标签:安全 robot 切面 ash value default factor 用户 ros
在spring项目中我们集成第三方的框架如shiro会在spring.xml配置文件中进行配置,例如:
<!-- 配置shiro框架提供过滤器工厂 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 注入shiro核心组件安全管理器 -->
<property name="securityManager" ref="securityManager"></property>
<!-- 注入相关页面 -->
<property name="loginUrl" value="/login.jsp"></property>
<property name="unauthorizedUrl" value="/unauthorized.jsp"></property>
<!-- 配置过滤器链:配置项目发出url对应拦截规则:指定什么url要求具有什么样权限 -->
<property name="filterChainDefinitions">
<value>
/css/**=anon
/js/**=anon
/validatecode.jsp*=anon
/images/**=anon
/login.jsp=anon
/service/**=anon
/**=authc
</value>
</property>
</bean>
<!-- 配置安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realms" ref="bosRealm"></property>
<!-- 使用缓存 -->
<property name="cacheManager" ref="cacheManager"></property>
</bean>
<!-- 配置缓存管理器-->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<!-- 加载ehcache的配置文件,指定缓存策略 -->
<property name="cacheManager" ref="ehcacheManager"></property>
</bean>
<!-- 开启shiro注解支持 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator">
<!-- 强制使用cglib代理 -->
<property name="proxyTargetClass" value="true"></property>
</bean>
<!-- 配置切面 目的验权,判断当前用户是否有权限调用service层方法 -->
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"></bean>
在springboot与shiro整合:
@Configuration public class ShiroConfig { @Bean public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); Map<String, String> filterChainDefinitionMap = new HashMap<String, String>(); shiroFilterFactoryBean.setLoginUrl("/login"); shiroFilterFactoryBean.setUnauthorizedUrl("/unauthc"); shiroFilterFactoryBean.setSuccessUrl("/home/index"); filterChainDefinitionMap.put("/*", "anon"); filterChainDefinitionMap.put("/authc/index", "authc"); return shiroFilterFactoryBean; } @Bean public HashedCredentialsMatcher hashedCredentialsMatcher() { HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(); hashedCredentialsMatcher.setHashAlgorithmName(PasswordHelper.ALGORITHM_NAME); hashedCredentialsMatcher.setHashIterations(PasswordHelper.HASH_ITERATIONS); return hashedCredentialsMatcher; } @Bean public EnceladusShiroRealm shiroRealm() { EnceladusShiroRealm shiroRealm = new EnceladusShiroRealm(); shiroRealm.setCredentialsMatcher(hashedCredentialsMatcher()); return shiroRealm; } @Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(shiroRealm()); return securityManager; } @Bean public PasswordHelper passwordHelper() { return new PasswordHelper(); } }
springboot @Configuration @bean注解作用
标签:安全 robot 切面 ash value default factor 用户 ros
原文地址:https://www.cnblogs.com/chong-zuo3322/p/12315299.html
