1. 引入Maven依赖
<!-- shiro-spring -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
2. 用户认证和授权
A. 定义一个ShiroConfig配置类,然后配置安全管理器Bean(SecurityManager),用于管理Subject;
B. 在ShiroConfig中配置过滤器工厂Bean(ShiroFilterFactoryBean),依赖于SecurityManager;
C. 自定义Realms实现类,重写doGetAuthenticationInfo()和doGetAuthorizationInfo()方法;
原文:https://www.cnblogs.com/ruhuanxingyun/p/12002117.html