1.导入依赖
类似SpringSercurity
<!--shiro整合thymeleaf-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
2.编写Shrio的配置类
添加bean
//整合thymeleaf:ShiroDialect
@Bean
public ShiroDialect getShiroDialect(){
return new ShiroDialect();
}
3.添加头标签
xmlns:shiro="http://www.thymeleaf.org/thymeleaf-extras-shiro">
4.实现登录后安全业务
判断用户是否登录,登录则不显示登录按钮
在认证(Realm)时,将session设置上,用来判断用户是否存在
Subject subject = SecurityUtils.getSubject();
Session session = subject.getSession();
session.setAttribute("loginUser",user);
此处判断是否显示登录按钮
th:if="${session.loginUser==null}"
登录后有此权限的才能显示相应的权限
shiro:hasPermission="user:add"
shiro:hasPermission="user:update"
<body>
<h1>首页</h1>
<div th:text="${msg}"></div>
<div th:if="${session.loginUser==null}">
<a th:href="@{/tologin}">登录</a>
</div>
<hr/>
<div shiro:hasPermission="user:add">
<a th:href="@{/user/add}">add</a>
</div>
<div shiro:hasPermission="user:update">
<a th:href="@{/user/update}">update</a>
</div>
</body>
</html>