shiro配置留档

Shiro配置

shiro核心配置类

MyShiroRealm

继承 AuthorizingRealm 重写doGetAuthorizationInfo(授权),doGetAuthenticationInfo(鉴权)方法

MyShiroRealm

@Override
/**
 * create by: liumeng
 * description: 授权
 * create time: 2019/8/29 14:21
 * @param ： principalCollection
 * @return : org.apache.shiro.authz.AuthorizationInfo
 */
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    UserInfoEntity user = (UserInfoEntity) principalCollection.getPrimaryPrincipal();
    String userName = user.getUserName();
    UserInfoEntity userInfoEntity = userService.getAllUserInfoByUserName(userName);
    Set<String> roles = new HashSet<>();
    Set<String> perms = new HashSet<>();
    for (RoleEntity roleEntity :
            userInfoEntity.getRoles()) {
        roles.add(roleEntity.getRoleName());
        for (MenuEntity menu :
                roleEntity.getMenus()) {
            perms.add(menu.getPerms());
        }
        for (OperatorEntity operatorEntity :
                roleEntity.getOperators()) {
            perms.add(operatorEntity.getPerms());
        }
    }
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(roles);
    authorizationInfo.setStringPermissions(perms);
    return authorizationInfo;
}
 @Override
/**
 * create by: liumeng
 * description: 鉴权
 * create time: 2019/8/29 15:11
  * @param ： authenticationToken
  * @return : org.apache.shiro.authc.AuthenticationInfo
 */
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    String userName = (String) authenticationToken.getPrincipal();
    UserInfoEntity userInfoEntity = userService.getUserInfoByUserName(userName);
    if (userInfoEntity == null) {
        throw new UnknownAccountException("账号不存在");
    }
    if (userInfoEntity.getStatus() == 0){
        throw new LockedAccountException("账号被锁定");
    }
    return new SimpleAuthenticationInfo(userInfoEntity, userInfoEntity.getPassword(),
            ByteSource.Util.bytes(userInfoEntity.getSalt()), super.getName());
}

userService

@Resource
private UserInfoEntityMapper userMapper;

@Resource
private RoleEntityMapper roleMapper;

@Resource
private OperatorEntityMapper operatorMapper;

@Resource
private MenuEntityMapper menuMapper;

@Value("${shiro.admin}")
private String adminUser;
	
@Override
public UserInfoEntity getAllUserInfoByUserName(String userName) {
    UserInfoEntity userInfoEntity = userMapper.selectAllUserInfoByUserName(userName);
    if (userName.equals(adminUser))
    {
        //超级管理员账号获取所有角色和权限
        List<RoleEntity> roleEntities = roleMapper.selectAllRoles();
        List<MenuEntity> menuEntities = menuMapper.selectAllMenu();
        List<OperatorEntity> operatorEntities = operatorMapper.selectAllOperator();
        roleEntities.get(0).setMenus(menuEntities);
        roleEntities.get(0).setOperators(operatorEntities);
        userInfoEntity.setRoles(roleEntities);
    }
    return userInfoEntity;
}
@Override
public UserInfoEntity getUserInfoByUserName(String userName) {
    return userMapper.selectUserInfoByUserName(userName);
}

ShiroConfig

shiro核心配置类

@Bean
   /**
    * create by: liumeng
    * description: 开启thymeleaf shiro标签 支持
    * create time: 2019/8/29 15:19
     * @param ：
     * @return : at.pollux.thymeleaf.shiro.dialect.ShiroDialect
    */
   public ShiroDialect shiroDialect(){
       return new ShiroDialect();
   }

   @Bean
   /**
    * create by: liumeng
    * description: 密码匹配器
    * create time: 2019/8/29 14:14
     * @param ：
     * @return : org.apache.shiro.authc.credential.HashedCredentialsMatcher
    */
   public HashedCredentialsMatcher hashedCredentialsMatcher(){
       HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
       hashedCredentialsMatcher.setHashAlgorithmName("md5");
       //散列次数
       hashedCredentialsMatcher.setHashIterations(2);
       return hashedCredentialsMatcher;
   }

   @Bean
   /**
    * create by: liumeng
    * description: 自定义Shiro域
    * create time: 2019/8/29 15:16
     * @param ：
     * @return : com.shiro.howard.lm.config.MyShiroRealm
    */
   public MyShiroRealm myShiroRealm(){
       MyShiroRealm myShiroRealm = new MyShiroRealm();
       //注入自定义密码匹配器
       myShiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());
       return myShiroRealm;
   }
   @Bean
   /**
    * create by: liumeng
    * description: 注入securityManager
    * create time: 2019/8/29 15:18
     * @param ：
     * @return : org.apache.shiro.mgt.SecurityManager
    */
   public SecurityManager securityManager(){
       DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
       securityManager.setRealm(myShiroRealm());
       return securityManager;
   }

   @Bean
   /**
    * create by: liumeng
    * description: 配置Shiro过滤规则
    * create time: 2019/8/29 15:22
     * @param ： securityManager
     * @return : org.apache.shiro.spring.web.ShiroFilterFactoryBean
    */
   public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
       ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
       shiroFilterFactoryBean.setSecurityManager(securityManager);
       //配置拦截器
       Map<String,String> filterMap = new LinkedHashMap<>();
       filterMap.put("/favicon.ico", "anon");
       filterMap.put("/css/**", "anon");
       filterMap.put("/fonts/**", "anon");
       filterMap.put("/images/**", "anon");
       filterMap.put("/js/**", "anon");
       filterMap.put("/lib/**", "anon");
       filterMap.put("/login", "anon");
       filterMap.put("/register", "anon");
       filterMap.put("/403", "anon");
       filterMap.put("/404", "anon");
       filterMap.put("/500", "anon");
       filterMap.put("/error", "anon");
       filterMap.put("/login","anon");
       filterMap.put("/logout","logout");
       filterMap.put("/**","authc");
       shiroFilterFactoryBean.setLoginUrl("/login");
       shiroFilterFactoryBean.setSuccessUrl("/index");
       shiroFilterFactoryBean.setUnauthorizedUrl("/403");
       shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
       return shiroFilterFactoryBean;
   }
   @Bean
   /**
    * create by: liumeng
    * description: 开启AOP注解
    * create time: 2019/8/29 15:24
     * @param ： securityManager
     * @return : org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
    */
   public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
       AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
       authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
       return authorizationAttributeSourceAdvisor;
   }
   
   @Bean
   /**
    * create by: liumeng
    * description: 扫描上下文，寻找所有的Advistor(通知器）
    *              将这些Advisor应用到所有符合切入点的Bean中。
    * create time: 2019/8/29 15:25
     * @param ： 
     * @return : org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator
    */
   public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
       DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator=new DefaultAdvisorAutoProxyCreator();
       defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
       return defaultAdvisorAutoProxyCreator;
   }