Shiro与Spring集成xml配置及灵活的设置权限问题

• 在web.xml中设置shiro过滤器

<!--设置shiro过滤器-->
  <filter>
    <filter-name>shiroFilter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
      <param-name>targetFilterLifecycle</param-name>
      <param-value>true</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>shiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

• 自定义realm(注入repository)

  
  

• 创建Map工厂

  使用Map的好处方便对权限的修改增加等…
  Map使用LinkedHashMap(有序的)
  最后一定要添加map.put("/**",“authc”);

public class FilterChainDefinitionMapFactory {
    public Map<String,String> createFilterChainDefinitionMap(){
        Map<String,String> map = new LinkedHashMap<>();
        //设置放行
        map.put("/login", "anon");
        map.put("/login22", "anon");
        map.put("/easyui/**","anon");
        map.put("/css/**","anon");
        map.put("/fonts/**","anon");
        map.put("/js/**","anon");
        map.put("/images/**","anon");
        map.put("/json/**","anon");
        map.put("*.js","anon");
        map.put("*.css","anon");
        map.put("*.jpg","anon");
        map.put("*.png","anon");
        //设置权限拦截
//        map.put("/employee/index","perms[employee:index]");
//        map.put("/dept/index","perms[dept:index]");
        //拦截所有
        map.put("/**","authc");
        return map;
    }
}

• 配置applicationContext-shiro.xml

  需要注意自定义的realm和工厂 class是类的完全限定名

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">

    <!--得到securityManager对象-->
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="realm" ref="jdbcRealm"/>
    </bean>
    <!--自定义的realm-->
    <bean id="jdbcRealm" class="com.zhangxj.web.shiro.AiSystemRealm">
        <!--密码的匹配器-->
        <property name="credentialsMatcher">
            <bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
                <property name="hashAlgorithmName" value="MD5"/>
                <property name="hashIterations" value="20"/>
            </bean>
        </property>
    </bean>
    <!--shiro注解的支持-->
    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
          depends-on="lifecycleBeanPostProcessor"/>
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

    <!-- shiro过滤器配置,id名字必须和web.xml中的名字一样 -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="loginUrl" value="/login"/>
        <property name="successUrl" value="/main"/>
        <property name="unauthorizedUrl" value="/s/unauthorized.jsp"/>

        <!--引用工厂返回的bean,配好之后需要重启服务器-->
        <property name="filterChainDefinitionMap" ref="filterChainDefinitionMap"/>
    </bean>
    <!--实体工厂bean的生产map的方法,返回也是一个bean-->
    <bean id="filterChainDefinitionMap" factory-bean="filterChainDefinitionMapFactory" factory-method="createFilterChainDefinitionMap"/>
    <!--创建生产map的工厂-->
    <bean id="filterChainDefinitionMapFactory" class="com.zhangxj.web.shiro.FilterChainDefinitionMapFactory"/>
</beans>