springboot整合shiro
一,添加pom依赖
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-web-starter</artifactId> <version>1.4.0</version> </dependency>
二,配置
shiro:
enabled: true
loginUrl: /login #访问需要认证的页面时,发现未登录则跳转的地址
successUrl: /success #登录成功后跳转地址
unauthorizedUrl: /unauth #访问没有权限的页面时跳转的地址
三,编写控制器
@PostMapping("doLogin") public Object doLogin(String username, String password) { UsernamePasswordToken token = new UsernamePasswordToken(username, password); Subject subject = SecurityUtils.getSubject(); try { subject.login(token); } catch (IncorrectCredentialsException ice) { return "password error!"; } catch (UnknownAccountException uae) { return "username error!"; } User user = userService.findUserByName(username); subject.getSession().setAttribute("user", user); return "SUCCESS"; } @GetMapping("/success") public String loginSuccess(){ return "登录成功跳转页面"; } @GetMapping("/unauth") public String unauth(){ return "没有权限"; } @GetMapping("/login") public String login(){ return "请输入账号密码登录"; } @GetMapping("/logout") public String logout(){ return "退出登录成功!"; }
四,自定义realm
public class MyRealm extends AuthorizingRealm { @Autowired private LoginService loginService; /** * 用户认证 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { if (authenticationToken.getPrincipal() == null) { return null; } // 获取用户信息 String name = authenticationToken.getPrincipal().toString(); User user = loginService.findByName(name); if (user == null) { return null; // 这里返回后会报出对应异常
//也可以根据数据库字段情况,直接返回异常信息
//throw new UnknownAccountException();
//throw new LockedAccountException();
//throw new IncorrectCredentialsException();
} else { // 这里验证authenticationToken和simpleAuthenticationInfo的信息 SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(name, user.getPassword().toString(), getName()); return simpleAuthenticationInfo; } } /** * 角色权限和对应权限添加 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { // 获取登录用户名 String name = (String) principalCollection.getPrimaryPrincipal(); // 查询 User user = loginService.findByName(name); // 添加角色和权限 SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); for (Role role : user.getRoles()) { // 添加角色 simpleAuthorizationInfo.addRole(role.getRoleName()); for (Permission permission : role.getPermissions()) { // 添加权限 simpleAuthorizationInfo.addStringPermission(permission.getPermission()); } } return simpleAuthorizationInfo; } }
五,ShiroConfig
@Configuration public class ShiroConfig { @Bean public MyRealm myRealm() { return new MyRealm(); } @Bean public DefaultWebSecurityManager securityManager() { DefaultWebSecurityManager manager = new DefaultWebSecurityManager(); manager.setRealm(myRealm()); return manager; } @Bean public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() { DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition(); definition.addPathDefinition("/doLogin", "anon"); definition.addPathDefinition("/**", "authc"); return definition; } }
以上是直接定义了 ShiroFilterChainDefinition ,也可以定义为 ShiroFilterFactoryBean,推荐 ShiroFilterChainDefinition
@Bean public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); Map<String, String> filterChainDefinitionMap = new HashMap<String, String>(); shiroFilterFactoryBean.setLoginUrl("/login"); //配置文件已配置,可删除此行 shiroFilterFactoryBean.setUnauthorizedUrl("/unauthc"); //配置文件已配置,可删除此行 shiroFilterFactoryBean.setSuccessUrl("/home/index"); //配置文件已配置,可删除此行 filterChainDefinitionMap.put("/*", "anon"); filterChainDefinitionMap.put("/authc/index", "authc"); filterChainDefinitionMap.put("/authc/admin", "roles[admin]"); filterChainDefinitionMap.put("/authc/renewable", "perms[Create,Update]"); filterChainDefinitionMap.put("/authc/removable", "perms[Delete]"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return shiroFilterFactoryBean; }