创建配置类
@Configurationpublic class ShiroConfig {//创建shiroFilter@Beanpublic ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){...}//创建安全管理器@Beanpublic DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm){....}//创建自定义realm@Beanpublic Realm getRealm(){return new CustomerRealm();}}
配置ShiroFilterFactoryBean
@Beanpublic ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();//给Filter设置安全管理器shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);// 配置系统的受限资源// 配置系统的公共资源Map<String,String> map = new HashMap<>();map.put("/index.jsp","authc");//authc 请求这个资源需要认证和授权//默认认证界面路径shiroFilterFactoryBean.setLoginUrl("/login.jsp");shiroFilterFactoryBean.setFilterChainDefinitionMap(map);return shiroFilterFactoryBean;}
配置WebSecurityManager
@Beanpublic DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm){DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();//给安全管理器设置RealmdefaultWebSecurityManager.setRealm(realm);return defaultWebSecurityManager;}
创建自定义Realm
public class CustomerRealm extends AuthorizingRealm {@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {return null;}@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {return null;}}
配置自定义Realm
//创建自定义realm@Beanpublic Realm getRealm(){CustomerRealm customerRealm = new CustomerRealm();return customerRealm;}
访问主页
启动SpringBoot应用访问index
加入权限控制
- 修改ShiroFilterFactoryBean配置 ```java //给Filter设置安全管理器 shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
// 配置系统的受限资源
// 配置系统的公共资源
Map
```
/** 代表拦截项目中的一切资源 authc代表shiro中的一个filter的别名
若有收获,就点个赞吧
0 人点赞
