Spingboot的Shiro的配置

is考拉發表於2018-11-30

Config


import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;

import javax.annotation.Resource;
import javax.servlet.Filter;
import java.util.HashMap;
import java.util.Map;


@Slf4j
@Configuration
public class ShiroConfig {


    /***
     * 具體的驗證規則實現類
     */
    @Resource
    ShiroRealm shiroRealm;

    @Bean
    public EhCacheManager ehCacheManager() {
        return null;
    }

    @Bean
    public LoginFilterShiro loginFilterShiro() {
        return new LoginFilterShiro();
    }

    @Bean
    public FilterRegistrationBean delegatingFilterProxy() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        DelegatingFilterProxy proxy = new DelegatingFilterProxy();
        proxy.setTargetFilterLifecycle(true);
        proxy.setTargetBeanName("shiroFilter");
        filterRegistrationBean.setFilter(proxy);
        return filterRegistrationBean;
    }

    /***
     * 許可權管理
     * @return
     */
    @Bean
    public SecurityManager securityManager() {
        log.info("----------------載入shiro許可權管理器---------------");
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(shiroRealm);
        return defaultWebSecurityManager;
    }

    /***
     * Shiro過濾器，用於過濾相關請求
     * @param securityManager
     * @return
     */
    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        log.info("----------------載入shiro許可權過濾器---------------");
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setLoginUrl("/account/unauth");

        shiroFilterFactoryBean.setSecurityManager(securityManager);

        Map<String, Filter> filterMap = new HashMap<>();
        filterMap.put("authc", new LoginFormAuthenticationFilter());
        shiroFilterFactoryBean.setFilters(filterMap);

        Map<String, String> pathMap = new HashMap<>();
        pathMap.put("/js/**", "anon");
        pathMap.put("/images/**", "anon");
        pathMap.put("/plugins/**", "anon");
        pathMap.put("/webjars/**", "anon");
        pathMap.put("/account/login", "anon");
        pathMap.put("/swagger-ui.html", "anon");
        pathMap.put("/swagger-resources/**", "anon");
        pathMap.put("/v2/**", "anon");
        //
        pathMap.put("/appsvr/**", "anon");
        pathMap.put("/**", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(pathMap);

        return shiroFilterFactoryBean;
    }

    /***
     * Shiro 用於生效註解
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        log.info("----------------載入SourceAdvisor---------------");
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


}

Realm


import com.baomidou.mybatisplus.mapper.EntityWrapper;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.builder.ReflectionToStringBuilder;
import org.apache.commons.lang.builder.ToStringStyle;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Slf4j
@Service
public class ShiroRealm extends AuthorizingRealm {

    @Autowired
    private LoginService loginService;

    @Autowired
    private BusUserService busUserService;

    @Autowired
    private BusUserRoleService busUserRoleService;

    @Autowired
    private BaseRoleService baseRoleService;

    @Value("${shiroRealm.BIAuthentic}")
    private Boolean authentic;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String userName = (String) super.getAvailablePrincipal(principalCollection);
        log.info("登入驗證，使用者資訊----{}", userName);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addStringPermission("authc");
        Subject subject=SecurityUtils.getSubject();
        List<String> roleList = (List<String>) subject.getSession().getAttribute("roleCodeList");
        simpleAuthorizationInfo.addRoles(roleList);
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        log.info("------------------Shiro身份認證-----------------");
        BILoginToken token = (BILoginToken) authenticationToken;
        if (null == token) {
            throw new AuthenticationException();
        }
        String userName = token.getUsername();
        String password = String.valueOf(token.getPassword());
        String validCode = token.getValidCode();
        String requestId = token.getRequestId();
        log.info("token中的userName:" + userName + " validCode:" + validCode + " requestId:" + requestId);

       

            //查詢使用者角色關係表
            BusUserRole busUserRole = new BusUserRole();
            busUserRole.setUserId(busUser.getId());
            EntityWrapper<BusUserRole> busUserRoleEntityWrapper = new EntityWrapper<>(busUserRole);
            List<BusUserRole> busUserRoleList = busUserRoleService.selectList(busUserRoleEntityWrapper);
            List<String>roleCodeList=new ArrayList<>();
            List<String> roleIdList = new ArrayList<>();
            if (0 < busUserRoleList.size()) {
                for (BusUserRole temp : busUserRoleList) {
                    roleIdList.add(temp.getRoleId());
                }
            }
            log.info("使用者的角色Id為:" + JsonUtil.objectToJson(roleIdList));

            //查詢角色列表
            List<BaseRole> baseRoleList = baseRoleService.getRoleByRoleIds(roleIdList);
            log.info("查詢到的角色列表為:" + JsonUtil.objectToJson(baseRoleList));
            List<Integer> roleList = new ArrayList<>();
            for (BaseRole temp : baseRoleList) {
                String roleCode = temp.getId();
                if (RoleEnum.ROLE_CODE_OPERATION.getDesc().equals(roleCode)) {
                    roleList.add(1);
                }
                if (RoleEnum.ROLE_CODE_SALE.getDesc().equals(roleCode)) {
                    roleList.add(2);
                }
                if (RoleEnum.ROLE_CODE_ADMIN.getDesc().equals(roleCode)) {
                    roleList.add(0);
                }
                roleCodeList.add(temp.getRoleCode());
            }

            //token返回賦值
            token.setBaseRoleList(roleList);
            token.setUsername(busUser.getUsername());
            token.setUm(busUser.getUm());
            token.setId(busUser.getId());
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userName, password, ByteSource.Util.bytes(userName), getName());
            Subject subject = SecurityUtils.getSubject();
            subject.getSession().setAttribute("userInfo", busUser);
            subject.getSession().setAttribute("roleList", baseRoleList);
            subject.getSession().setAttribute("roleCodeList",roleCodeList);
            return simpleAuthenticationInfo;
    }
}

Spingboot 讀取 yml 配置檔案裡的引數值
2021-12-29
boot
springboot Shiro 配置類
2022-01-25
Spring Boot
springboot 整合 Shiro 配置類
2022-05-16
Spring Boot
Shiro許可權管理框架（一）：Shiro的基本使用
2019-07-28
框架
關於shiro安全框架和shiro的認證流程
2020-11-17
框架
shiro多realm配置免密碼登陸
2018-12-06
密碼
SpingBoot：整合Elasticsearch7.2.0
2019-08-25
bootElasticsearch
最簡明的Shiro教程
2020-03-22
Shiro Filter的設計概念
2020-04-05
Filter
Shiro的原理及Web搭建
2018-10-14
Web
走進shiro，構建安全的應用程式---shiro修仙序章
2020-10-04
[翻譯-Shiro]-整合Apache Shiro到基於Spring的應用
2011-09-28
ApacheSpring
SpingBoot @Scheduled定時任務
2024-05-15
boot
springboot+shiro+jwt+vue配置全攻略
2020-10-10
Spring BootJWTVue
Shiro中的Remember me設定
2018-05-30
REM
shiro教程（2）： shiro介紹
2018-04-12
開啟IDEA工具的service執行spingboot啟動類
2024-09-12
Ideaboot
SpingBoot_學習筆記整合
2020-10-03
boot筆記
[翻譯-Shiro]-Apache Shiro 簡介
2011-10-06
Apache
[翻譯-Shiro]-Apache Shiro 框架解析
2011-10-11
Apache框架
簡單的整合 shiro + SpringMVC 例子
2021-08-14
SpringMVC
Shiro(認證的執行流程Authentication)
2018-08-14
Shiro中principal和credential的區別
2020-11-29
【Shiro】4.Springboot整合Shiro
2024-10-07
Spring Boot
Shiro 教程
2017-04-13
Shiro【授權、整合Spirng、Shiro過濾器】
2018-03-21
過濾器
Shiro系列教程之一Shiro簡介
2018-07-02
[翻譯-Shiro]-Apache Shiro Java認證指南
2011-10-08
ApacheJava
[翻譯-Shiro]-Apache Shiro Java 授權指南
2011-10-10
ApacheJava
[翻譯-Shiro]-Apache Shiro Java註解列表
2011-10-10
ApacheJava
Shiro入門這篇就夠了【Shiro的基礎知識、回顧URL攔截】
2018-03-21
基於shiro的自定義註解的擴充套件
2018-08-09
套件
web開發安全框架中的Apache Shiro的應用
2019-01-19
Web框架Apache
Android Spingboot 實現SSE通訊案例
2024-07-24
Androidboot
Linux上java-jar Spingboot專案
2024-06-17
LinuxJavaJARboot
Apache Shiro 快速入門教程，shiro 基礎教程
2015-06-03
Apache
[翻譯-Shiro]-10分鐘教會你Apache Shiro
2011-09-06
Apache
shiro 整合Mybatis
2024-05-18
MyBatis

Spingboot的Shiro的配置

相關文章