一,添加pom依赖
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-web-starter</artifactId> <version>1.4.0</version> </dependency>
二,配置
shiro:
enabled: true
loginUrl: /login #登录地址
successUrl: /index #登录成功后跳转地址
unauthorizedUrl: /unauth #访问没有权限的页面时跳转的地址
三,编写控制器
@PostMapping("doLogin")
public Object doLogin(String username, String password) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject subject = SecurityUtils.getSubject();
try {
subject.login(token);
} catch (IncorrectCredentialsException ice) {
return "password error!";
} catch (UnknownAccountException uae) {
return "username error!";
}
User user = userService.findUserByName(username);
subject.getSession().setAttribute("user", user);
return "SUCCESS";
}
四,自定义realm
public class MyRealm extends AuthorizingRealm { @Autowired private LoginService loginService; /** * 用户认证 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { if (authenticationToken.getPrincipal() == null) { return null; } // 获取用户信息 String name = authenticationToken.getPrincipal().toString(); User user = loginService.findByName(name); if (user == null) { return null; // 这里返回后会报出对应异常
//也可以根据数据库字段情况,直接返回异常信息
//throw new UnknownAccountException();
//throw new LockedAccountException();
//throw new IncorrectCredentialsException();
} else { // 这里验证authenticationToken和simpleAuthenticationInfo的信息 SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(name, user.getPassword().toString(), getName()); return simpleAuthenticationInfo; } } /** * 角色权限和对应权限添加 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { // 获取登录用户名 String name = (String) principalCollection.getPrimaryPrincipal(); // 查询 User user = loginService.findByName(name); // 添加角色和权限 SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); for (Role role : user.getRoles()) { // 添加角色 simpleAuthorizationInfo.addRole(role.getRoleName()); for (Permission permission : role.getPermissions()) { // 添加权限 simpleAuthorizationInfo.addStringPermission(permission.getPermission()); } } return simpleAuthorizationInfo; } }
五,ShiroConfig
@Configuration public class ShiroConfig { @Bean public MyRealm myRealm() { return new MyRealm(); } @Bean public DefaultWebSecurityManager securityManager() { DefaultWebSecurityManager manager = new DefaultWebSecurityManager(); manager.setRealm(myRealm()); return manager; } @Bean public ShiroFilterChainDefinition shiroFilterChainDefinition() { DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition(); definition.addPathDefinition("/doLogin", "anon"); definition.addPathDefinition("/**", "authc"); return definition; } }
以上是直接定义了 ShiroFilterChainDefinition ,也可以定义为 ShiroFilterFactoryBean,推荐 ShiroFilterChainDefinition
@Bean public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); Map<String, String> filterChainDefinitionMap = new HashMap<String, String>(); shiroFilterFactoryBean.setLoginUrl("/login"); //配置文件已配置,可删除此行 shiroFilterFactoryBean.setUnauthorizedUrl("/unauthc"); //配置文件已配置,可删除此行 shiroFilterFactoryBean.setSuccessUrl("/home/index"); //配置文件已配置,可删除此行 filterChainDefinitionMap.put("/*", "anon"); filterChainDefinitionMap.put("/authc/index", "authc"); filterChainDefinitionMap.put("/authc/admin", "roles[admin]"); filterChainDefinitionMap.put("/authc/renewable", "perms[Create,Update]"); filterChainDefinitionMap.put("/authc/removable", "perms[Delete]"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return shiroFilterFactoryBean; }
原文:https://www.cnblogs.com/dongbo/p/12290766.html