
  } 
  @bean 
  public authorizationattributesourceadvisor getauthorizationattributesourceadvisor() { 
    authorizationattributesourceadvisor aasa = new authorizationattributesourceadvisor(); 
    aasa.setsecuritymanager(getdefaultwebsecuritymanager()); 
    return new authorizationattributesourceadvisor(); 
  } 
  @bean(name = "shirofilter") 
  public shirofilterfactorybean getshirofilterfactorybean() { 
    shirofilterfactorybean shirofilterfactorybean = new shirofilterfactorybean(); 
    shirofilterfactorybean 
        .setsecuritymanager(getdefaultwebsecuritymanager()); 
    shirofilterfactorybean.setloginurl("/login"); 
    shirofilterfactorybean.setsuccessurl("/sa/index"); 
    filterchaindefinitionmap.put("/sa/**", "authc"); 
    filterchaindefinitionmap.put("/**", "anon"); 
    shirofilterfactorybean 
        .setfilterchaindefinitionmap(filterchaindefinitionmap); 
    return shirofilterfactorybean; 
  } 
}

注意点:最后一个是filterchaindefinitionmap的初始化,map用的是linkedhashmap来初始化的,各位应用的时候将其配置成properties文件,然后初始化就ok了,改写好后直接启动ok,搬运到spring boot应该是ok的。

别忘了在ehcache-shiro.xml

<ehcache updatecheck="false" name="shirocache"> 
  <defaultcache 
      maxelementsinmemory="10000" 
      eternal="false" 
      timetoidleseconds="120" 
      timetoliveseconds="120" 
      overflowtodisk="false" 
      diskpersistent="false" 
      diskexpirythreadintervalseconds="120" 
      /> 
</ehcache>

备注:shirorealmimpl类请参考官方文档 

总结

以上所述是小编给大家介绍的spring boot 集成shiro的配置方法,希望对大家有所帮助

上一篇:

下一篇:

推荐阅读