1、Shiro实现登录拦截
实现步骤:
-
编写Shiro配置类 UserRealm类同上
package com.gjy.config; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.LinkedHashMap; import java.util.Map; @Configuration public class ShiroConfig { //ShiroFilterFactoryBean 3 @Bean public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean(); //设置安全管理器 bean.setSecurityManager(securityManager); //添加shiro的内置过滤器 /* anon:无需认证就可以访问 authc:必须认证才能访问 user:必须拥有记住我功能才能用 perms:拥有对某个资源的权限才能访问 role:拥有对某个角色的权限才能访问 */ Map<String, String> filterMap = new LinkedHashMap<>(); filterMap.put("/user/add", "authc"); filterMap.put("/user/update", "authc"); bean.setFilterChainDefinitionMap(filterMap); bean.setLoginUrl("/toLogin");//设置登录请求 return bean; } //DefaultWebSecurityManager 2 @Bean(name = "securityManager") public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //关联userRealm securityManager.setRealm(userRealm); return securityManager; } //创建realm对象 1 @Bean(name = "userRealm") public UserRealm userRealm() { return new UserRealm(); } }
-
新建一个login.html作为拦截后跳转的登录页面
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"