导入相关包(这里配合使用Ehcache缓存)
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.3.2</version>
</dependency>
添加配置文件类(注意启动类的扫描范围,可自定义)
@Configuration
public class ShiroConfig {
@Autowired
EhCacheManagerFactoryBean ehCacheManagerFactoryBean;
/**
* 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证
* 配置以下两个bean(DefaultAdvisorAutoProxyCreator(可选)和AuthorizationAttributeSourceAdvisor)即可实现此功能
*
* @return
*/
@Bean
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
advisorAutoProxyCreator.setProxyTargetClass(true);
return advisorAutoProxyCreator;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
return authorizationAttributeSourceAdvisor;
}
// 解决shiroFilter无法注入bean的问题
@Bean
public FilterRegistrationBean delegatingFilterProxy() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
DelegatingFilterProxy proxy = new DelegatingFilterProxy();
proxy.setTargetFilterLifecycle(true);
proxy.setTargetBeanName("shiroFilter");
filterRegistrationBean.setFilter(proxy);
return filterRegistrationBean;
}
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map<String, Filter> filters = new HashMap<>();
filters.put("rbacFilter", new RBACPermissionFilter()); // 自定义拦截类
shiroFilterFactoryBean.setFilters(filters);
//拦截器.
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
filterChainDefinitionMap.put("*.do", "rbacFilter");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setCacheManager(myShiroCacheManager());
securityManager.setRealm(myShiroRealm());
securityManager.setSessionManager(myShiroSession());
return securityManager;
}
@Bean
public SessionManager myShiroSession() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionIdCookie(myShiroCookie());
sessionManager.setCacheManager(myShiroCacheManager());
sessionManager.setSessionDAO(mySessionDao());
sessionManager.setSessionValidationInterval(7200000L);
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setSessionValidationScheduler(mySessionScheduler());
sessionManager.setSessionIdUrlRewritingEnabled(false);
return sessionManager;
}
@Bean
public EhCacheManager myShiroCacheManager() {
EhCacheManager ehCacheManager = new EhCacheManager();
ehCacheManager.setCacheManager(ehCacheManagerFactoryBean.getObject()); // 添加ehcache缓存 详细见上文章
return ehCacheManager;
}
@Bean
public SimpleCookie myShiroCookie() {
SimpleCookie simpleCookie = new SimpleCookie("rsId"); // session的JSESSIONID
simpleCookie.setPath("/");
simpleCookie.setHttpOnly(true);
simpleCookie.setMaxAge(7200);
return simpleCookie;
}
@Bean
public SessionValidationScheduler mySessionScheduler() {
ExecutorServiceSessionValidationScheduler executorServiceSessionValidationScheduler = new ExecutorServiceSessionValidationScheduler();
executorServiceSessionValidationScheduler.setInterval(7200000L);
return executorServiceSessionValidationScheduler;
}
@Bean
public SessionDAO mySessionDao() {
EnterpriseCacheSessionDAO enterpriseCacheSessionDAO = new EnterpriseCacheSessionDAO();
enterpriseCacheSessionDAO.setCacheManager(myShiroCacheManager());
enterpriseCacheSessionDAO.setActiveSessionsCacheName("shiro-activeSessionCache"); // 缓存name
return enterpriseCacheSessionDAO;
}
// 自定义realm类
@Bean
public MyShiroRealm myShiroRealm() {
MyShiroRealm myShiroRealm = new MyShiroRealm();
myShiroRealm.setCacheManager(myShiroCacheManager());
myShiroRealm.setAuthenticationCacheName("shiroDbRealm.authorizationCache");
return myShiroRealm;
}
}
<!-- Shiro Cache Config -->
<cache name="shiroDbRealm.authorizationCache"
maxElementsInMemory="200000"
eternal="true"
diskPersistent="false"
overflowToDisk="true"
diskExpiryThreadIntervalSeconds="120">
</cache>
<cache name="shiro-activeSessionCache"
maxElementsInMemory="1"
memoryStoreEvictionPolicy="FIFO"
eternal="true"
diskPersistent="true"
overflowToDisk="true"
maxElementsOnDisk="0"
diskExpiryThreadIntervalSeconds="120"/>