package com.alatus.shiro.config;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.alatus.shiro.realm.MyRealm;
import net.sf.ehcache.CacheManager;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authc.pam.AllSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
@Configuration
public class ShiroConfig {
@Autowired
private MyRealm realm;
// 配置SecurityManager
@Bean
public DefaultWebSecurityManager defaultWebSecurityManager(){
// 创建SecurityManager对象
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
// 创建加密对象,设置相关属性
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
// 采用MD5加密
matcher.setHashAlgorithmName("md5");
// 迭代次数
matcher.setHashIterations(3);
// 创建认证对象
ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
// 全部策略通过
modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy());
// 将认证对象传入
defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator);
// 将加密对象存储到Realm中
realm.setCredentialsMatcher(matcher);
// 将Realm存入defaultWebSecurityManager对象
// 如果有多个realm就放入多个,但是需要以集合的形式传入
List list = new ArrayList<AuthorizingRealm>();
list.add(realm);
defaultWebSecurityManager.setRealms(list);
// defaultWebSecurityManager.setRealm(realm);
// 设置rememberMe
defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
// 设置缓存管理器
defaultWebSecurityManager.setCacheManager(getEhCaCheManager());
// 返回
return defaultWebSecurityManager;
}
// 缓存管理器
private EhCacheManager getEhCaCheManager() {
// 创建缓存管理器对象
EhCacheManager ehCacheManager = new EhCacheManager();
// 获取流
InputStream is = null;
try{
is = ResourceUtils.getInputStreamForPath("classpath:ehcache/ehcache-shiro.xml");
}
catch (IOException e){
e.printStackTrace();
}
CacheManager manager = new CacheManager(is);
ehCacheManager.setCacheManager(manager);
return ehCacheManager;
}
// 配置 Shiro 内置过滤器拦截范围
@Bean
public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() {
DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
// 设置不需要认证可以访问的资源
definition.addPathDefinition("/myController/userLogin", "anon");
definition.addPathDefinition("/login", "anon");
// 配置退出登录
definition.addPathDefinition("/logout", "logout");
// 设置需要进行身份认证的拦截范围
definition.addPathDefinition("/**", "authc");
// 存在rememberMe的过滤器
definition.addPathDefinition("/**", "user");
return definition;
}
// 创建记住我功能所需的简单 Cookie 对象
public SimpleCookie rememberMeCookie() {
SimpleCookie cookie = new SimpleCookie("rememberMe");
// 设置 Cookie 的路径、HTTPOnly 属性和最大生存时间(以秒为单位,这里设置为30天)
cookie.setPath("/");
cookie.setHttpOnly(true);
cookie.setMaxAge(30 * 24 * 60 * 60);
return cookie;
}
// 创建 Shiro 的 CookieRememberMeManager 对象
public CookieRememberMeManager rememberMeManager() {
// 创建 CookieRememberMeManager 对象
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
// 设置 CookieRememberMeManager 的 Cookie 对象
cookieRememberMeManager.setCookie(rememberMeCookie());
// 设置 CookieRememberMeManager 的加密密钥
cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
return cookieRememberMeManager;
}
// 解析Shiro到Thymeleaf页面
@Bean
public ShiroDialect shiroDialect(){
return new ShiroDialect();
}
}
package com.alatus.shiro.config;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.alatus.shiro.realm.MyRealm;
import net.sf.ehcache.CacheManager;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authc.pam.AllSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
@Configuration
public class ShiroConfig {
@Autowired
private MyRealm realm;
// 配置SecurityManager
@Bean
public DefaultWebSecurityManager defaultWebSecurityManager(){
// 创建SecurityManager对象
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
// 创建加密对象,设置相关属性
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
// 采用MD5加密
matcher.setHashAlgorithmName("md5");
// 迭代次数
matcher.setHashIterations(3);
// 创建认证对象
ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
// 全部策略通过
modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy());
// 将认证对象传入
defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator);
// 将加密对象存储到Realm中
realm.setCredentialsMatcher(matcher);
// 将Realm存入defaultWebSecurityManager对象
// 如果有多个realm就放入多个,但是需要以集合的形式传入
List list = new ArrayList<AuthorizingRealm>();
list.add(realm);
defaultWebSecurityManager.setRealms(list);
// defaultWebSecurityManager.setRealm(realm);
// 设置rememberMe
defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
// 设置缓存管理器
defaultWebSecurityManager.setCacheManager(getEhCaCheManager());
// 返回
return defaultWebSecurityManager;
}
// 缓存管理器
private EhCacheManager getEhCaCheManager() {
// 创建缓存管理器对象
EhCacheManager ehCacheManager = new EhCacheManager();
// 获取流
InputStream is = null;
try{
is = ResourceUtils.getInputStreamForPath("classpath:ehcache/ehcache-shiro.xml");
}
catch (IOException e){
e.printStackTrace();
}
CacheManager manager = new CacheManager(is);
ehCacheManager.setCacheManager(manager);
return ehCacheManager;
}
// 配置 Shiro 内置过滤器拦截范围
@Bean
public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() {
DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
// 设置不需要认证可以访问的资源
definition.addPathDefinition("/myController/userLogin", "anon");
definition.addPathDefinition("/login", "anon");
// 配置退出登录
definition.addPathDefinition("/logout", "logout");
// 设置需要进行身份认证的拦截范围
definition.addPathDefinition("/**", "authc");
// 存在rememberMe的过滤器
definition.addPathDefinition("/**", "user");
return definition;
}
// 创建记住我功能所需的简单 Cookie 对象
public SimpleCookie rememberMeCookie() {
SimpleCookie cookie = new SimpleCookie("rememberMe");
// 设置 Cookie 的路径、HTTPOnly 属性和最大生存时间(以秒为单位,这里设置为30天)
cookie.setPath("/");
cookie.setHttpOnly(true);
cookie.setMaxAge(30 * 24 * 60 * 60);
return cookie;
}
// 创建 Shiro 的 CookieRememberMeManager 对象
public CookieRememberMeManager rememberMeManager() {
// 创建 CookieRememberMeManager 对象
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
// 设置 CookieRememberMeManager 的 Cookie 对象
cookieRememberMeManager.setCookie(rememberMeCookie());
// 设置 CookieRememberMeManager 的加密密钥
cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
return cookieRememberMeManager;
}
// 解析Shiro到Thymeleaf页面
@Bean
public ShiroDialect shiroDialect(){
return new ShiroDialect();
}
}
<?xml version="1.0" encoding="UTF-8"?>
<ehcache name="ehcache" updateCheck="false">
<!-- 磁盘的缓存位置 -->
<diskStore path="java.io.tmpdir"/>
<!-- 默认缓存 -->
<defaultCache
maxEntriesLocalHeap="1000"
eternal="false"
timeToIdleSeconds="3600"
timeToLiveSeconds="3600"
overflowToDisk="false">
</defaultCache>
<!-- 登录认证信息缓存: 缓存用户角色权限 -->
<cache name="loginRolePsCache"
maxEntriesLocalHeap="2000"
eternal="false"
timeToIdleSeconds="600"
timeToLiveSeconds="0"
overflowToDisk="false"
statistics="true"
/>
</ehcache>
<?xml version="1.0" encoding="UTF-8"?>
<ehcache name="ehcache" updateCheck="false">
<!-- 磁盘的缓存位置 -->
<diskStore path="java.io.tmpdir"/>
<!-- 默认缓存 -->
<defaultCache
maxEntriesLocalHeap="1000"
eternal="false"
timeToIdleSeconds="3600"
timeToLiveSeconds="3600"
overflowToDisk="false">
</defaultCache>
<!-- 登录认证信息缓存: 缓存用户角色权限 -->
<cache name="loginRolePsCache"
maxEntriesLocalHeap="2000"
eternal="false"
timeToIdleSeconds="600"
timeToLiveSeconds="0"
overflowToDisk="false"
statistics="true"
/>
</ehcache>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.alatus</groupId>
<artifactId>shiro_springbbot</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>21</maven.compiler.source>
<maven.compiler.target>21</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.5</version>
</parent>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.9.0</version>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.5.3.1</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.25</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.32</version>
</dependency>
<!-- shiro解析thymeleaf-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!-- shiro官方提供的ehcache整合-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.4.2</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
</project>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.alatus</groupId>
<artifactId>shiro_springbbot</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>21</maven.compiler.source>
<maven.compiler.target>21</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.5</version>
</parent>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.9.0</version>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.5.3.1</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.25</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.32</version>
</dependency>
<!-- shiro解析thymeleaf-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!-- shiro官方提供的ehcache整合-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.4.2</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
</project>