标签:ice 对象 自动配置 demo manager lda bean ack put
Shiro核心三大组件
1. Subject Subject表示与系统交互的对象,可以是登录系统的操作用户,也可能是另外一个软件系统。 Subject类图
2. SecurityManager SecurityManager是Shiro架构最核心的组件。实际上,SecurityManager就是Shiro框架的控制器,协调其他组件一起完成认证和授权
3. Realms Realm定义了访问数据的方式,用来连接不同的数据源,如:LDAP,关系数据库,配置文件等等。
Spingboot整合shiro
<!-- shiro依赖-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
自定义配置类(不懂的把spingboot自动配置原理搞清楚,类名为ShiroConfig,重写AuthorizingRealm类,用于用户的认证和授权)
认证:用于判断登录,拦截之内的
授权:用于判断用户权限类型,显示相应的页面
package shiro.demo.config;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import sun.net.www.protocol.http.AuthCache;
import javax.swing.*;
import java.util.LinkedHashMap;
import java.util.Map;
/**
* @author Vijay
* @date 2020/3/29 -10:22
*/
@Configuration
public class ShiroConfig {
//创建ShiroFilterFactoryBean 工厂bean
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("getDefaultWebSecurityManager")DefaultWebSecurityManager getDefaultWebSecurityManager)
{
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//set
bean.setSecurityManager(getDefaultWebSecurityManager);
//bean的内置过滤器
// anon:无需认证就可以访问
// authc :必须要认证才能访问
// user:必须拥有记住我才有用
// perms:拥有某个资源的权限才能用
// role:拥有对某个角色的权限才能访问
Map<String, String> map=new LinkedHashMap<>();
//授权
map.put("/user/add","perms[user:add]");
map.put("/user/update","perms[user:update]");
bean.setFilterChainDefinitionMap(map);
bean.setLoginUrl("/toLogin");
bean.setUnauthorizedUrl("/unauth");
return bean;
}
//创建DefaultWebSecurityManager 管理对象
@Bean
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm)
{
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//set
securityManager.setRealm(userRealm);
return securityManager;
}
//创建realm对象
@Bean
public UserRealm userRealm()
{
return new UserRealm();
}
//用ShiroDialect来整合 shiro和thymeleaf
@Bean
public ShiroDialect shiroDialect()
{
return new ShiroDialect();
}
}
package shiro.demo.config;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.catalina.security.SecurityUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import shiro.demo.entity.User;
import shiro.demo.service.UserService;
/**
* @author Vijay
* @date 2020/3/29 -10:42
*/
public class UserRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("执行了认证操作");
//连接数据库
UsernamePasswordToken userToken= (UsernamePasswordToken) token;
QueryWrapper<User> wrapper = new QueryWrapper<>();
wrapper.eq("username",userToken.getUsername());
User user = userService.getOne(wrapper);
//用户名认证
if (user==null) {
return null;
}
//密码认证
return new SimpleAuthenticationInfo(user,user.getPassword(),"");
}
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执行了授权操作");
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//连接数据库,获取权限
Subject subject = SecurityUtils.getSubject();
User user = (User) subject.getPrincipal();
info.addStringPermission(user.getPersm());
return info;
}
}
根据打印台数据大概理解一下运行流
从realm对象到管理对象到工厂bean,从登录开始的话,没有登录的用户点击页面会转到登录页面,认证过会将数据存入subject里面,方便授权时候取数据
springboot引入shiro实现拦截,权限,认证,授权功能
标签:ice 对象 自动配置 demo manager lda bean ack put
原文地址:https://www.cnblogs.com/420ITboy/p/12594665.html
