首页 > 其他分享 >请求授权

请求授权

时间:2022-12-19 11:14:49浏览次数:29  
标签:请求 perms ShiroFilterFactoryBean bean user new 授权 filterMap

shiroConfig添加请求拦截

public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);
        //内置拦截器
        //anon 无需认证
        //authc 必须认证
        //user 必须有记住我功能
        //perms 拥有对某个资源权限才能访问
        //role 具有某种角色
        //登录拦截
        Map<String, String> filterMap = new HashMap<>();
        filterMap.put("/user/level1", "perms[user:level1]");
        filterMap.put("/user/level2", "perms[user:level2]");
//        filterMap.put("/user/*", "authc");
        bean.setFilterChainDefinitionMap(filterMap);

        //设置登录的请求
        bean.setLoginUrl("/toLogin");
        return bean;
    }

realm进行授权

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Subject subject = SecurityUtils.getSubject();
        User user = (User) subject.getPrincipal();
        String perm = user.getPerm();
        info.addStringPermission(perm);
        return info;
    }

标签:请求,perms,ShiroFilterFactoryBean,bean,user,new,授权,filterMap
From: https://www.cnblogs.com/yanshiheng/p/16991662.html

相关文章