@Configuration
public class ShiroConfig {
//将自己的验证方式加入容器
@Bean
public ShiroRealm myShiroRealm() {
ShiroRealm myShiroRealm = new ShiroRealm();
return myShiroRealm;
}
//权限管理,配置主要是Realm的管理认证
@Bean
public DefaultSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
return securityManager;
}
//Filter工厂,设置对应的过滤条件和跳转条件
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultSecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map<String,String> map = new HashMap<String, String>();
map.put("/js/**","anon");
map.put("/login/**","anon");
map.put("/logout","logout");
map.put("/**","authc");
//欢迎页
Map<String, Filter> successUrlMap = new LinkedHashMap<>();
successUrlMap.put("authc",new SuccessUrlFilter());
shiroFilterFactoryBean.setFilters(successUrlMap);
shiroFilterFactoryBean.setSuccessUrl("/index/page");
//登录页
shiroFilterFactoryBean.setLoginUrl("/login/page");
//错误页面,认证不通过跳转
shiroFilterFactoryBean.setUnauthorizedUrl("/error");
shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
return shiroFilterFactoryBean;
}
//加入注解的使用,不加入这个注解不生效
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
}
public class ShiroRealm extends AuthorizingRealm {
@Lazy
@Autowired
private IUserService iUserService;
/**
* 角色权限和对应权限添加
* @param principalCollection
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取登录用户名
String name= (String) principalCollection.getPrimaryPrincipal();
//查询用户名称
User user = iUserService.getByUsername(name);
//添加角色和权限
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
for (Role role:iUserService.getRoles(user.getId())) {
//添加角色
simpleAuthorizationInfo.addRole(role.getMark());
for (Permission permission:iUserService.getRolePermissions(role.getId())) {
//添加权限
simpleAuthorizationInfo.addStringPermission(permission.getMark());
}
}
return simpleAuthorizationInfo;
}
/**
* 用户认证
* @param authenticationToken
* @return
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken){
//加这一步的目的是在Post请求的时候会先进认证,然后在到请求
if (authenticationToken.getPrincipal() == null) {
return null;
}
//获取用户信息
String username = authenticationToken.getPrincipal().toString();
User user = iUserService.getByUsername(username);
if (user == null) {
//这里返回后会报出对应异常
return null;
} else {
//这里验证authenticationToken和simpleAuthenticationInfo的信息
return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), getName());
}
}
}