1.依赖添加
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
2.
package com.abc.config; import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.Map; @Configuration public class MyShiroConfig { // Subject 关联SecurityManager // SecurityManager 关联Realm // Realm 关联数据 @Bean public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); Map<String,String> map = new HashMap<String,String>(); map.put("/user/login","anon"); map.put("/user/toindex","anon"); // map.put("/user/findUser","role"); map.put("/user/findUser","perms[user:update]"); map.put("/*","perms"); map.put("/*","role"); map.put("/*","authc"); shiroFilterFactoryBean.setSecurityManager(securityManager); shiroFilterFactoryBean.setFilterChainDefinitionMap(map); shiroFilterFactoryBean.setLoginUrl("/user/login"); shiroFilterFactoryBean.setLoginUrl("/user/"); shiroFilterFactoryBean.setUnauthorizedUrl("/user/unAuth"); return shiroFilterFactoryBean; } @Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(userRealm); return securityManager; } @Bean(name = "userRealm") public UserRealm getRealm(){ return new UserRealm(); } @Bean public ShiroDialect getShiroDialect(){ return new ShiroDialect(); } }
3.
package com.abc.config; import com.abc.User.service.IUserService; import com.abc.beans.Permission; import com.abc.beans.User; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import java.util.List; public class UserRealm extends AuthorizingRealm { @Autowired private IUserService userService; /* * 执行授权 * */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); Subject subject = SecurityUtils.getSubject(); User user = (User) subject.getPrincipal(); User dbUser = userService.findUserById(user.getId()); System.out.println("角色为"+dbUser.getRole()); List<String> list = userService.findPermissionByRoleId(dbUser.getRole()); System.out.println(list); // info.addRole(String.valueOf(dbUser.getRole())); info.addStringPermissions(list); return info; } /* 执行认证 * */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; User user = userService.findUserByUsernameAndPassword(token.getUsername()); if(user == null){ return null; } return new SimpleAuthenticationInfo(user,user.getPassword(),""); } }
4.
<div shiro:hasPermission="user:update">
<li><a th:data-href="@{/user/findUser}" data-href="admin-role.html" data-title="角色管理" href="javascript:void(0)">角色管理</a></li>
</div>