package com.alatus.shiro.config; import com.alatus.shiro.realm.MyRealm; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.authc.pam.AllSuccessfulStrategy; import org.apache.shiro.authc.pam.ModularRealmAuthenticator; import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class ShiroConfig { @Autowired private MyRealm realm; // 配置SecurityManager @Bean public DefaultWebSecurityManager defaultWebSecurityManager(){ // 创建SecurityManager对象 DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); // 创建加密对象,设置相关属性 HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); // 采用MD5加密 matcher.setHashAlgorithmName("md5"); // 迭代次数 matcher.setHashIterations(3); // 创建认证对象 ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator(); // 全部策略通过 modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy()); // 将认证对象传入 defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator); // 将加密对象存储到Realm中 realm.setCredentialsMatcher(matcher); // 将Realm存入defaultWebSecurityManager对象 // 如果有多个realm就放入多个,但是需要以集合的形式传入 // defaultWebSecurityManager.setRealms(); defaultWebSecurityManager.setRealm(realm); // 返回 return defaultWebSecurityManager; } // 配置 Shiro 内置过滤器拦截范围 @Bean public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() { DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition(); // 设置不需要认证可以访问的资源 definition.addPathDefinition("/myController/userLogin", "anon"); definition.addPathDefinition("/login", "anon"); // 设置需要进行身份认证的拦截范围 definition.addPathDefinition("/**", "authc"); return definition; } }package com.alatus.shiro.config; import com.alatus.shiro.realm.MyRealm; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.authc.pam.AllSuccessfulStrategy; import org.apache.shiro.authc.pam.ModularRealmAuthenticator; import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class ShiroConfig { @Autowired private MyRealm realm; // 配置SecurityManager @Bean public DefaultWebSecurityManager defaultWebSecurityManager(){ // 创建SecurityManager对象 DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); // 创建加密对象,设置相关属性 HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); // 采用MD5加密 matcher.setHashAlgorithmName("md5"); // 迭代次数 matcher.setHashIterations(3); // 创建认证对象 ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator(); // 全部策略通过 modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy()); // 将认证对象传入 defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator); // 将加密对象存储到Realm中 realm.setCredentialsMatcher(matcher); // 将Realm存入defaultWebSecurityManager对象 // 如果有多个realm就放入多个,但是需要以集合的形式传入 // defaultWebSecurityManager.setRealms(); defaultWebSecurityManager.setRealm(realm); // 返回 return defaultWebSecurityManager; } // 配置 Shiro 内置过滤器拦截范围 @Bean public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() { DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition(); // 设置不需要认证可以访问的资源 definition.addPathDefinition("/myController/userLogin", "anon"); definition.addPathDefinition("/login", "anon"); // 设置需要进行身份认证的拦截范围 definition.addPathDefinition("/**", "authc"); return definition; } }
1348
评论
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
查看更多评论
添加红包
