Springboot的web项目添加shiro依赖< dependency>
< groupId> org.apache.shiro</ groupId>
< artifactId> shiro-spring</ artifactId>
</ dependency>
编写Shiro的主配置文件@Configuration
public class ShiroConfig {
@Bean
public MyRealm myRealm ( ) {
MyRealm myRealm = new MyRealm ( ) ;
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher ( "MD5" ) ;
credentialsMatcher. setHashIterations ( 1024 ) ;
myRealm. setCredentialsMatcher ( credentialsMatcher) ;
return myRealm ;
}
@Bean
public SecurityManager securityManager ( ) {
DefaultWebSecurityManager webSecurityManager = new DefaultWebSecurityManager ( ) ;
webSecurityManager. setRealm ( myRealm ( ) ) ;
return webSecurityManager ;
}
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean ( ) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean ( ) ;
shiroFilter. setSecurityManager ( securityManager ( ) ) ;
shiroFilter. setLoginUrl ( "/doLogin" ) ;
shiroFilter. setSuccessUrl ( "/index.html" ) ;
shiroFilter. setUnauthorizedUrl ( "/unauthorized.html" ) ;
Map < String , String > map = new HashMap < String , String > ( ) ;
map. put ( "/favicon.ico" , "anon" ) ;
map. put ( "/logout" , "logout" ) ;
map. put ( "/admin" , "authc,perms[admin]" ) ;
map. put ( "/hello" , "authc,perms[user]" ) ;
map. put ( "/**" , "authc" ) ;
shiroFilter. setFilterChainDefinitionMap ( map) ;
return shiroFilter ;
}
}
编写自定义Realm实现public class MyRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo ( PrincipalCollection principals) {
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo ( ) ;
simpleAuthorizationInfo. addStringPermission ( "user" ) ;
return simpleAuthorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo ( AuthenticationToken token) throws AuthenticationException {
String username = token. getPrincipal ( ) . toString ( ) ;
if ( "yicj" . equalsIgnoreCase ( username) ) {
return new SimpleAuthenticationInfo ( "yicj" , "9c9e21dfa4b664cfebc32093cb3555bb" , ByteSource. Util . bytes ( "yicj" ) , getName ( ) ) ;
}
return null ;
}
}
编写Controller业务方法@Slf4j
@Controller
public class LoginController {
@RequestMapping ( "/doLogin" )
public ModelAndView login ( ModelAndView model, @RequestAttribute ( required = false ) String shiroLoginFailure) {
model. setViewName ( "login" ) ;
if ( "org.apache.shiro.authc.UnknownAccountException" . equalsIgnoreCase ( shiroLoginFailure) ) {
model. addObject ( "shiroLoginFailure" , "用户名不存在!" ) ;
} else if ( "org.apache.shiro.authc.IncorrectCredentialsException" . equalsIgnoreCase ( shiroLoginFailure) ) {
model. addObject ( "shiroLoginFailure" , "密码错误!" ) ;
} else if ( ! StringUtils . isEmpty ( shiroLoginFailure) ) {
model. addObject ( "shiroLoginFailure" , "登录失败!" ) ;
}
log. info ( "model : {}" , model) ;
return model;
}
@ResponseBody
@GetMapping ( "/hello" )
public String hello ( ) {
return "hello world" ;
}
@ResponseBody
@GetMapping ( "/admin" )
public String admin ( ) {
return "hello admin" ;
}
}
编写登录页面(/templates/login.html)< form action = " /doLogin" method = " post" >
< table>
< tr> < td> 用户名:</ td> < td> < input type = " text" name = " username" /> </ td> </ tr>
< tr> < td> 密码:</ td> < td> < input type = " password" name = " password" /> </ td> </ tr>
< tr> < td colspan = " 2" > < input type = " submit" value = " 登录" /> </ td> </ tr>
< tr> < td colspan = " 2" th: text= " ${shiroLoginFailure}" class = " red" > </ td> </ tr>
</ table>
</ form>
其他页面(/static/index.html,/static/unauthorized.html)
< body>
< h2> index ...</ h2>
</ body>
< body>
< h2> unauthorized !</ h2>
</ body>
补充知识点
public enum DefaultFilter {
anon ( AnonymousFilter . class ) ,
authc ( FormAuthenticationFilter . class ) ,
authcBasic ( BasicHttpAuthenticationFilter . class ) ,
authcBearer ( BearerHttpAuthenticationFilter . class ) ,
logout ( LogoutFilter . class ) ,
noSessionCreation ( NoSessionCreationFilter . class ) ,
perms ( PermissionsAuthorizationFilter . class ) ,
port ( PortFilter . class ) ,
rest ( HttpMethodPermissionFilter . class ) ,
roles ( RolesAuthorizationFilter . class ) ,
ssl ( SslFilter . class ) ,
user ( UserFilter . class ) ,
invalidRequest ( InvalidRequestFilter . class ) ;
}
```