【6】shiro示例代码
坐标<!--shiro和spring整合--><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring</artifactId><version>1.3.2</version></dependency><!--shiro核心包--><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.3.2</version></dependency>配置文件：@Configurationpublic class ShiroConfig {//1.创建realm@Beanpublic PurviewRealm getRealm() {return new PurviewRealm();}//2.创建安全管理器@Beanpublic SecurityManager getSecurityManager(PurviewRealm realm) {DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();securityManager.setRealm(realm);return securityManager;}//3.配置shiro的过滤器工厂再web程序中，shiro进行权限控制全部是通过一组过滤器集合进行控制@Beanpublic ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {//1.创建过滤器工厂ShiroFilterFactoryBean filterFactory = new ShiroFilterFactoryBean();//2.设置安全管理器filterFactory.setSecurityManager(securityManager);//3.通用配置（跳转登录页面，为授权跳转的页面）filterFactory.setLoginUrl("/autherror");//跳转url地址//4.设置过滤器集合//key = 拦截的url地址//value = https://www.isolves.com/it/cxkf/kj/2022-09-19/过滤器类型Map filterMap = new LinkedHashMap<>();filterMap.put("/login", "anon");//当前请求地址可以匿名访问filterMap.put("/checkgroup/**", "authc");//当前请求地址必须认证之后可以访问//......//在过滤器工程内设置过滤器filterFactory.setFilterChainDefinitionMap(filterMap);return filterFactory;}/*** 开启aop注解支持** @param securityManager* @return*/@Beanpublic AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();advisor.setSecurityManager(securityManager);return advisor;}/*** 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions)** @return*/@Beanpublic DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();advisorAutoProxyCreator.setProxyTargetClass(true);return advisorAutoProxyCreator;}}realm/** * 自定义的realm */public class PurviewRealm extends AuthorizingRealm {public void setName(String name) {super.setName("purviewRealm");}@Autowiredprivate UserService userService;/*** 授权方法* 操作的时候，判断用户是否具有响应的权限* 一定先认证再授权* 先认证 -- 安全数据* 再授权 -- 根据安全数据获取用户具有的所有操作权限*/protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {//1.获取已认证的用户数据User user = (User) principalCollection.getPrimaryPrincipal();//得到唯一的安全数据//2.根据用户数据获取用户的权限信息（所有角色，所有权限）Set<String> roles = new HashSet<>();//所有角色Set<String> perms = new HashSet<>();//所有权限for (Role role : user.getRoles()) {roles.add(role.getName());for (Permission perm : role.getPermissions()) {perms.add(perm.getCode());}}SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();info.setStringPermissions(perms);info.setRoles(roles);return info;}/*** 认证方法* 参数：传递的用户名密码*/protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {//1.获取登录的用户名密码（token）UsernamePasswordToken upToken = (UsernamePasswordToken) authenticationToken;String username = upToken.getUsername();//用户录入的账号//2.根据用户名查询数据库//MyBatis情景下:user对象中包含ID，name，pwd(匿名)//JPA情景下:user对象中包含ID，name，pwd(匿名)，set<角色>，set<权限>User user = userService.findByName(username);//3.判断用户是否存在或者密码是否一致if (user != null) {//4.如果一致返回安全数据//构造方法：安全数据，密码(匿名)，混淆字符串(salt),realm域名SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), this.getName());return info;}//5.不一致，返回null（抛出异常）return null;}/*** @param* @return bean标签 init-method属性* @Description 自定义密码比较器*/@PostConstructpublic void initCredentialsMatcher() {//指定密码算法HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(DigestsUtil.SHA1);//指定迭代次数hashedCredentialsMatcher.setHashIterations(DigestsUtil.COUNTS);//生效密码比较器setCredentialsMatcher(hashedCredentialsMatcher);}}为需要权限的接口加上注解@PostMApping("/findPage")@RequiresPermissions("group-find")//需要group-find权限访问public PageResult findPage(@RequestBody QueryPageBean queryPageBean) {PageResult pageResult = checkGroupService.pageQuery(queryPageBean);return pageResult;}