0
点赞
收藏
分享

微信扫一扫

shiro引入三部曲

舍予兄 2022-04-04 阅读 53
java后端数据库

第一步创建shiroConfig类

package com.hq.shiro4.config;


import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    //3.会话管理器
    @Bean
    public SessionManager getSessionsSecurityManager(){
        //设置session的过期时间
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setGlobalSessionTimeout(60*60*1000);
        sessionManager.setSessionValidationSchedulerEnabled(true);
        //去掉shiro登陆时候的JSESSIONID
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return sessionManager;
    }


    //2.添加安全管理器 交给spring容器管理这个对象DefaultWebSecurityManager
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(MyRealm myRealm,SessionManager sessionManager){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setSessionManager(sessionManager);
        securityManager.setRealm(myRealm);
        return securityManager;
    }

    //1.添加过滤器 交给spring容器管理这个对象ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean();
        //给过滤器添加安全管理器
        filter.setSecurityManager(securityManager);
        //给过滤器添加过滤规则
        Map<String,String> map = new HashMap<>();
        map.put("/","anon");
        map.put("/login.html","anon");
        map.put("/user/login","anon");
        map.put("/user/registry","anon");
        map.put("/**","authc");
        filter.setFilterChainDefinitionMap(map);
        //登陆的网页
        filter.setLoginUrl("login.html");
        filter.setUnauthorizedUrl("/"); //身份认证不成功跳转到登陆页面
        return filter;
    }
}

第二步 创建myRealm

package com.hq.shiro4.config;

import com.hq.shiro4.mapper.UserMapper;
import com.hq.shiro4.pojo.SysUser;
import com.mysql.cj.util.StringUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

@Component
public class MyRealm extends AuthorizingRealm {

    @Autowired
    private UserMapper userMapper;

    //权限验证
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SysUser user = (SysUser)principalCollection.getPrimaryPrincipal();
        //用户信息不存在
        if(user == null) {
            throw new UnknownAccountException("账号不存在");
        }
        //用户信息存在查询权限信息
        Long userId = user.getUserId();
        List<String> perms = userMapper.selectAllPerm(userId);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        Set<String> pemmisons = new HashSet<>();
        for(String perm:perms){
            if(StringUtils.isNullOrEmpty(perm)){
                continue;
            }
            pemmisons.add(perm);
        }
        simpleAuthorizationInfo.setStringPermissions(pemmisons);
        return simpleAuthorizationInfo;
    }
    //身份认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        SysUser sysUser = userMapper.selectOne(token.getUsername());
        //判断用户信息
        if(sysUser == null){
            throw new UnknownAccountException("账户不存在");

        }
        //判断密码是否一致
        if(!token.getPassword().equals(sysUser.getPassword())){
            throw new UnknownAccountException("密码错误");
        }
        //判断用户状态
        if(sysUser.getStatus() == 0){
            throw new LockedAccountException("账户锁定,联系管理员");
        }
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(sysUser,sysUser.getPassword(),
                ByteSource.Util.bytes(sysUser.getSalt()),getName());
        return info;
    }
}

第三步:

package com.hq.shiro4.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authz.AuthorizationException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;

/**
 * 全局异常处理
 */
@RestControllerAdvice
public class ShiroException {

    @ExceptionHandler(AuthorizationException.class)
    public String autuz(){
        return "没有权限信息";
    }

    @ExceptionHandler(AuthenticationException.class)
    public String autuc(){
        return "没有身份信息";
    }

    @ExceptionHandler(Exception.class)
    public String handleE(){
        return "异常";
    }
}

数据库信息

举报

相关推荐

nginx三部曲(一)

nginx运维apache

调用组件三部曲

vue2Vue.js前端开发

递归解题三部曲

递归最大深度链表Python编程语言

性能压测三部曲

压测响应时间数据Python后端开发

Nginx三部曲(1)基础

NginxWeb服务器nginxhtml服务器虚拟化云计算

掌握Python开发三部曲

python人工智能编程语言大数据web开发代码人生

算法镇魂三部曲!

自然语言处理Google订阅号HarmonyOS后端开发

14.4、web排错三部曲

ip地址服务器客户端虚拟化云计算

低代码三部曲之未来

使用场景代码实现系统架构软件设计软件研发yyds干货盘点

Tcp编程demo之三部曲

java.net服务端Linux系统/运维
0 条评论