数据库权限表截图
ShiroConfig.java(shiro配置)
/**
* @todo: 集成shiro
* @author: cxx
* @date: 2020-5-22 09:56:10
* @description: manage
*/
@Configuration
public class ShiroConfig {
@Value("${spring.jedis.port}")
private int port;
@Value("${spring.jedis.host}")
private String host;
@Value("${spring.jedis.password}")
private String password;
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 必须设置SecuritManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 没有登陆的用户只能访问登陆页面
shiroFilterFactoryBean.setLoginUrl("/login/index");
// 登录成功后要跳转的链接
shiroFilterFactoryBean.setSuccessUrl("/main/toMain");
// 未授权界面;
shiroFilterFactoryBean.setUnauthorizedUrl("/error/to403");
// 自定义拦截器
Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();
// 限制同一帐号同时在线的个数。
//filters.put("kickout", kickoutSessionControlFilter());
// 权限控制map.
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
// 放行路径
filterChainDefinitionMap.put("/static/**", "anon");//静态资源
filterChainDefinitionMap.put("/login/index", "anon");//登录页面
filterChainDefinitionMap.put("/login/toLogin", "anon");//请求登录
filterChainDefinitionMap.put("/error/**", "anon");//错误提示
// 测试放行
//filterChainDefinitionMap.put("/main/toMain", "anon");//测试 主页面菜单放行
//filterChainDefinitionMap.put("/home/toIndex", "anon");//测试 主页面首页放行
filterChainDefinitionMap.put("/login/toLogout", "logout");//退出登录
// 拦截路径
filterChainDefinitionMap.put("/**", "authc");//用户权限功能页
//filterChainDefinitionMap.put("/**", "authc,kickout");//用户权限功能页
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new Defau