springboot 통합 shiro @ RequiresPermissions 는 유효 하지 않 지만 @ RequiresRoles 는 사용 할 수 있 습 니 다.

	    
	      org.springframework.boot
			spring-boot-starter
	    
	    
	    
			org.springframework.boot
			spring-boot-starter-web			
		
		
		
		
            org.springframework.boot
            spring-boot-starter-log4j2
        
		
		
			org.springframework.boot
			spring-boot-starter-thymeleaf			
			
		
		
		    org.springframework.boot
		    spring-boot-starter-cache
		
		
		    net.sf.ehcache
		    ehcache
		

			
		
		
		org.apache.shiro
		shiro-spring
		1.2.5
	
	
		org.apache.shiro
		shiro-ehcache
		1.2.5
	
	
		com.github.theborakompanioni
		thymeleaf-extras-shiro
		1.2.1
	

		
		
			org.springframework.boot
			spring-boot-starter-test
			test
		
		
			
			org.mybatis.spring.boot
			mybatis-spring-boot-starter
			1.3.1
		
		  
        
		
		    com.github.pagehelper
		    pagehelper-spring-boot-starter
		    1.1.1
		

		
		
			mysql
			mysql-connector-java
			runtime
		
				
		
			io.springfox
			springfox-swagger2
			2.7.0
		
        
        
			commons-fileupload
			commons-fileupload
			1.3.1
		
		
		 
			io.springfox
			springfox-swagger-ui
			2.7.0
		 
		 
		 
			    com.belerweb
			    pinyin4j
			    2.5.0
			
			
			
			
				com.nimbusds
				oauth2-oidc-sdk
				4.5
			

package com.xyz.configurer;

import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

import com.xyz.realm.AuthRealm;



import java.util.LinkedHashMap;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
@Configuration
public class ShiroConfiguration {
	
	
	@Bean
    public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager")SecurityManager securityManager) {
        ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);     
        //      
        LinkedHashMap filterChainDefinitionMap=new LinkedHashMap<>();
        filterChainDefinitionMap.put("/static/**", "anon");
        filterChainDefinitionMap.put("/image/**", "anon");
        filterChainDefinitionMap.put("/layui/**", "anon");
        filterChainDefinitionMap.put("/jquery.min.js", "anon");
      
        filterChainDefinitionMap.put("/logout", "logout");
        filterChainDefinitionMap.put("/loginIn", "logout");
        //                  
        filterChainDefinitionMap.put("/**", "authc");
        
        //     url      url
        bean.setLoginUrl("/login");
        //            
        bean.setSuccessUrl("/index");
      //     ;
        bean.setUnauthorizedUrl("/403");
        bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return bean;
    }

	/**
	 *      
	 * @return
	 */
	@Bean
	public EhCacheManager ehCacheManager(){
	    EhCacheManager cacheManager = new EhCacheManager();
	    cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
	    return cacheManager;
	}


  //           
    @Bean
    public SecurityManager securityManager() {
       
        DefaultWebSecurityManager manager=new DefaultWebSecurityManager();
        manager.setRealm(authRealm());
        manager.setCacheManager(ehCacheManager());
        return manager;
    }
    //           
    @Bean
    @DependsOn("lifecycleBeanPostProcessor")
    public AuthRealm authRealm() {
        AuthRealm authRealm=new AuthRealm();
        authRealm.setCacheManager(ehCacheManager());
        //authRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return authRealm;
    }
//    @Bean
//    public HashedCredentialsMatcher hashedCredentialsMatcher(){
//        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
//        hashedCredentialsMatcher.setHashAlgorithmName("md5");//    :    md5  ;
//        hashedCredentialsMatcher.setHashIterations(2);//     ，      ，    md5( md5(""));
//        return hashedCredentialsMatcher;
//    }
    
    /**
     * Shiro       
     * @return
     */
    @Bean("lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        return new LifecycleBeanPostProcessor();
    }
    
    /**
     *       
     * @return
     */
    @Bean
    @DependsOn("lifecycleBeanPostProcessor")
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }
    
    /**
     *    shiro aop    .
     *        ;          ;  @RequiresRoles       
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

}

package com.xyz.realm;

import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.context.annotation.Lazy;

import com.xyz.model.Accout;
import com.xyz.model.Functions;
import com.xyz.model.Role;
import com.xyz.service.AccoutService;
import com.xyz.service.FunctionsService;
import com.xyz.service.RoleService;

public class AuthRealm extends AuthorizingRealm {
	   @Resource
	   @Lazy
       AccoutService accoutService;
	   @Resource
	   @Lazy
       RoleService roleService;
	   @Resource
	   @Lazy
	   FunctionsService functionsService;
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		UsernamePasswordToken uToken=(UsernamePasswordToken) token;
		String uName=uToken.getUsername();
		System.out.println(uName);
		Accout  accout=accoutService.selectByName(uName);		
		if(accout == null){
		      return null;
		    }
		AuthenticationInfo authcInfo=new SimpleAuthenticationInfo(accout,accout.getAccoutPass(),this.getClass().getName());
		super.clearCachedAuthorizationInfo(authcInfo.getPrincipals());
		SecurityUtils.getSubject().getSession().setAttribute("login", accout);
		return authcInfo;
	}
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		Accout accout=(Accout) principals.getPrimaryPrincipal();
		List roles=roleService.selectByAccoutId(accout.getAccoutId());		
		for (Role role : roles) {
			authorizationInfo.addRole(role.getRoleId().toString());			
			Listfunctions=functionsService.selectByRoleId(role.getRoleId());			
			for (Functions functions2 : functions) {
				System.out.println(functions2.getFuncCode());
				authorizationInfo.addStringPermission(functions2.getFuncCode());
			  }
		  }
		return authorizationInfo;
	}

	

}