- 升级shiro1.2.4至新版本shiro1.7.1
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.7.1</version>
</dependency>
- spring+springMVC+shiro1.2.4
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!--Shiro验证用户登录的类为自定义的Realm-->
<property name="realm" ref="systemAuthorizingRealm" />
<property name="sessionManager" ref="sessionManager" />
<property name="cacheManager" ref="shiroCacheManager" />
<!--注入rememberMe cookie管理器-->
<property name="rememberMeManager" ref="rememberMeManager"/>
</bean>
<!--rememberMe管理器 -->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<!--调用ShiroCustomAESKeyUtil.getKey()生成秘钥 -->
<property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('wJSvYJrENEKdaXaMPChpaw==')}"/>
</bean>
3,秘钥生成
import org.apache.shiro.crypto.AesCipherService;
import java.security.Key;
public static String getKey(){
AesCipherService aesCipherService = new AesCipherService();
Key key = aesCipherService.generateNewKey();
System.out.println("key is ="+key);
System.out.println("encoder is ="+java.util.Base64.getEncoder().encodeToString(key.getEncoded()));
return java.util.Base64.getEncoder().encodeToString(key.getEncoded());
}