springboot整合shiro+thymeleaf的配置
阿新 • • 發佈:2018-12-26
springboot整合shiro+thymeleaf的配置
pom檔案的依賴:
<!-- shiro --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.3.2</version> </dependency><!-- thmleaf模板依賴. --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>com.github.theborakompanioni</groupId> <artifactId>thymeleaf-extras-shiro</artifactId> <version>2.0.0</version> </dependency>
ShiroConfig檔案內容:
package com.learning.www.shiro.config; import org.apache.shiro.spring.LifecycleBeanPostProcessor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.DependsOn; import at.pollux.thymeleaf.shiro.dialect.ShiroDialect; import java.util.LinkedHashMap; import java.util.Map; import org.apache.shiro.mgt.SecurityManager; @Configuration public class ShiroConfig { @Bean public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) { // shiro工廠bean ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); // 必須設定 SecurityManager shiroFilterFactoryBean.setSecurityManager(securityManager); // setLoginUrl 如果不設定值,預設會自動尋找Web工程根目錄下的"/login.jsp"頁面 或 "/login" 對映 shiroFilterFactoryBean.setLoginUrl("/notLogin"); // 設定無許可權時跳轉的 url; shiroFilterFactoryBean.setUnauthorizedUrl("/notRole"); // 設定攔截器 Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>(); //遊客,開發許可權 filterChainDefinitionMap.put("/guest/**", "anon"); //測試,開發許可權 //filterChainDefinitionMap.put("/test/**", "anon"); //使用者,需要角色許可權 “user” filterChainDefinitionMap.put("/user/**", "roles[user]"); //管理員,需要角色許可權 “admin” filterChainDefinitionMap.put("/admin/**", "roles[admin]"); //開放登陸介面 filterChainDefinitionMap.put("/login", "anon"); //其餘介面一律攔截 //主要這行程式碼必須放在所有許可權設定的最後,不然會導致所有 url 都被攔截 filterChainDefinitionMap.put("/**", "authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); System.out.println("Shiro攔截器工廠類注入成功"); return shiroFilterFactoryBean; } /** * 自定義身份認證 realm; * <p> * 必須寫這個類,並加上 @Bean 註解,目的是注入 CustomRealm, * 否則會影響 CustomRealm類 中其他類的依賴注入 */ @Bean public CustomRealm customRealm() { return new CustomRealm(); } /** * 注入 securityManager */ @Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); // 設定realm. securityManager.setRealm(customRealm()); return securityManager; } /** * 開啟shiro aop註解支援. * 使用代理方式;所以需要開啟程式碼支援; * @param securityManager * @return */ @Bean public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){ return new LifecycleBeanPostProcessor(); } @Bean @DependsOn({"lifecycleBeanPostProcessor"}) public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){ DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator(); advisorAutoProxyCreator.setProxyTargetClass(true); return advisorAutoProxyCreator; } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){ AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor(); authorizationAttributeSourceAdvisor.setSecurityManager(securityManager); return authorizationAttributeSourceAdvisor; } /*** * 配置thymeleaf和shiro的依賴 * @return */ @Bean public ShiroDialect createDialect(){ return new ShiroDialect(); } }
前端測試:
<!DOCTYPE html> <html> <head> <meta charset="UTF-8" xmlns:th="http://www.thymeleaf.org" xmlns:shiro="http://www.pollix.at/thymeleaf/shiro"> <title>Insert title here</title> </head> <body> 登入成功! <h2 shiro:hasPermission="test">有這個許可權啊</h2> </body> </html>
測試結果:
1.shiro:hasPermission="go"時,不顯示 有這個許可權
2.shiro:hasPermission="test"時,顯示 有這個許可權