//1 SecurityManager
@Bean
public DefaultWebSecurityManager defaultWebSecurityManager(UserRealm realm,TokenSessionManager sessionManager,HashedCredentialsMatcher credentialsMatcher) {
}
2.自定义Token的获取
@Bean
public TokenSessionManager tokenSessionManager(RedisSessionDAO sessionDAO) {}
2-1.把登录信息放在Redis 来,在分布式环境里面,可以共享session
@Bean
public RedisSessionDAO sessionDAO(RedisManager redisManager) {}
2-1-1@Bean
public RedisManager redisManager() { }
3.放行和拦截
@Bean
public DefaultShiroFilterChainDefinition defaultShiroFilterChainDefinition() {}
4.注解的权限验证
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {}
5.密码匹配器(数据库是密文,所以转化为密文比较)
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher() {}
