首先准备好jar包
shiro的主要四个:
ehcache:
shiro.xml 配置
首先securityManager配置
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="shiroRealm"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="cacheManager" ref="cacheManager"/>
<property name="rememberMeManager" ref="rememberMeManager"/>
</bean>
sessionManager配置:
<!-- 会话管理器 -->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="globalSessionTimeout" value="1800000"/><!-- 单位MS-->
<property name="deleteInvalidSessions" value="true"/>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
<property name="sessionDAO" ref="sessionDAO"/>
<property name="sessionIdCookieEnabled" value="true"/>
<property name="sessionIdCookie" ref="sessionIdCookie"/>
<property name ="sessionListeners"> //session监听器
<list>
<ref bean="shiroSessionListener"/>
</list>
</property>
</bean>
sessionDAO配置:
<!-- 会话DAO -->
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName" value="activeSessionCache"/>
<property name="cacheManager" ref="cacheManager"/>
<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
</bean>
<!-- 会话ID生成器 -->
<bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
<!-- 会话验证调度器 -->
<bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
<property name="interval" value="1800000"/><!-- 单位MS-->
<property name="sessionManager" ref="sessionManager"/>
</bean>
cookie模板设置:
<!-- 会话Cookie模板 -->
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg name="name" value="WEBSID" />
<property name="httpOnly" value="true"/>
<property name="maxAge" value="1800"/><!-- 单位S-->
</bean>
然后cacheManager(缓存器)配置:
<!-- 缓存管理器 使用Ehcache实现 -->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:ehcache-shiro.xml"/>
</bean>
ehcache-shiro.xml配置:
<?xml version="1.0" encoding="UTF-8"?>
<ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd">
<diskStore path="java.io.tmpdir/ehcache"/>
<defaultCache maxElementsInMemory="10000"
overflowToDisk="false"
eternal="false"
diskPersistent="false"
timeToLiveSeconds="0"
timeToIdleSeconds="0" />
<cache name="authorizationCache"
maxElementsInMemory="2000"
eternal="false"
overflowToDisk="true"
timeToIdleSeconds="180"
timeToLiveSeconds="180"
diskPersistent="true"
diskExpiryThreadIntervalSeconds="3600"/>
<cache name="authenticationCache"
maxElementsInMemory="2000"
eternal="false"
overflowToDisk="true"
timeToIdleSeconds="180"
timeToLiveSeconds="180"
diskExpiryThreadIntervalSeconds="3600"/>
<cache name="activeSessionCache"
maxElementsInMemory="2000"
overflowToDisk="true"
eternal="true"
timeToLiveSeconds="180"
timeToIdleSeconds="180"
diskExpiryThreadIntervalSeconds="1800"/>
</ehcache>