概述
-
在web.xml中设置shiro过滤器
<!--设置shiro过滤器-->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-
自定义realm(注入repository)
-
创建Map工厂
使用Map的好处方便对权限的修改增加等…
Map使用LinkedHashMap(有序的)
最后一定要添加map.put("/**",“authc”);
public class FilterChainDefinitionMapFactory {
public Map<String,String> createFilterChainDefinitionMap(){
Map<String,String> map = new LinkedHashMap<>();
//设置放行
map.put("/login", "anon");
map.put("/login22", "anon");
map.put("/easyui/**","anon");
map.put("/css/**","anon");
map.put("/fonts/**","anon");
map.put("/js/**","anon");
map.put("/images/**","anon");
map.put("/json/**","anon");
map.put("*.js","anon");
map.put("*.css","anon");
map.put("*.jpg","anon");
map.put("*.png","anon");
//设置权限拦截
// map.put("/employee/index","perms[employee:index]");
// map.put("/dept/index","perms[dept:index]");
//拦截所有
map.put("/**","authc");
return map;
}
}
-
配置applicationContext-shiro.xml
需要注意自定义的realm和工厂 class是类的完全限定名
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<!--得到securityManager对象-->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="jdbcRealm"/>
</bean>
<!--自定义的realm-->
<bean id="jdbcRealm" class="com.zhangxj.web.shiro.AiSystemRealm">
<!--密码的匹配器-->
<property name="credentialsMatcher">
<bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="MD5"/>
<property name="hashIterations" value="20"/>
</bean>
</property>
</bean>
<!--shiro注解的支持-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- shiro过滤器配置,id名字必须和web.xml中的名字一样 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login"/>
<property name="successUrl" value="/main"/>
<property name="unauthorizedUrl" value="/s/unauthorized.jsp"/>
<!--引用工厂返回的bean,配好之后需要重启服务器-->
<property name="filterChainDefinitionMap" ref="filterChainDefinitionMap"/>
</bean>
<!--实体工厂bean的生产map的方法,返回也是一个bean-->
<bean id="filterChainDefinitionMap" factory-bean="filterChainDefinitionMapFactory" factory-method="createFilterChainDefinitionMap"/>
<!--创建生产map的工厂-->
<bean id="filterChainDefinitionMapFactory" class="com.zhangxj.web.shiro.FilterChainDefinitionMapFactory"/>
</beans>
最后
以上就是尊敬朋友为你收集整理的Shiro与Spring集成xml配置及灵活的设置权限问题的全部内容,希望文章能够帮你解决Shiro与Spring集成xml配置及灵活的设置权限问题所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复