springboot(2):整合shiro-ehcache与freemarker

最新推荐文章于 2021-04-19 12:33:51 发布
最新推荐文章于 2021-04-19 12:33:51 发布
阅读量257 收藏 2
点赞数 2
分类专栏: springboot 文章标签: shiro 整合 springboot 登陆 freemarker
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/ostarstech/article/details/102499958
版权

源码地址 https://github.com/ostars/springboot-fast.git  分支:dev_shiro

项目结构

├── doc                                           // doc files.  
├── log                                           // log files.  
├── src/main
│   ├──java/org/ostars/springbootfast             // Specific code.  
│    ├──security                                   // shiro config
│    ├──├──GlobalExceptionHandler                  // 未授权进入403页面
│    ├──├──ShiroConfig                             // 注册和配置不需要shiro控制的资源和页面
│    ├──├──ShiroRealm                              // 验证和授权
│    ├──├──ShiroTagConfig                          // shiro标签
│   ├──resources
│    ├──ehcache
│    ├──├──ehcache.xml                             // 使用ehcache做二级缓存
├── src/test                                      // test.  
├── .gitignore                                    
├── LICENSE                
├── README.md

ShiroConfig.java

package org.ostars.springbootfast.security;

import net.sf.ehcache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * shiro config
 *
 * @author isaac
 * @date 2019/10/9
 */
@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setLoginUrl("/login");
        shiroFilterFactoryBean.setSuccessUrl("/index");
        shiroFilterFactoryBean.setUnauthorizedUrl("/403");

        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        filterChainDefinitionMap.put("/css/**", "anon");
        filterChainDefinitionMap.put("/js/**", "anon");
        filterChainDefinitionMap.put("/img/**", "anon");

        filterChainDefinitionMap.put("/**", "authc");
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        return shiroFilterFactoryBean;
    }

    @Bean
    public ShiroRealm shiroRealm() {
        ShiroRealm shiroRealm = new ShiroRealm();
        shiroRealm.setCacheManager(cacheManager());
        return shiroRealm;
    }

    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(shiroRealm());
        securityManager.setCacheManager(cacheManager());
        securityManager.setRememberMeManager(cookieRememberMeManager());
        return securityManager;
    }

    @Bean
    @ConditionalOnMissingBean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor =
                new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public EhCacheManager cacheManager() {
        CacheManager cacheManager = CacheManager.getCacheManager("es");
        if (cacheManager == null) {

            try {
                cacheManager = CacheManager.create(ResourceUtils.getInputStreamForPath("classpath:ehcache/ehcache.xml"));
            } catch (IOException e) {
                throw new RuntimeException("initialize cacheManager failed");
            }
        }

        EhCacheManager ehCacheManager = new EhCacheManager();
        ehCacheManager.setCacheManager(cacheManager);
        return ehCacheManager;
    }

    @Bean
    public SimpleCookie simpleCookie() {
        SimpleCookie simpleCookie = new SimpleCookie();
        simpleCookie.setHttpOnly(true);
        simpleCookie.setMaxAge(604800);
        simpleCookie.setName("standardManagement");
        return simpleCookie;
    }

    @Bean
    public CookieRememberMeManager cookieRememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCipherKey(Base64.decode("4AvVhmFLUs0KTA3Kprsdag=="));
        cookieRememberMeManager.setCookie(simpleCookie());
        return cookieRememberMeManager;
    }

}

ShiroRealm.java

package org.ostars.springbootfast.security;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.ostars.springbootfast.enums.StatusEnum;
import org.ostars.springbootfast.model.base.SysUserModel;
import org.ostars.springbootfast.service.base.SysResourceService;
import org.ostars.springbootfast.service.base.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;

import java.util.List;

import static org.ostars.springbootfast.utils.GlobalConstant.ADMINORGID;
import static org.ostars.springbootfast.utils.GlobalConstant.ISADMIN;

/**
 * shiro realm
 *
 * @author isaac
 * @date 2019/10/9
 */
public class ShiroRealm extends AuthorizingRealm {

    @Autowired
    private SysUserService sysUserService;
    @Autowired
    private SysResourceService sysResourceService;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String loginName = authenticationToken.getPrincipal().toString();
        if (StringUtils.isEmpty(loginName)) {
            throw new AccountException("empty loginName");
        }
        List<SysUserModel> userModels = this.sysUserService.selectByModel(new SysUserModel(loginName));
        if (userModels.size() == 0) {
            throw new LockedAccountException("no account find");
        }

        if (userModels.size() > 1) {
            throw new LockedAccountException("duplicate account");
        }

        SysUserModel sysUserModel = userModels.get(0);
        if (StatusEnum.DISABLE.getValue().equals(sysUserModel.getStatus())) {
            throw new LockedAccountException("account locked");
        }

        if (ISADMIN.equals(sysUserModel.getAdminFlag())) {
            sysUserModel.setOrgId(ADMINORGID);
        }

        return new SimpleAuthenticationInfo(sysUserModel, sysUserModel.getPassword(), getName());
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SysUserModel sysUserModel = (SysUserModel) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        if (ISADMIN.equals(sysUserModel)) {
            info.addStringPermission("*:*");
            return info;
        }

        List<String> permissionList = this.sysResourceService.selectResourceByUserId(sysUserModel.getId());
        info.addStringPermissions(permissionList);
        return info;
    }
}
ShiroConTagConfig.java


package org.ostars.springbootfast.security;

import com.jagregory.shiro.freemarker.ShiroTags;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;

import freemarker.template.Configuration;
import org.springframework.context.annotation.ComponentScan;

/**
 * shiro tag config
 *
 * @author isaac
 * @date 2019/10/9
 */
@ComponentScan
public class ShiroTagConfig implements InitializingBean {
    @Autowired
    private Configuration configuration;

    @Override
    public void afterPropertiesSet() {
        configuration.setSharedVariable("shiro", new ShiroTags());
    }
}

GlobalExceptionHandler.java
package org.ostars.springbootfast.security;

import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;

import javax.servlet.http.HttpServletRequest;

/**
 * global exception handler
 *
 * @author isaac
 * @date 2019/10/9
 */
@ControllerAdvice
public class GlobalExceptionHandler {
    @ExceptionHandler(value = UnauthorizedException.class)
    public String defaultUnauthorizedExceptionHandler(HttpServletRequest request, Exception e) {
        return "403";
    }
}

LoginUtil.java

package org.ostars.springbootfast.utils;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.ostars.springbootfast.model.base.SysUserModel;


/**
 * login util
 *
 * @author isaac
 * @date 2019/10/10
 */
public class LoginUtil {
    public static SysUserModel getLoginUser() {
        Subject subject = SecurityUtils.getSubject();
        return (SysUserModel) subject.getPrincipals().getPrimaryPrincipal();
    }
}

ehcache.xml

<?xml version="1.0" encoding="UTF-8"?>
<ehcache>
    <diskStore path="java.io.tmpdir"/>
    <defaultCache
            maxElementsInMemory="10000"
            eternal="false"
            timeToIdleSeconds="120"
            timeToLiveSeconds="120"
            maxElementsOnDisk="10000000"
            diskExpiryThreadIntervalSeconds="120"
            memoryStoreEvictionPolicy="LRU">
        <persistence strategy="localTempSwap"/>
    </defaultCache>
</ehcache>

LoginController.java

package org.ostars.springbootfast.controller.base;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.ostars.springbootfast.utils.LoginUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;

/**
 * login controller
 *
 * @author isaac
 * @date 2019/10/9
 */
@RestController
public class LoginController {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @PostMapping("login")
    public Map<String, Object> login(String userName, String password, boolean remeberMe, HttpServletRequest request) {
        Map<String, Object> map = new HashMap<>();
        map.put("success", false);
        Subject currentUser = SecurityUtils.getSubject();
        password = new Md5Hash(password).toHex();

        UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
        token.setRememberMe(remeberMe);

        try {
            currentUser.login(token);
        } catch (UnknownAccountException uae) {
            logger.info(uae.getMessage());
            map.put("info", "您输入的用户名或密码错误!");
            return map;
        } catch (IncorrectCredentialsException ice) {
            logger.info(ice.getMessage());
            map.put("info", "您输入的用户名或密码错误!");
            return map;
        } catch (LockedAccountException lae) {
            logger.info(lae.getMessage());
            map.put("info", "此用户已经被锁定不能登录,请与管理员联系!");
            return map;
        } catch (DisabledAccountException lae) {
            logger.info(lae.getMessage());
            map.put("info", "此用户已经被禁用不能登录,请与管理员联系!");
            return map;
        } catch (ExcessiveAttemptsException eae) {
            logger.info(eae.getMessage());
            map.put("info", "您输入的错误次数过多!");
            return map;
        } catch (AuthenticationException ae) {
            logger.info(ae.getMessage());
            map.put("info", "您输入的用户名或密码错误!");
            return map;
        }

        map.put("success", currentUser.isAuthenticated());
        request.getSession().setAttribute("isAdmin", LoginUtil.getLoginUser().getAdminFlag());
        return map;
    }
}

 

www.ostars.org
关注
专栏目录
springboot整合shiro引用freemarker
WoddenFish的博客
07-26 2438
1.pom.xml &lt;?xml version="1.0" encoding="UTF-8"?&gt; &lt;project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.
SpringBoot整合shiro流程
huahualongxiu的博客
07-13 202
万事还是先导依赖参考案例(https://www.cnblogs.com/wushaopei/p/11681408.html): <!--shiro 核心--> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <vers
spring boot 使用jsp 集成hibernate+shiro+ehcache项目分享
10-29
使用spring boot 创建的一个 集成了hibernate+shiro+ehcache的项目 分享
springboot整合shiro-ehcache缓存(五)
这个名字想了很久
09-02 1万+
原文地址,转载请注明出处: https://blog.csdn.net/qq_34021712/article/details/80294417 ©王赛超 shiro系列 springboot整合shiro -shiro介绍 springboot整合shiro -快速入门 快速入门篇中,我们最后有两个问题,其中关于无权限页面的问题已经解决了,还有一个问题就是每次访问服务,都会去...
SpringBootShiro缓存使用Redis、Ehcache的方法
08-25
主要介绍了SpringBootShiro缓存使用Redis、Ehcache的方法,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
springboot +shiro
520_LH
11-18 627
1      导入maven坐标 &lt;!--shiro start--&gt; &lt;dependency&gt; &lt;groupId&gt;org.apache.shiro&lt;/groupId&gt; &lt;artifactId&gt;shiro-ehcache&lt;/artifactId&gt; ...
实操记录,带步骤|使用Spring Boot + MyBatis + FreeMarker + Ehcache进行web开发
m0_57227221的博客
04-19 610
之前做的Java项目都是接手自别人,自己没有独立开发过。这几天抽空研究了一下Spring Boot做web开发,本文用作记录和参考使用。 准备工作 安装InteliJ IDEA;InteliJ IDEA基本上是Java和安卓开发必备工具,社区版可免费使用; 安装Mysql或Mariadb数据库。 使用Spring Boot + MyBatis + FreeMarker进行web开发 创建Spring Boot项目 打开IDEA,创建新项目,在引导对话框中选“Spring Initializr”,并自定义项
积分管理系统java源码-springbootadmin:springbootadmin
06-06
shiro-ehcache 1.4.0 更新日期2017-11-07 1、项目整合redis存储,shiro可使用redisSession可使用于集群访问 2、项目增加jwt模式 3、增加默认启动模式为开发模式 4、优化已知BUG SpringBootAdmin 微服务快速开发...
shiro整合SpringBoot
10-14
Shiro 整合SpringBoot 中可以方便地实现用户认证和权限管理功能。 在 "shiro整合SpringBoot" 的过程中,我们需要关注以下几个核心知识点: 1. **Shiro 配置**: - 创建 `ShiroConfig` 类,用于配置 Shiro ...
基于SpringBoot/WebFlux+Shiro+JPA+Java/Scala,实现的数据库细粒度动态权限管理系统(源码)
最新发布
06-17
基于SpringBoot/WebFlux+Shiro+JPA+Java/Scala,实现的数据库细粒度动态权限管理系统(源码),项目经过严格测试,确保可以运行! 环境 SpringBoot 2.0.3.RELEASE SpringBoot WebFlux SpringBoot Data Jpa Apache ...
springmvc+mybatis+ehcache+freemarker+sitemesh页面布局(注解)整合实例完美运行
11-20
springmvc+mybatis+ehcache+freemarker+sitemesh页面布局(注解)整合实例完美运行
如何在项目里面使用freemarker实现页面缓存(三)
IT程序员的成长记
10-20 6522
1.环境配置:在这里我就不说了,上面两篇有如何配置freemarker 2.在项目里面你运用freemarker需要在项目里面创建一个模板文件夹,在web-inf下面创建一个ftl文件夹 3.由于通过freemarker将模板页面转化为html页面,前台访问直接跳页面就行了,所以不能把生成的html文件放入web-inf文件夹下面,在webapp下创建一个文件夹命名html 4.写servi
springboot2.0 + shiro + ehcache整合之解决多缓存管理器被创建的问题(只能创建一个缓存管理器)
jialijuan521_zhang的博客
01-06 1534
springboot2.0 +shiro + ehcache整合 一:依赖包: (1) shiro 与 spring 整合的依赖: &lt;dependency&gt; &lt;groupId&gt;org.apache.shiro&lt;/groupId&gt; &lt;artifactId&gt;shiro-spring&lt;/artifactId&gt; &...
springboot项目集成springcloud-eureka-server时与shiro中的ehcache冲突问题解决
蓝色格子ren的博客
08-16 1253
项目原来在springboot基础上引用了shiro中的ehcache,后来集成了springcloud-eureka-server会报以下错误: io.micrometer.core.instrument.binder.cache.EhCache2Metrics.<init>(EhCache2Metrics.java:36) The following method did not ...
ehcache 冲突_springbootshiro使用ehcache和@cacheable冲突的处理
weixin_39688856的博客
01-17 653
springboot提供缓存注解标签@Cacheable ,当使用ehcache时,autoconfig机制会根据配置文件自动去初始化bean而shiroConfig在@Configuration构造时,也会去初始化ehcache ,项目启动会产生如下异常org.apache.shiro.cache.CacheException: net.sf.ehcache.CacheException: An...
SpringBoot集成shiroehcache
心有猛虎,细嗅蔷薇
08-11 3944
spring boot集成shiroehcache 主要分这么几个步骤:在pom.xml中加入缓存依赖;注入缓存; (a) 在pom.xml文件中加入依赖: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18        dependency>            group
springboot2.0 使用ehcache缓存
这天有点热的博客
06-04 2931
首先在springboot启动类添加@EnableCaching其次在serviceImpl层的方法上添加@Cacheable(cacheNames = "zjehcache")ehcache.xml:&lt;ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLoc...
FreeMarker优点和缺点与使用FreeMarker的10个理由
热门推荐
qq897958555的博客
12-10 2万+
首先给大家简单介绍一下FreeMarkerFreeMarker是一个用Java语言编写的模板引擎,它基于模板来生成文本输出。FreeMarker与Web容器无关,即在Web运行时,它并不知道Servlet或HTTP。它不仅可以用作表现层的实现技术,而且还可以用于生成XML,JSP或Java 文等。 简单了解了FreeMarker之后,现在就来讲讲FreeMarker的优点和缺点。 (一) F
spring boot+shiro+ehcache 用户尝试登录错误次数
mywordandyourword的专栏
08-17 1790
本文主要实践用spring boot + shiro+ ehcache实现用户登录错误次数的判断,关于spring boot, shiroehcache的理论知识这里将不作为介绍,这些知识可以在它们的官网或其它博客上能够找到 。下面将进入正文: pom.xml 本文主要引用的jar如下: &lt;dependency&gt; &lt;groupId&gt;org.apache....
Java OA系统:Springboot Vue.js 前后端分离,集成工作流与代码生成
"该资源是关于一个基于Java的OA办公管理系统,使用Springboot框架和vue.js进行前后端分离,具备跨域支持、工作流管理以及集成代码生成器等功能。系统涵盖了模型管理、流程管理、运行中流程、历史流程、待办任务、已...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值