Spring Boot 2.x+shiro前后端分离实战-shiro核心配置
自定义 Realm
public class CustomRealm extends AuthorizingRealm {
@Autowired
private RedisUtil redis;
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof CustomPasswordToken;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
String accessToken = (String) SecurityUtils.getSubject().getPrincipal();
String userId = (String) redis.get(accessToken);
authorizationInfo.addRoles(getRolesByUserId(userId));
authorizationInfo.addStringPermissions(getPermissionByUserId(userId));
return authorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
CustomPasswordToken token = (CustomPasswordToken) authenticationToken;
SimpleAuthenticationInfo simpleAuthenticationInfo = new
SimpleAuthenticationInfo(token.getPrincipal(), token.getCredentials(), getName());
return simpleAuthenticationInfo;
}
private List<String> getRolesByUserId(String userId) {
List<String> roles = new ArrayList<>();
if (userId.equals("9a26f5f1-cbd2-473d-82db-1d6dcf4598f8")) {
roles.add("admin");
} else {
roles.add("test");
}
return roles;
}
private List<String> getPermissionByUserId(String userId) {
List<String> permissions = new ArrayList<>();
if (userId.equals("9a26f5f1-cbd2-473d-82db-1d6dcf4598f8")) {
permissions.add("*");
} else {
permissions.add("sys:user:edit");
permissions.add("sys:user:list");
}
return permissions;
}
}
shiro核心配置
@Configuration
public class ShiroConfig {
@Bean
public CustomHashedCredentialsMatcher hashedCredentialsMatcher() {
return new CustomHashedCredentialsMatcher();
}
@Bean
public CustomRealm customRealm() {
CustomRealm customRealm = new CustomRealm();
customRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return customRealm;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(customRealm());
return securityManager;
}
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
LinkedHashMap<String, Filter> filtersMap = new LinkedHashMap<>();
filtersMap.put("token", new CustomAccessControlFilter());
shiroFilterFactoryBean.setFilters(filtersMap);
Map<String, String> map = new LinkedHashMap<>();
map.put("/api/user/login", "anon");
map.put("/swagger/**", "anon");
map.put("/v2/api-docs", "anon");
map.put("/swagger-ui.html", "anon");
map.put("/swagger-resources/**", "anon");
map.put("/webjars/**", "anon");
map.put("/favicon.ico", "anon");
map.put("/captcha.jpg", "anon");
map.put("/csrf", "anon");
map.put("/**", "token,authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
return shiroFilterFactoryBean;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
@ConditionalOnMissingBean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
return defaultAdvisorAutoProxyCreator;
}