1.导包
<!-- springboot 与 shiro 的集成-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
<!-- thymeleaf 与 shiro 集成-->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
2. 编写配置类
@Configuration
@ConfigurationProperties(prefix = "shiro")
@Data
public class ShiroConfig {
private String loginUrl;
private String unauthorizedUrl;
private String successUrl;
private String logoutUrl;
private String[] anons;
private String[] authcs;
/**
* 配置securityManager
* @param userRealm
* @return
*/
@Bean
public SecurityManager securityManager(UserRealm userRealm){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm);
return securityManager;
}
/**
* 配置shiroFilter
* @param securityManager
* @return
*/
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl(loginUrl);
shiroFilterFactoryBean.setUnauthorizedUrl(unauthorizedUrl);
shiroFilterFactoryBean.setSuccessUrl(successUrl);
Map<String,String> filterMap = new HashMap<>();
if(null != logoutUrl){
filterMap.put(loginUrl,"logout");
}
if(anons!=null && anons.length>0){
for(String anon:anons){
filterMap.put(anon,"anon");
}
}
if(authcs!=null && authcs.length>0){
for(String authc:authcs){
filterMap.put(authc,"authc");
}
}
// filterMap.put("/login.html","anon");
// filterMap.put("/index.html","anon");
// filterMap.put("/doLogin","anon");
// filterMap.put("/**","authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactoryBean;
}
/**
* 配置自定义Realm
* @return
*/
@Bean
public UserRealm userRealm(CredentialsMatcher credentialsMatcher){
UserRealm userRealm = new UserRealm();
userRealm.setCredentialsMatcher(credentialsMatcher);
return userRealm;
}
/**
* 配置凭证匹配器
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("MD5");
hashedCredentialsMatcher.setHashIterations(10);
return hashedCredentialsMatcher;
}
}
3. application.yml 配置 拦截链
# shiro
shiro:
login-url: /login.html
anons:
- /login.html
- /index.html
- doLogin
authcs:
- /**
原文地址:https://www.cnblogs.com/lcsin/p/11699918.html
时间: 2024-08-29 23:57:19