需求:管理员未进行登录不可访问首页,权限不够跳转到设定的页面
实现代码:
/** shiroConfig.java 只是截取的部分代码 还有的可以另外shiro文章里查看
* 创建shirofilterfactoryBean对象,设置安全管理器
*/
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(SecurityManager securityManager){
//创建ShiroFilterFatoryBean对象
ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
//设置安全管理器
shiroFilterFactoryBean.setSecurityManager(securityManager);
//拦截器.
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>();
//设置身份验证 admin 必须登录后才能访问首页
filterChainDefinitionMap.put("/admin/index","authc");
filterChainDefinitionMap.put("/admin/index","roles[admin]");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
shiroFilterFactoryBean.setLoginUrl("/admin/login");
shiroFilterFactoryBean.setUnauthorizedUrl("/admin/login");
//返回ShiroFilterFactoryBean对象
return shiroFilterFactoryBean;
}
@Bean
public ModularRealmAuthorizer modularRealmAuthorizer() {
//自己重写的ModularRealmAuthorizer
LoginsModularRealmAuthorizer modularRealmAuthorizer = new LoginsModularRealmAuthorizer();
return modularRealmAuthorizer;
}
@Bean
public SecurityManager securityManager(){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
List<Realm> realms = new ArrayList<>();
realms.add(getUserRealm());
realms.add(getBusqinessRealm());
realms.add(getAdminRealm());
securityManager.setAuthorizer(modularRealmAuthorizer());
securityManager.setAuthenticator(modularRealmAuthenticator()); // 需要再realm定义之前
securityManager.setRealms(realms);
return securityManager;
}
新建ModularRealmAuthorizer的实现子类,实现分发的效果,代码debug调试一下你会看懂的
public class LoginsModularRealmAuthorizer extends ModularRealmAuthorizer {
private static Logger logger=LoggerFactory.getLogger(LoginsModularRealmAuthenticator.class);
@Override
public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
logger.info("好起来了呀---realm授权:");
assertRealmsConfigured();
// 所有Realm
Collection<Realm> realms = getRealms();
HashMap<String, Realm> realmHashMap = new HashMap<>(realms.size());
for (Realm realm : realms) {
if (realm.getName().contains("Admin")) {
realmHashMap.put("AdminRealm", realm);
}
if (realm.getName().contains("User")) {
realmHashMap.put("UserRealm", realm);
}
}
Set<String> realmNames = principals.getRealmNames();
if (realmNames != null) {
String realmName = null;
Iterator it = realmNames.iterator();
while (it.hasNext()) {
realmName = ConvertUtils.convert(it.next());
if (realmName.contains("admin")) {
return ((AdminRealm) realmHashMap.get("AdminRealm")).hasRole(principals,roleIdentifier);
}
if (realmName.contains("user")) {
return ((UserRealm) realmHashMap.get("UserRealm")).hasRole(principals,roleIdentifier);
}
break;
}
}
return false;
}
}
adminRealm中的代码相应的改变,赋予登录成功后admin角色
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
//*授予角色 解决消费者、商家登录成功后 admin请求没有拦截*//
Set<String> set=new HashSet<>();
set.add("admin");
authorizationInfo.setRoles(set);
return authorizationInfo;
}
效果就是admin只有在登录成功后才能够访问index页面,否则其他的请求地址会跳转到login页面,shiroconfig文件有所设置。