a.基本依赖
shiro-spring-boot-starter;
spring-web;
lombok
b.shiro依赖
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.4.1</version>
</dependency>import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class SecurityConfig {
@Bean
public Realm shiroRealm() {
return new ShiroRealm();
}
public ShiroFilterChainDefinition shiroFilterChainDefinition() {
/*默认的shiro过滤器链*/
DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
/*定义 某个路径 使用哪个过滤器来处理*/
/** 过滤器定义有顺序*/
definition.addPathDefinition("/", "anon");//anon 过滤器缩写
definition.addPathDefinition("/login", "anon");
definition.addPathDefinition("/login.html", "anon");
definition.addPathDefinition("/css/**", "anon");
definition.addPathDefinition("/js/**", "anon");
definition.addPathDefinition("/images/**", "anon");
definition.addPathDefinition("/html/**", "anon");
/*logout 登出*/
definition.addPathDefinition("logout", "logout");
//其他则需要认证
definition.addPathDefinition("/**", "user");
return definition;
}**注意:过滤器有编写顺序!!更改顺序时自行查找。
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
/**
* 自定义Realm
*/
public class ShiroRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
return null;
}
}
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.won.dao.PermDao;
import com.won.dao.RoleDao;
import com.won.dao.UserDao;
import com.won.model.Role;
import com.won.model.User;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
@Slf4j
public class ShiroRealm extends AuthorizingRealm {
@Resource
private UserDao userDao;
@Resource
private RoleDao roleDao;
@Resource
private PermDao permDao;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
User user = (User) principals.getPrimaryPrincipal();
//查找该用户所有的角色
List<Role> roleList = roleDao.selectByUserId(user.getUserId());
Set<String> strRoles = roleList.stream()
.map(r -> r.getRoleName())
.collect(Collectors.toSet());
List<String> permissions = new ArrayList<>();
if (roleList.size() > 0) {
//查找该用户所有的权限
permissions = permDao.selectPermInRoleIds(roleList);
}
SimpleAuthorizationInfo authzInfo = new SimpleAuthorizationInfo();
authzInfo.setStringPermissions(new HashSet<>(permissions));
authzInfo.setRoles(strRoles);
return authzInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
log.info("执行ShiroRealm#doGetAuthenticationInfo {}", token);
Object username = token.getPrincipal();
QueryWrapper<User> qw = new QueryWrapper<>();
qw.eq("username", username);
User user = userDao.selectOne(qw);
return new SimpleAuthenticationInfo(user, user.getPassword(), getClass().getName());
}
}
**有不清楚可在提,第一次书写表达不清晰