shiro是apache的一个开源框架,是一个权限管理的框架,实现认证、授权、加密、会话管理。
shiro优势举例
- 易用:相当于其他安全框架,shiro比较简单易用。
- 使用非常广泛,资料好找。
- 灵活:可以工作在很多环境 。
- web支持:对web的支持好, 如thymeleaf标签支持。
- 支持:应用广泛,是Apache软件基金会成员(有维护更新保证)
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-starter</artifactId>
<version>1.8.0</version>
</dependency>
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
</dependency>
二、realm
package com.realm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.springframework.stereotype.Component;
//realm连数据库
//认证
@Component("myRealm")
public class MyRealm extends AuthenticatingRealm {
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
return null;
}
}
三、shiro相关配置
/* shiro相关配置*/
@Bean //匹配器
public SimpleCredentialsMatcher simpleCredentialsMatcher(){//简单的匹配规则,没有加密配置
SimpleCredentialsMatcher simpleCredentialsMatcher =new SimpleCredentialsMatcher();
return simpleCredentialsMatcher;
}
//会话管理器
@Bean
public DefaultWebSessionManager defaultWebSessionManager(){
DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
return defaultWebSessionManager;
}
//安全管理器 最重要
@Bean
public DefaultSecurityManager defaultSecurityManager(DefaultWebSessionManager defaultWebSessionManager,SimpleCredentialsMatcher simpleCredentialsMatcher,MyRealm myRealm){
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
myRealm.setCredentialsMatcher(simpleCredentialsMatcher);
defaultSecurityManager.setRealm(myRealm);
defaultSecurityManager.setSessionManager(defaultWebSessionManager);
return defaultSecurityManager;
}
//过滤法则
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultSecurityManager defaultSecurityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager);
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<>();//有顺序 不用无序的HashMap
//放行
//静态资源放行
filterChainDefinitionMap.put("/favicon.ico","anno");
filterChainDefinitionMap.put("/css/**","anno");
filterChainDefinitionMap.put("/js/**","anno");
filterChainDefinitionMap.put("/img/**","anno");
//动态资源放行
filterChainDefinitionMap.put("/","anon");
filterChainDefinitionMap.put("/a","anon");
//不放行
filterChainDefinitionMap.put("/**","authc");
//未认证跳往地址
shiroFilterFactoryBean.setLoginUrl("/");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}