WEB采用Shiro联合Redis的示意图
Redis实现shiro缓存,达到分布式共享session和授权信息,把session和授权持久化到redis数据库或者缓存shiro集群为了防止多次插查询数据库,解决web在授权的时候每次都去查询数据库,对于频繁访问的接口,性能和响应速度比较慢的问题
客户登录,发起请求,调用Shiro与redis的过程
所用到的依赖
<!-- shiro-redis -->
<dependency>
<groupId>org.crazycake</groupId>
<artifactId>shiro-redis</artifactId>
<version>3.1.0</version>
</dependency>
<!-- shiro-thymeleaf -->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
友情链接:
- https://blog.csdn.net/qq_34021712/article/details/80791219
- https://www.dzou.top/post/712f837.html
- https://blog.csdn.net/weixin_39973810/article/details/85113351
ShiroConfig.java
package com.AAAAAAAAAAAA.common.shiro;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.AAAAAAAAAAAA.common.config.FiresProperties;
import com.AAAAAAAAAAAA.common.listener.ShiroSessionListener;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.Filter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.Map;
/**
* Shiro 配置类
*
* @author 阿啄debugIT
*/
@Configuration
public class ShiroConfig {
/**
* 缓存和session的管理
*/
@Autowired
private FiresProperties firesProperties;
@Value("${spring.redis.host}")
private String host;
@Value("${spring.redis.port}")
private int port;
@Value("${spring.redis.password}")
private String password;
@Value("${spring.redis.timeout}")
private int timeout;
/**
* 用于开启 Thymeleaf 中的 shiro 标签的使用
* @return ShiroDialect shiro 方言对象
*/
@Bean
public ShiroDialect shiroDialect() {
return new ShiroDialect();
}
/**
* shiro 中配置 redis 缓存
* @return RedisManager
*/
private RedisManager redisManager() {
RedisManager redisManager = new RedisManager();
// 缓存时间,单位为秒
//redisManager.setExpire(firesProperties.getShiro().getExpireIn()); // removed from shiro-redis v3.1.0 api
redisManager.setHost(host);
redisManager.setPort(port);
if (StringUtils.isNotBlank(password))
redisManager.setPassword(password);
redisManager.setTimeout(timeout);
return redisManager;
}
private RedisCacheManager cacheManager() {
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(redisManager());
return redisCacheManager;
}
/**
* ShiroFilterFactoryBean 处理拦截资源文件问题。 注意:单独一个ShiroFilterFactoryBean配置是或报错的,因为在
* 初始化ShiroFilterFactoryBean的时候需要注入:SecurityManager Filter Chain定义说明
* 1、一个URL可以配置多个Filter,使用逗号分隔
* 2、当设置多个过滤器时,全部验证通过,才视为通过
* 3、部