1 引入Shiro-Spring-Boot-Starter
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.4.0</version>
</dependency>
2 编写realm
public class LoginUserRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
return null;
}
}
3 编写ShiroConfig
@Bean(name = "characterEncodingFilter")
public FilterRegistrationBean characterEncodingFilter() {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.addInitParameter("encoding", "UTF-8");
bean.addInitParameter("forceEncoding", "true");
bean.setFilter(new CharacterEncodingFilter());
bean.addUrlPatterns("/*");
return bean;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilter(WebSecurityManager webSecurityManager) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setSecurityManager(webSecurityManager);
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/static/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/**", "authc");
shiroFilter.setLoginUrl("/login");
shiroFilter.setSuccessUrl("/index");
shiroFilter.setUnauthorizedUrl("/403");
shiroFilter.setFilterChainDefinitionMap(filterChainDefinitionMap);
Map<String, Filter> filters = new HashMap<>();
filters.put("anon", new AnonymousFilter());
filters.put("authc", new FormAuthenticationFilter());
filters.put("logout", new LogoutFilter());
filters.put("roles", new RolesAuthorizationFilter());
filters.put("user", new UserFilter());
shiroFilter.setFilters(filters);
return shiroFilter;
}
@Bean
public WebSecurityManager webSecurityManager(Authenticator authenticator, Realm realm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(realm);
securityManager.setAuthenticator(authenticator);
return securityManager;
}
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
/**
* 注解@DependsOn 让当前的bean在某个bean启动后启动
*
* @param credentialsMatcher
* @return
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public Realm realm(CredentialsMatcher credentialsMatcher) {
LoginUserRealm realm = new LoginUserRealm();
realm.setAuthenticationCachingEnabled(true);
realm.setAuthenticationCacheName("authenticationCache");
realm.setAuthorizationCacheName("authorizationCache");
realm.setCredentialsMatcher(credentialsMatcher);
return new LoginUserRealm();
}
@Bean
public Authorizer authorizer() {
return new LoginUserRealm();
}
@Bean
public SimpleCookie cookie() {
SimpleCookie cookie = new SimpleCookie("rememberMe");
cookie.setName("jsid");
cookie.setMaxAge(2592000);
return cookie;
}
@Bean
public CookieRememberMeManager rememberMeManager(Cookie cookie) {
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(cookie);
cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag=="));
return cookieRememberMeManager;
}
@Bean
public AuthenticationStrategy authenticationStrategy() {
return new AtLeastOneSuccessfulStrategy();
}
@Bean
public Authenticator authenticator(AuthenticationStrategy authenticationStrategy) {
ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator();
authenticator.setAuthenticationStrategy(authenticationStrategy);
return authenticator;
}
@Bean
public CredentialsMatcher credentialsMatcher() {
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName("MD5");
credentialsMatcher.setHashIterations(1);
return credentialsMatcher;
}
@Bean
public SessionDAO sessionDAO(SessionIdGenerator sessionIdGenerator) {
EnterpriseCacheSessionDAO sessionDAO = new EnterpriseCacheSessionDAO();
sessionDAO.setActiveSessionsCacheName("shiro-activeSessionCache");
sessionDAO.setSessionIdGenerator(sessionIdGenerator);
return sessionDAO;
}
@Bean
public SessionIdGenerator sessionIdGenerator() {
return new JavaUuidSessionIdGenerator();
}
@Bean
public SessionManager sessionManager(SessionDAO sessionDAO, Cookie cookie) {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setGlobalSessionTimeout(30 * 60 * 1000);
sessionManager.setSessionDAO(sessionDAO);
sessionManager.setSessionIdCookie(cookie);
return sessionManager;
}