JAVA全系列 教程
3762个小节阅读:7089.8k
C语言快速入门
JAVA全系列 教程
面向对象的程序设计语言
Python全系列 教程
Python3.x版本,未来主流的版本
人工智能 教程
顺势而为,AI创新未来
大厂算法 教程
算法,程序员自我提升必经之路
C++ 教程
一门通用计算机编程语言
微服务 教程
目前业界流行的框架组合
web前端全系列 教程
通向WEB技术世界的钥匙
大数据全系列 教程
站在云端操控万千数据
AIGC全能工具班
A A
White Night
xxxxxxxxxx
**
* :
*/
prefix = "shiro") (
public class ShiroProperties {
/**
* 密码加密方式
*/
private String hashAlgorithmName="md5";
/**
* 密码散列次数
*/
private Integer hashIterations=2;
/**
* 不拦击的路径
*/
private String [] anonUrls;
/**
* 拦截的路径
*/
private String [] authcUrls;
}
xxxxxxxxxx
package com.bjsxt.config.shiro;
import ...
/**
* @Author:
* 自定义realm去匹配用户名和密码
*/
public class UserRealm extends AuthorizingRealm {
private UserService userService;
public String getName() {
return this.getClass().getSimpleName();
}
/**
* 做认证 --就是登陆
* @param token
* @return
* @throws AuthenticationException
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//得到用户登陆名
String phone=token.getPrincipal().toString();
//根据电话查询用户是否存在
User user = userService.queryUserByPhone(phone);
if(null!=user){//说明用户存在,但是密码可能不正确
//组装存放到reids里面的对象
ActiverUser activerUser=new ActiverUser();
activerUser.setUser(user);
//匹配密码
SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(
activerUser,user.getPassword(), ByteSource.Util.bytes(user.getSalt()),this.getName());
return info;
}else{
return null;//代表用户不存在
}
}
/**
* 做授权 --登陆成功之后判断用户是否有某个菜单或按钮的权限
* @param principals
* @return
*/
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
ActiverUser activerUser= (ActiverUser) principals.getPrimaryPrincipal();//身份得到的就是上一个方法的返回值的值 第一个参数activerUser
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
return info;
}
}
xxxxxxxxxx
package com.itbaizhan.openhis.config.shiro;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.IRedisManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig;
import javax.servlet.Filter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
/**
* @Author:
*/
value = {ShiroProperties.class, RedisProperties.class}) (
public class ShiroAutoConfiguration {
private ShiroProperties shiroProperties;
private RedisProperties redisProperties;
public static final String SHIRO_FILTER_NAME = "shiroFilter";
public ShiroAutoConfiguration(ShiroProperties shiroProperties, RedisProperties redisProperties) {
this.shiroProperties = shiroProperties;
this.redisProperties = redisProperties;
}
/**
* 创建凭证匹配器
*/
public HashedCredentialsMatcher getHashedCredentialsMatcher() {
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
//注入散列算法名
matcher.setHashAlgorithmName(shiroProperties.getHashAlogrithmName());
//注入散列次数
matcher.setHashIterations(shiroProperties.getHashIterators());
return matcher;
}
/**
* 创建自定义realm
* 并注入凭证匹配器
*/
value = {UserRealm.class}) (
public UserRealm getUserRealm(HashedCredentialsMatcher matcher) {
UserRealm userRealm = new UserRealm();
//注入凭证匹配器
userRealm.setCredentialsMatcher(matcher);
return userRealm;
}
/**
* 创建安全管理器
*/
value = DefaultWebSecurityManager.class) (
public DefaultWebSecurityManager getSecurityManager(DefaultWebSessionManager defaultWebSessionManager, UserRealm userRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//注入realm
securityManager.setRealm(userRealm);
securityManager.setSessionManager(defaultWebSessionManager);
return securityManager;
}
/**
* -声明过滤器
* Shiro 的Web过滤器 id必须和web.xml里面的shiroFilter的 targetBeanName的值一样
*/
value = SHIRO_FILTER_NAME) (
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//注入安全管理器
bean.setSecurityManager(securityManager);
//处理用户未认证访问要认证的地址的跳转问题 默认是跳转到shiroProperties.getLoginUrl()现在改成以json串形式返回
Map<String, Filter> filters = new HashMap<>();
filters.put("authc", new ShiroLoginFilter());
bean.setFilters(filters);
Map<String, String> map = new HashMap<>();
//配置不拦击的路径
String[] anonUrls = shiroProperties.getAnonUrls();
if (anonUrls != null && anonUrls.length > 0) {
for (String anonUrl : anonUrls) {
map.put(anonUrl, "anon");
}
}
//配置拦截的路径
String[] authcUrls = this.shiroProperties.getAuthcUrls();
if (authcUrls != null && authcUrls.length > 0) {
for (String authcUrl : authcUrls) {
map.put(authcUrl, "authc");
}
}
bean.setFilterChainDefinitionMap(map);
return bean;
}
/**
* sessionManager 里面可以决定sessionDAO
* @param redisSessionDao
* defaultWebSessionManager来源com.sxt.system.config.TokenWebSessionManager
* @return
*/
public DefaultWebSessionManager defaultWebSessionManager(RedisSessionDAO redisSessionDao) {
DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
defaultWebSessionManager.setSessionDAO(redisSessionDao);
return defaultWebSessionManager;
}
/**
* 使用Redis 来存储登录的信息
* sessionDao 还需要设置给sessionManager
*/
public RedisSessionDAO redisSessionDAO(IRedisManager redisManager) {
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(redisManager); //操作那个redis
redisSessionDAO.setExpire(7 * 24 * 3600); // 用户的登录信息保存多久? 7 天
return redisSessionDAO;
}
/**
* 因为分步式项目,所以使用redis去存我们的登陆Session
* @return
*/
public IRedisManager redisManager() {
//因为RedisManager要操作redis所以必须把Redis的客户端给RedisManager
RedisManager redisManager = new RedisManager();
JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();
JedisPool jedisPool = new JedisPool(jedisPoolConfig, redisProperties.getHost(), redisProperties.getPort(), 5000, redisProperties.getPassword());
redisManager.setJedisPool(jedisPool);
return redisManager;
}
}
xxxxxxxxxx
package com.bjsxt.config.shiro;
import com.alibaba.fastjson.JSON;
import com.bjsxt.constants.HttpStatus;
import com.bjsxt.vo.AjaxResult;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
/**
* @Author:
* 判断用户是否进行了登录
*/
public class ShiroLoginFilter extends FormAuthenticationFilter {
/**
* 在访问controller前判断是否登录,返回json,不进行重定向。
* @param request
* @param response
* @return true-继续往下执行,false-该filter过滤器已经处理,不继续执行其他过滤器
* @throws Exception
*/
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setCharacterEncoding("UTF-8");
httpServletResponse.setContentType("application/json");
AjaxResult ajaxResult=AjaxResult.fail();
ajaxResult.put("code", HttpStatus.UNAUTHORIZED);
ajaxResult.put("msg", "登录认证失效,请重新登录!");
httpServletResponse.getWriter().write(JSON.toJSON(ajaxResult).toString());
return false;
}
}
xxxxxxxxxx
package com.bjsxt.config.shiro;
import com.bjsxt.constants.Constants;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.context.annotation.Configuration;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.io.Serializable;
import java.util.UUID;
/**
* @Author:
* @Description 生成toke
* * 如果没有token生成一个返回到前台,
* * 如果有就从请求头里面取出来
*/
public class TokenWebSessionManager extends DefaultWebSessionManager {
protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
//从头里面得到请求TOKEN 如果不存在就生成一个
String token= WebUtils.toHttp(request).getHeader(Constants.TOKEN);
if(StringUtils.hasText(token)){
return token;
}else{
return UUID.randomUUID().toString();
}
}
}