1、Shiro的依赖Jar包
<shiro-all.version>1.3.2</shiro-all.version>
<shiro-spring.version>1.3.2</shiro-spring.version>
<shiro-ehcache.version>1.3.2</shiro-ehcache.version>
<thymeleaf-extras-shiro.version>2.0.0</thymeleaf-extras-shiro.version>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-all</artifactId>
<version>${
shiro-all.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-quartz</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${
shiro-spring.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${
shiro-ehcache.version}</version>
</dependency>
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>${
thymeleaf-extras-shiro.version}</version>
</dependency>
2、SpringBoot的Shiro配置类
package com.bsoft.core.config;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.bsoft.core.security.RetryLimitHashedCredentialsMatcher;
import com.bsoft.core.security.ShiroRealm;
import net.sf.ehcache.CacheManager;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.SessionValidationScheduler;
import org.apache.shiro.session.mgt.ValidatingSessionManager;
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
import org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import javax.servlet.Filter;
import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.Map;
/**
* @author :Liujian
* @date :2019/11/4 17:36
* @description:Shiro配置类
* @version:
*/
@Configuration
public class ShiroConfig {
private static Logger logger = LoggerFactory.getLogger(ShiroConfig.class);
@Bean(name = "shiroDialect")
public ShiroDialect shiroDialect(){
return new ShiroDialect();
}
@Bean("ehCacheManager")
public EhCacheManager ehCacheManager(){
CacheManager cacheManager = CacheManager.getCacheManager("es");
if(cacheManager == null){
try {
cacheManager = CacheManager.create(ResourceUtils.getInputStreamForPath("classpath:ehcache-shiro.xml"));
} catch (IOException e) {
throw new RuntimeException("initialize cacheManager failed");
}
}
EhCacheManager ehCacheManager = new EhCacheManager();
ehCacheManager.setCacheManager(cacheManager);
return ehCacheManager;
}
/**
* 凭证密码匹配器
* @param ehCacheManager
* @return
*/
@Bean(name="credentialsMatcher")
public CredentialsMatcher credentialsMatcher(@Qualifier("ehCacheManager") EhCacheManager ehCacheManager) {
return new RetryLimitHashedCredentialsMatcher(ehCacheManager);
}
/**
* 配置自定义的权限登录器
* @param credentialsMatcher
* @return
*/
@Bean(name="authRealm")
public ShiroRealm authRealm(@Qualifier("credentialsMatcher") CredentialsMatcher credentialsMatcher) {
ShiroRealm authRealm = new ShiroRealm();
authRealm.setCredentialsMatcher(credentialsMatcher);
authRealm.setCachingEnabled(false);
return authRealm;
}
@Bean(name = "sessionIdCookie")
public SimpleCookie sessionIdCookie() {
SimpleCookie simpleCookie = new SimpleCoo