如果要配置的资源很权限很多,则此方法就不适用
<property name="filterChainDefinitions">
<value>
/login.jsp = anon
/shiro/login = anon
/shiro/logout = logout
/list.jsp = roles[user]
/admin.jsp = roles[admin]
/** = authc
</value>
</property>
改成这样
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"></property>
<property name="loginUrl" value="/login.jsp"></property>
<property name="successUrl" value="/list.jsp"></property>
<property name="unauthorizedUrl" value="/unauthorized.jsp"></property>
<property name="filterChainDefinitionMap" ref="filterChainDefinitionMap">
</property>
</property>-->
</bean>
<!--配置一个bean,该bean 实际上是一个map,通过实例工厂方法的方式-->
<bean id="filterChainDefinitionMap" factory-bean="filterChainDefinitionMapBuilder" factory-method="buildFilterChainDefinitionMap"></bean>
<bean id="filterChainDefinitionMapBuilder" class="sise.cn.factory.FilterChainDefinitionMapBuilder"></bean>
工厂类:
public class FilterChainDefinitionMapBuilder {
public LinkedHashMap<String,String> buildFilterChainDefinitionMap(){
LinkedHashMap<String,String> map = new LinkedHashMap<String, String>();
//实际开发,查询数据库
map.put("/login.jsp","anon");
map.put("/shiro/login","anon");
map.put("/shiro/logout","logout");
map.put(" /list.jsp","roles[user]");
map.put("/admin.jsp "," roles[admin]");
map.put("/**","authc");
return map;
}
}
token.setRememberMe(true);的作用
map.put("/index.jsp",“authc,roles[user]”);
map.put("/admin.jsp ",“authc,roles[admin]”);
map.put(“list.jsp”,“user”);
作用:list.jsp登录后重新访问不需要认证
index.jsp和admin.jsp关闭浏览器重新访问时要验证
缓存就是再次访问时不用去数据库查询权限
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!--注入缓存管理器-->
<property name="cacheManager" ref="cacheManger"></property>
<property name="realm" ref="jdbcRealm"></property>
</bean>
<!--配置cacheManger 缓存管理器-->
<bean id="cacheManger" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:shiro-ehcache.xml"></property>
</bean>
shiro-ehcahe.xml
<ehcache>
<!-- 指定一个文件目录,当EhCache把数据写到硬盘上时,将把数据写到这个文件目录下 -->
<diskStore path="E:\ehcache"/>
<!-- 设定缓存的默认数据过期策略 -->
<defaultCache
maxElementsInMemory="10000"
eternal="false"
overflowToDisk="true"
timeToIdleSeconds="10"
timeToLiveSeconds="20"
diskPersistent="false"
diskExpiryThreadIntervalSeconds="120"/>
</ehcache>