【WEEK13】 【DAY2】Shiro Part 2【English Version】

2024.5.21 Tuesday
Continued from 【WEEK13】 【DAY1】Shiro Part 1【English Version】

15.3. Integrating with Spring Boot

15.3.1. Creating the shiro-springboot Module

(under the springboot-08-shiro directory)

As usual, modify the Maven, JDK, and Java versions in the settings, as well as the JDK and Java versions in Project Structure. Modify the version of the springframework to 2.7.13 in the pom.xml (it’s important to remember to do this, otherwise you will see an error like “class file has wrong version 61.0, should be 52.0” every time you restart; essentially, it’s not due to different JDK versions, but rather because the version of spring-boot-starter-parent is not compatible). Delete irrelevant files.
Insert image description here

15.3.2. Creating index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>Homepage</h1>
<p th:text="${msg}"></p>
</body>
</html>

15.3.3. Creating the controller folder

Create MyController.java

package com.P40.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class MyController {

    @RequestMapping({"/", "/index"})
    public String toIndex(Model model){
        model.addAttribute("msg","hello, Shiro");
        return "index";
    }
}

15.3.4. Testing the Connection

Run ShiroSpringbootApplication.java
Visit: http://localhost:8080/
Insert image description here

15.3.5. Modifying pom.xml

Add dependency: Shiro-spring, do not use the current latest version 2.0.0, as it will cause errors.
Maven Repository: org.apache.shiro » shiro-spring (mvnrepository.com)

<!-- Package for integrating Shiro with Spring -->
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring -->
<dependency>
    <groupId>org.apache.shiro</groupId>
    <artifactId>shiro-spring</artifactId>
    <version>1.4.1</version>
</dependency>

15.3.6. Creating the config folder

15.3.6.1. Creating ShiroConfig.java

Insert image description here

package com.P40.config;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ShiroConfig {
    // ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        // What to configure: click to enter the source code of ShiroFilterFactoryBean to view
        // Set the security manager
        bean.setSecurityManager(defaultWebSecurityManager);
        return bean;
    }

    // DefaultWebSecurityManager
    @Bean(name = "securityManager") // Give this class an alias to facilitate calls from ShiroFilterFactoryBean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // The default class name of DefaultWebSecurityManager is defaultWebSecurityManager, but it is modified to securityManager here

        // Associate UserRealm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    // Create a realm object, needs a custom class
    @Bean
    public UserRealm userRealm(){
        return new UserRealm();
    }

    // The order of creation is reversed (from realm -> DefaultWebSecurityManager -> ShiroFilterFactoryBean)
}

15.3.6.2. Creating UserRealm.java

package com.P40.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

// UserRealm is a bean
// Custom UserRealm, it must inherit the AuthorizingRealm method, and then implement methods (alt+insert)
public class UserRealm extends AuthorizingRealm {
    // Authorization
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("do doGetAuthorizationInfo Authorization");
        return null;
    }

    // Authentication
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("do doGetAuthorizationInfo Authentication");
        return null;
    }
}

15.3.7. Creating the user folder

15.3.7.1. Creating add.html

Insert image description here

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>add</h1>
</body>
</html>

15.3.7.2. Creating update.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>update</h1>
</body>
</html>

15.3.8. Modifying MyController.java

Adding controller methods to redirect to the add and update pages

package com.P40.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class MyController {

    @RequestMapping({"/", "/index"})
    public String toIndex(Model model){
        model.addAttribute("msg","hello, Shiro");
        return "index";
    }

    @RequestMapping("/user/add")
    public String add(){
        return "user/add";
    }

    @RequestMapping("/user/update")
    public String update(){
        return "user/update";
    }
}

15.3.9. Modifying index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>Homepage</h1>
<p th:text="${msg}"></p>

<hr>    <!-- Create a horizontal line in the HTML page -->
<a th:href="@{/user/add}">add</a>  |   <a th:href="@{/user/update}">update</a>
<!-- a tag defines a hyperlink for linking from one page to another -->
</body>
</html>

15.3.10. Restart

Insert image description here
Insert image description here
Insert image description here

  • 43
    点赞
  • 25
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
基于引用内容和,可以解释shiro oauth2的工作原理。shiro oauth2是一种基于OAuth2协议的认证和授权框架。在shiro oauth2中,客户端应用首先向认证服务器申请令牌,包括第三方用户信息和用户请求信息。认证服务器会根据客户端应用的信息以及存储的第三方应用信息,生成Oauth2Authentication并创建Oatuth2AccessToken令牌。然后,TokenStore将令牌存储到指定的存储器中。 在资源服务器端,客户端携带令牌发送请求到达Oauth2AuthenticationProcessFilter。这个过程中,tokenExtractor会从请求中获取Authentication信息。OAuth2AuthenticationManager会通过tokenService查询token对应的OAuth2Authentication。如果登陆成功,Authentication会被放到SpringSecurityConetxt中。 基于引用内容,shiro oauth2还需要在配置文件中配置客户端的信息。这些信息包括clientId、clientSecret、accessTokenUri、userAuthorizationUri和userInfoUri等。 总结起来,shiro oauth2是通过OAuth2协议实现的一种认证和授权框架,它包括申请令牌的流程和验证令牌的流程。在使用shiro oauth2时,需要配置客户端的信息,并且可以使用TokenStore将令牌存储到指定的存储器中。<span class="em">1</span><span class="em">2</span><span class="em">3</span> #### 引用[.reference_title] - *1* *2* [SpringSecurity、Shiro、Oauth2.0、Cas](https://blog.csdn.net/m0_37695902/article/details/117596437)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"] - *3* [【开发技术】2万字分析shiro、spring security两大安全框架,spring session,OAuth2 入门级教程](https://blog.csdn.net/a23452/article/details/125967279)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"] [ .reference_list ]

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值