shiro的原理就不说了,毕竟是初识,先学会怎么使用,再研究什么原理。
基本使用 pom配置
<!--shiro相关依赖-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.2.3</version>
</dependency>
配置AuthRealm
/**
* @Auther: liuhy
* @Date: 2018/12/7 17:18
* AuthRealm
*
*/
public class AuthRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
User user =
(User) principalCollection.fromRealm(this.getClass().getName()).iterator().next();
List<String> permissionList = new ArrayList<>();
List<String> roleNameList = new ArrayList<>();
Set<Role> roles = user.getRoles();
if(!CollectionUtils.isEmpty(roles)){
for (Role role:roles){
roleNameList.add(role.getRname());
Set<Permission> permissions = role.getPermissions();
if(!CollectionUtils.isEmpty(permissions)){
for (Permission permission: permissions){
permissionList.add(permission.getName());
}
}
}
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addStringPermissions(permissionList);
info.addRoles(roleNameList);
return info;
}
//认证登录
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken passwordToken = (UsernamePasswordToken) token;
String username = passwordToken.getUsername();
User user = userService.findUserByUsername(username);
SimpleAuthenticationInfo simpleAuthenticationInfo =
new SimpleAuthenticationInfo(user, user.getPassword(), this.getClass().getName());
return simpleAuthenticationInfo;
}
}
配置CredentialMatcher
/**
* @Auther: liuhy
* @Date: 2018/12/10 11:50
*/
public class CredentialMatcher extends SimpleCredentialsMatcher {
/**
*
* 自定义密码加密比对逻辑
*/
@Override
public boolean doCredentialsMatch(AuthenticationToken token,
AuthenticationInfo info) {
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken)token;
String password = new String(usernamePasswordToken.getPassword());
String dbpassword = (String) info.getCredentials();
return this.equals(password,dbpassword);
}
}
shiroConfig
/**
* @Auther: liuhy
* @Date: 2018/12/10 14:53
*/
@Configuration
public class ShiroConfig {
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") DefaultSecurityManager manager){
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
bean.setSecurityManager(manager);
bean.setLoginUrl("/login"); //登录uri
bean.setSuccessUrl("/index"); //登录成功uri
bean.setUnauthorizedUrl("/unauthorized"); //无权限跳转uri
//添加哪个接口 需要的权限验证
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/index","authc"); //FormAuthenticationFilter
filterChainDefinitionMap.put("/login","anon"); //添加uri login 无需验证
filterChainDefinitionMap.put("/loginUser", "anon");
filterChainDefinitionMap.put("/admin","roles[admin]"); //访问uri/admin 必须含有admin角色
filterChainDefinitionMap.put("/edit","perms[group]"); //访问/edit 必须含有group权限
filterChainDefinitionMap.put("/home","perms[home]");
filterChainDefinitionMap.put("/**","user"); //其他路径必须登录验证
bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return bean;
}
@Bean("securityManager")
public DefaultSecurityManager securityManager(AuthRealm authRealm){
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
defaultWebSecurityManager.setRealm(authRealm);
return defaultWebSecurityManager;
}
@Bean("authRealm")
public AuthRealm authRealm(@Qualifier("credentialMatcher") CredentialMatcher credentialMatcher){
AuthRealm authRealm = new AuthRealm();
authRealm.setCredentialsMatcher(credentialMatcher);
return authRealm;
}
@Bean("credentialMatcher")
public CredentialMatcher credentialMatcher(){
return new CredentialMatcher();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") DefaultSecurityManager securityManager){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
return defaultAdvisorAutoProxyCreator;
}
}
基本上的配置都在上边了,库表就是基于RBAC模型构建的五张表。未完待续。。。