SpringBoot整合Shiro
http://shiro.apache.org/spring-boot.html
导入依赖
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.5.3</version>
</dependency>
配置Realm
@Bean
public Realm realm() {
return new ShiroUserRealm();
}
说明:ShiroUserRealm是我们自己根据具体的业务要求实现,该类继承AuthorizingRealm
配置ShiroFilterChainDefinition
@Bean
public ShiroFilterChainDefinition shiroFilterChainDefinition() {
DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
LinkedHashMap< String, String> map = new LinkedHashMap<>();
//静态资源允许匿名访问,"anon",有shiro框架定义,会对应一个过滤器对象
map.put("/bower_components/**", "anon");
map.put("/build/**", "anon");
map.put("/dist/**", "anon");
map.put("/plugins/**", "anon");
map.put("/user/doLogin", "anon");//放开登录操作
// map.put("/doIndexUI", "anon");
map.put("/doLogout", "logout");
// map.put("/**", "anon");//放开登录操作
//不允许匿名访问:(认证以后访问)authc,放在下面
map.put("/**", "user");//authc
chainDefinition.addPathDefinitions(map);
return chainDefinition;
}
根据需要配置CacheManager
@Bean
protected CacheManager ShiroCacheManager() {
return new MemoryConstrainedCacheManager();
}
配置认证的首页页面,在yml或者properties文件中配置
#shiro
shiro:
loginUrl: /doLoginUI
rememberMeManager:
cookie:
name: rememberMe
maxAge: 604800
配置完毕