springboot 통합 shiro @ RequiresPermissions 는 유효 하지 않 지만 @ RequiresRoles 는 사용 할 수 있 습 니 다.
10083 단어 springbootshiro
pom.xml
org.springframework.boot
spring-boot-starter
org.springframework.boot
spring-boot-starter-web
org.springframework.boot
spring-boot-starter-log4j2
org.springframework.boot
spring-boot-starter-thymeleaf
org.springframework.boot
spring-boot-starter-cache
net.sf.ehcache
ehcache
org.apache.shiro
shiro-spring
1.2.5
org.apache.shiro
shiro-ehcache
1.2.5
com.github.theborakompanioni
thymeleaf-extras-shiro
1.2.1
org.springframework.boot
spring-boot-starter-test
test
org.mybatis.spring.boot
mybatis-spring-boot-starter
1.3.1
com.github.pagehelper
pagehelper-spring-boot-starter
1.1.1
mysql
mysql-connector-java
runtime
io.springfox
springfox-swagger2
2.7.0
commons-fileupload
commons-fileupload
1.3.1
io.springfox
springfox-swagger-ui
2.7.0
com.belerweb
pinyin4j
2.5.0
com.nimbusds
oauth2-oidc-sdk
4.5
ShiroConfiguration.java
package com.xyz.configurer;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import com.xyz.realm.AuthRealm;
import java.util.LinkedHashMap;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
@Configuration
public class ShiroConfiguration {
@Bean
public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager")SecurityManager securityManager) {
ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
bean.setSecurityManager(securityManager);
//
LinkedHashMap filterChainDefinitionMap=new LinkedHashMap<>();
filterChainDefinitionMap.put("/static/**", "anon");
filterChainDefinitionMap.put("/image/**", "anon");
filterChainDefinitionMap.put("/layui/**", "anon");
filterChainDefinitionMap.put("/jquery.min.js", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/loginIn", "logout");
//
filterChainDefinitionMap.put("/**", "authc");
// url url
bean.setLoginUrl("/login");
//
bean.setSuccessUrl("/index");
// ;
bean.setUnauthorizedUrl("/403");
bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return bean;
}
/**
*
* @return
*/
@Bean
public EhCacheManager ehCacheManager(){
EhCacheManager cacheManager = new EhCacheManager();
cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
return cacheManager;
}
//
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager manager=new DefaultWebSecurityManager();
manager.setRealm(authRealm());
manager.setCacheManager(ehCacheManager());
return manager;
}
//
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public AuthRealm authRealm() {
AuthRealm authRealm=new AuthRealm();
authRealm.setCacheManager(ehCacheManager());
//authRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return authRealm;
}
// @Bean
// public HashedCredentialsMatcher hashedCredentialsMatcher(){
// HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
// hashedCredentialsMatcher.setHashAlgorithmName("md5");// : md5 ;
// hashedCredentialsMatcher.setHashIterations(2);// , , md5( md5(""));
// return hashedCredentialsMatcher;
// }
/**
* Shiro
* @return
*/
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
return new LifecycleBeanPostProcessor();
}
/**
*
* @return
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
advisorAutoProxyCreator.setProxyTargetClass(true);
return advisorAutoProxyCreator;
}
/**
* shiro aop .
* ; ; @RequiresRoles
* @param securityManager
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
}
AuthRealm
package com.xyz.realm;
import java.util.List;
import javax.annotation.Resource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.context.annotation.Lazy;
import com.xyz.model.Accout;
import com.xyz.model.Functions;
import com.xyz.model.Role;
import com.xyz.service.AccoutService;
import com.xyz.service.FunctionsService;
import com.xyz.service.RoleService;
public class AuthRealm extends AuthorizingRealm {
@Resource
@Lazy
AccoutService accoutService;
@Resource
@Lazy
RoleService roleService;
@Resource
@Lazy
FunctionsService functionsService;
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken uToken=(UsernamePasswordToken) token;
String uName=uToken.getUsername();
System.out.println(uName);
Accout accout=accoutService.selectByName(uName);
if(accout == null){
return null;
}
AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(accout,accout.getAccoutPass(),this.getClass().getName());
super.clearCachedAuthorizationInfo(authcInfo.getPrincipals());
SecurityUtils.getSubject().getSession().setAttribute("login", accout);
return authcInfo;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
Accout accout=(Accout) principals.getPrimaryPrincipal();
List roles=roleService.selectByAccoutId(accout.getAccoutId());
for (Role role : roles) {
authorizationInfo.addRole(role.getRoleId().toString());
Listfunctions=functionsService.selectByRoleId(role.getRoleId());
for (Functions functions2 : functions) {
System.out.println(functions2.getFuncCode());
authorizationInfo.addStringPermission(functions2.getFuncCode());
}
}
return authorizationInfo;
}
}
실행 시 @ RequiresRoles 설정 만 권한 통 제 를 실현 할 수 있 습 니 다. @ RequiresPermissions 는 전혀 사용 할 수 없습니다.
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
Kotlin Springboot -- 파트 14 사용 사례 REST로 전환하여 POST로 JSON으로 전환前回 前回 前回 記事 の は は で で で で で で を 使っ 使っ 使っ て て て て て リクエスト を を 受け取り 、 reqeustbody で 、 その リクエスト の ボディ ボディ を を 受け取り 、 関数 内部 ...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.