SpringBoot整合Shiro 一:搭建环境

Java项目的安全框架一般使用 shiro 与 spring security

  具体怎么选择可以参考文章:安全框架 Shiro 和 Spring Security 如何选择

我这里选择使用Shiro

环境搭建

创建SpringBoot项目

导入Maven依赖

<dependency>
     <groupId>org.springframework.bootgroupId>
     <artifactId>spring-boot-starter-webartifactId>
 dependency>
 ?
 <dependency>
     <groupId>org.apache.shirogroupId>
     <artifactId>shiro-springartifactId>
     <version>1.5.1version>
 dependency>
 ?
 <dependency>
     <groupId>org.springframework.bootgroupId>
     <artifactId>spring-boot-starter-thymeleafartifactId>
     <version>2.2.5.RELEASEversion>
 dependency>

创建 Realm 类

  需要继承 AuthorizingRealm

package com.zy.config;
 ?
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 ?
 public class UserRealm extends AuthorizingRealm {
 ?
     //授权
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
         System.out.println("执行了=>授权doGetAuthorizationInfo");
         return null;
     }
 ?
     //认证
     @Override
     protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
         System.out.println("执行了=>认证doGetAuthenticationInfo");
         return null;
     }
 }

Shiro配置类

步骤1

 创建realm对象

//创建realm对象(步骤1)
 @Bean(name = "userRealm")
 public UserRealm userRealm(){
     return new UserRealm();
 }

 

步骤2

 DefaultWebSecurityManager

   --> import org.apache.shiro.web.mgt.DefaultWebSecurityManager;

//DefaultWebSecurityManager(步骤2)
 @Bean(name = "defaultWebSecurityManager")
 public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
 ?
     DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
     securityManager.setRealm(userRealm());
     return securityManager;
 ?
 }

步骤3

 ShiroFilterFactoryBean

//ShiroFilterFactoryBean(步骤3)
 @Bean(name = "shiroFilterFactoryBean")
 //@Bean
 public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
     ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
 ?
     bean.setSecurityManager(defaultWebSecurityManager);
     return bean;
 }

ShiroConfig搭建完成

package com.zy.config;
 ?
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 ?
 @Configuration
 public class ShiroConfig {
 ?
     //ShiroFilterFactoryBean(步骤3)
     @Bean(name = "shiroFilterFactoryBean")
     //@Bean
     public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager")DefaultWebSecurityManager defaultWebSecurityManager){
         ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
 ?
         bean.setSecurityManager(defaultWebSecurityManager);
         return bean;
     }
 ?
     //DefaultWebSecurityManager(步骤2)
     @Bean(name = "defaultWebSecurityManager")
     public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
 ?
         DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
         securityManager.setRealm(userRealm());
         return securityManager;
 ?
     }
 ?
     //创建realm对象(步骤1)
     @Bean(name = "userRealm")
     public UserRealm userRealm(){
         return new UserRealm();
     }
 ?
 }

 

Controller

 首先是index页面

index.html

DOCTYPE html>
 <html lang="en" xmlns:th="http://www.thymeleaf.org"
       xmlns:shiro="http://www.thymeleaf.org/thymeleaf-extras-shiro">
 <head>
     <meta charset="UTF-8">
     <title>Titletitle>
 head>
 <body>
 ?
 <h1>首页h1>
 <p th:text="${msg}">p>
 ?
 <a th:href="@{/user/add}">adda> | <a th:href="@{/user/update}">updatea>
 ?
 body>
 html>

对应Controller

@RequestMapping({"/","/index"})
 public String toIndex(Model model){
     model.addAttribute("msg","HelloShiro");
 ?
     return "index";
 }

 

add页面

add.html

DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <title>Titletitle>
 head>
 <body>
 ?
 <h1>addh1>
 ?
 body>
 html>

对应Controller

 @RequestMapping("/user/add")
 public String add(){
 ?
     return "user/add";
 }

 

update页面

update.html

 DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
     <title>Titletitle>
 head>
 <body>
 ?
 <h1>updateh1>
 ?
 body>
 html>

对应Controller

@RequestMapping("/user/update")
 public String update(){
 ?
     return "user/update";
 }

 

MyController(总)

 package com.zy.controller;
 ?
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 ?
 @Controller
 public class MyController {
 ?
     @RequestMapping({"/","/index"})
     public String toIndex(Model model){
         model.addAttribute("msg","HelloShiro");
 ?
         return "index";
     }
 ?
     @RequestMapping("/user/add")
     public String add(){
 ?
         return "user/add";
     }
 ?
     @RequestMapping("/user/update")
     public String update(){
 ?
         return "user/update";
     }
 }

 

测试

index界面

add界面

update界面

测试成功,搭建完成

 

 

springbootshiro

相关

微信小程序+SpringBoot(Shiro)登录后,调用接口还是跑到了login。

eclipse搭建springboot开发环境

springboot学习之路31(整合minio服务)

Springboot配置tk-mybatis

springboot配置信息

springboot配置国际化功能

SpringBoot AOP+自定义注解实现日志功能

SpringBoot学习- 1、SpringSuit创建项目

SpringBoot学习- 3、整合MyBatis

SpringBoot+Mybatis加载Mapper.xml文件的两种方式

初学SpringBoot

SpringBoot整合Shiro

标签