spring boot集成shiro详细教程(小结)

  <dependency>   <artifactId>ehcache-core</artifactId>   <groupId>net.sf.ehcache</groupId>   <version>2.5.0</version>  </dependency>  <dependency>   <groupId>org.apache.shiro</groupId>   <artifactId>shiro-ehcache</artifactId>   <version>1.2.2</version>  </dependency>  <dependency>   　　<groupId>org.slf4j</groupId>   　　<artifactId>slf4j-api</artifactId>   　　<version>1.7.25</version>  </dependency>    <dependency>   <groupId>org.apache.shiro</groupId>   <artifactId>shiro-core</artifactId>   <version>1.2.3</version>  </dependency>  <dependency>   <groupId>org.apache.shiro</groupId>   <artifactId>shiro-web</artifactId>   <version>1.2.3</version>  </dependency>  <dependency>   <groupId>org.apache.shiro</groupId>   <artifactId>shiro-spring</artifactId>   <version>1.2.3</version>  </dependency>

<dependency> 　　<groupId>org.slf4j</groupId> 　　<artifactId>slf4j-log4j12</artifactId> 　　<version>1.7.25</version></dependency>

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"> <context:component-scan base-package="com.len"/> <!--定义realm--> <bean id="myRealm" class="com.len.core.shiro.LoginRealm">  <property name="credentialsMatcher" ref="credentialsMatcher"/> </bean> <bean id="permissionFilter" class="com.len.core.filter.PermissionFilter"/> <!--目前去掉自定义拦截验证 由个人处理登录业务--> <!--<bean id="customAdvicFilter" class="com.len.core.filter.CustomAdvicFilter">  <property name="failureKeyAttribute" value="shiroLoginFailure"/> </bean>--> <bean id="verfityCodeFilter" class="com.len.core.filter.VerfityCodeFilter">  <property name="failureKeyAttribute" value="shiroLoginFailure"/>  <property name="jcaptchaParam" value="code"/>  <property name="verfitiCode" value="true"/> </bean> <!-- Shiro过滤器 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">  <property name="securityManager" ref="securityManager"/> <property name="loginUrl" value="/login"/>  <property name="unauthorizedUrl" value="/goLogin" />  <property name="filters">   <map>    <entry key="per" value-ref="permissionFilter"/>    <entry key="verCode" value-ref="verfityCodeFilter"/>    <!--<entry key="main" value-ref="customAdvicFilter"/>-->   </map>  </property>  <property name="filterChainDefinitions">   <value>    <!-- /** = anon所有url都可以匿名访问 -->    /login = verCode,anon    /getCode = anon    /logout = logout    /plugin/** = anon    <!-- /** = authc 所有url都必须认证通过才可以访问-->    /user/**=per    <!-- /login = main-->    /** = authc   </value>  </property> </bean> <!--安全管理器--> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">  <property name="realm" ref="myRealm"/>  <property name="cacheManager" ref="cacheManager" />  <!--<property name="rememberMeManager" ref="rememberMeManager" />--> </bean> <!-- 凭证匹配器 --> <bean id="credentialsMatcher"  class="com.len.core.shiro.RetryLimitCredentialsMatcher">  <constructor-arg index="0" ref="cacheManager"/>  <constructor-arg index="1" value="5"/>  <property name="hashAlgorithmName" value="md5"/>  <property name="hashIterations" value="4"/> </bean> <!--缓存--> <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">  <property name="cacheManagerConfigFile" value="classpath:ehcache/ehcache.xml"/> </bean> <!--开启注解--> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">  <property name="securityManager" ref="securityManager" /> </bean> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /></beans>

@Configurationpublic class ShiroConfig { @Bean public RetryLimitCredentialsMatcher getRetryLimitCredentialsMatcher(){  RetryLimitCredentialsMatcher rm=new RetryLimitCredentialsMatcher(getCacheManager(),"5");  rm.setHashAlgorithmName("md5");  rm.setHashIterations(4);  return rm; } @Bean public LoginRealm getLoginRealm(){  LoginRealm realm= new LoginRealm();  realm.setCredentialsMatcher(getRetryLimitCredentialsMatcher());  return realm; } @Bean public EhCacheManager getCacheManager(){  EhCacheManager ehCacheManager=new EhCacheManager();  ehCacheManager.setCacheManagerConfigFile("classpath:ehcache/ehcache.xml");  return ehCacheManager; } @Bean public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {  return new LifecycleBeanPostProcessor(); } @Bean(name="securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(){  DefaultWebSecurityManager dwm=new DefaultWebSecurityManager();  dwm.setRealm(getLoginRealm());  dwm.setCacheManager(getCacheManager());  return dwm; } @Bean public PermissionFilter getPermissionFilter(){  PermissionFilter pf=new PermissionFilter();  return pf; } @Bean public VerfityCodeFilter getVerfityCodeFilter(){  VerfityCodeFilter vf= new VerfityCodeFilter();  vf.setFailureKeyAttribute("shiroLoginFailure");  vf.setJcaptchaParam("code");  vf.setVerfitiCode(true);  return vf; } @Bean(name = "shiroFilter") public ShiroFilterFactoryBean getShiroFilterFactoryBean(){  ShiroFilterFactoryBean sfb = new ShiroFilterFactoryBean();  sfb.setSecurityManager(getDefaultWebSecurityManager());  sfb.setLoginUrl("/login");  sfb.setUnauthorizedUrl("/goLogin");  Map<String, Filter> filters=new HashMap<>();  filters.put("per",getPermissionFilter());  filters.put("verCode",getVerfityCodeFilter());  sfb.setFilters(filters);  Map<String, String> filterMap = new LinkedHashMap<>();  filterMap.put("/login","verCode,anon");  //filterMap.put("/login","anon");  filterMap.put("/getCode","anon");  filterMap.put("/logout","logout");  filterMap.put("/plugin/**","anon");  filterMap.put("/user/**","per");  filterMap.put("/**","authc");  sfb.setFilterChainDefinitionMap(filterMap);  return sfb; } @Bean public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {  DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();  advisorAutoProxyCreator.setProxyTargetClass(true);  return advisorAutoProxyCreator; } @Bean public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){  AuthorizationAttributeSourceAdvisor as=new AuthorizationAttributeSourceAdvisor();  as.setSecurityManager(getDefaultWebSecurityManager());  return as; } @Bean public FilterRegistrationBean delegatingFilterProxy(){  FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();  DelegatingFilterProxy proxy = new DelegatingFilterProxy();  proxy.setTargetFilterLifecycle(true);  proxy.setTargetBeanName("shiroFilter");  filterRegistrationBean.setFilter(proxy);  return filterRegistrationBean; }