shiro注意点总结
2021/9/27 23:41:15
本文主要是介绍shiro注意点总结,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
目录
- shiroConfig
- anon设置要在authc前面 而且map是linkedHashmap!!!!!
shiroConfig
package com.qh.yyxt.config; import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; /** * 用来整合shiro框架相关的配置类 */ @Configuration public class ShiroConfig { @Bean public DefaultWebSessionManager mySessionManager(){ DefaultWebSessionManager defaultSessionManager = new DefaultWebSessionManager(); //将sessionIdUrlRewritingEnabled属性设置成false defaultSessionManager.setSessionIdUrlRewritingEnabled(false); return defaultSessionManager; } //1.创建shiroFilter,负责拦截所有请求 @Bean public ShiroFilterFactoryBean getShiroFilerFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); //给filter设置安全管理器 shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager); //配置系统受限资源、配置系统公共资源 Map<String,String> map = new LinkedHashMap<>(); /** *可以实现与权限有关的拦截器 * anon:无需认证可以访问 * authc:必须认证才能访问 * user:若使用rememberMe功能可以直接访问 * perms:资源必须得到资源权限才能访问 * role:该资源必须得到角色权限才能访问 */ //http://localhost:8080/user/register?username=2&pwd=2 map.put("/static/**","anon"); map.put("/user/login","anon"); map.put("/user/register","anon"); map.put("/user/**","authc"); map.put("/user/logout","authc"); map.put("/admin/*","roles[1]"); map.put("/admin2/*","roles[2]"); map.put("/index","authc"); // 默认认证界面路径 shiroFilterFactoryBean.setLoginUrl("/login"); shiroFilterFactoryBean.setUnauthorizedUrl("/login"); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); return shiroFilterFactoryBean; } //2.创建安全管理器 @Bean public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm){ DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); //给安全管理器设置realm defaultWebSecurityManager.setRealm(realm); return defaultWebSecurityManager; } //3.创建自定义realm @Bean("realm") public Realm getRealm(){ UserRealm userRealm = new UserRealm(); //修改凭证校验匹配器 HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName("MD5"); credentialsMatcher.setHashIterations(1024); userRealm.setCredentialsMatcher(credentialsMatcher); //开器缓存管理 userRealm.setCacheManager(new EhCacheManager()); //开启全局缓存 userRealm.setCachingEnabled(true); //开启认证缓存 userRealm.setAuthenticationCachingEnabled(true); userRealm.setAuthenticationCacheName("AuthenticationCache"); //开启授权缓存 userRealm.setAuthorizationCachingEnabled(true); userRealm.setAuthorizationCacheName("AuthorizationCache"); return userRealm; } @Bean public ShiroDialect getShiroDialect(){ return new ShiroDialect(); } }
anon设置要在authc前面 而且map是linkedHashmap!!!!!
这篇关于shiro注意点总结的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-11-23Springboot应用的多环境打包入门
- 2024-11-23Springboot应用的生产发布入门教程
- 2024-11-23Python编程入门指南
- 2024-11-23Java创业入门:从零开始的编程之旅
- 2024-11-23Java创业入门:新手必读的Java编程与创业指南
- 2024-11-23Java对接阿里云智能语音服务入门详解
- 2024-11-23Java对接阿里云智能语音服务入门教程
- 2024-11-23JAVA对接阿里云智能语音服务入门教程
- 2024-11-23Java副业入门:初学者的简单教程
- 2024-11-23JAVA副业入门:初学者的实战指南