引入相关pom

        <dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency> <dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-cache</artifactId>
</dependency> <dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-web-starter</artifactId>
<version>1.4.1</version>
</dependency> <dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.4.1</version>
</dependency>

配置properties

shiro.loginUrl=/login
shiro.unauthorizedUrl=/403 spring.redis.host=127.0.0.1
spring.redis.port=6379
spring.redis.password=123456
spring.redis.timeout=2000

编写ShiroConfig 配置类

    @Bean
public Realm realm(){
UserRealm userRealm = new UserRealm();
userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return userRealm;
} @Bean
@DependsOn({"lifecycleBeanPostProcessor"})
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator autoProxyCreator = new DefaultAdvisorAutoProxyCreator();
/**
* 处理@RequiresRole等shiro注解失效问题
*/
//autoProxyCreator.setUsePrefix(true);
autoProxyCreator.setProxyTargetClass(true);
return autoProxyCreator;
} @Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
return authorizationAttributeSourceAdvisor;
} @Bean
public ShiroFilterChainDefinition shiroFilterChainDefinition(){
DefaultShiroFilterChainDefinition chain = new DefaultShiroFilterChainDefinition();
Map<String,String> pathDefinitions = new LinkedHashMap<>();
pathDefinitions.put("/loginDo","anon");
pathDefinitions.put("/**","user");
//authc user anon
chain.addPathDefinitions(pathDefinitions);
return chain;
} /**
* 密码验证
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
RetryLimitHashedCredentialsMatcher credentialsMatcher = new RetryLimitHashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName("MD5");
credentialsMatcher.setHashIterations(3);
credentialsMatcher.setStoredCredentialsHexEncoded(true);
return credentialsMatcher;
} @Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
return new LifecycleBeanPostProcessor();
} @Bean
public RedisCacheSessionDAO redisCacheSessionDAO(){
RedisCacheSessionDAO redisCacheSessionDAO = new RedisCacheSessionDAO();
return redisCacheSessionDAO;
} @Bean
public SessionManager sessionManager(){
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setGlobalSessionTimeout(1000 * 60 * 30);
sessionManager.setSessionIdCookieEnabled(true);
sessionManager.setSessionIdCookie(sessionIdCookie());
//sessionManager.setSessionDAO(new EnterpriseCacheSessionDAO());
sessionManager.setSessionDAO(redisCacheSessionDAO());
sessionManager.setDeleteInvalidSessions(true);//删除过期session
sessionManager.setSessionValidationSchedulerEnabled(true);//定期检查session
return sessionManager;
} @Bean(name = "ehCacheManager")
public EhCacheManager ehCacheManager(){
EhCacheManager ehCacheManager = new EhCacheManager();
return ehCacheManager;
} @Bean(name = "sessionIdCookie")
public SimpleCookie sessionIdCookie(){
SimpleCookie cookie = new SimpleCookie("sid");
cookie.setHttpOnly(true);
cookie.setMaxAge(-1);//关闭浏览器就过期了 这里也可以设置下过期时间,尽量不重新生成新的sessionId
return cookie;
} @Bean(name = "rememberMeCookie")
public SimpleCookie rememberMeCookie(){
SimpleCookie cookie = new SimpleCookie("rememberMe");
cookie.setHttpOnly(true);
cookie.setPath("/notify");
cookie.setMaxAge(2592000);//30天有效期
return cookie;
} @Bean(name = "rememberMeManager")
public CookieRememberMeManager cookieRememberMeManager(){
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCipherKey(Base64.decode("A7UzJgh1+EWj5oBFi+mSgw=="));
cookieRememberMeManager.setCookie(rememberMeCookie());
return cookieRememberMeManager;
} @Bean
public FormAuthenticationFilter formAuthenticationFilter(){
FormAuthenticationFilter filter = new FormAuthenticationFilter();
filter.setUsernameParam("username");
filter.setPasswordParam("password");
filter.setRememberMeParam("rememberMe");
filter.setLoginUrl("/login");
return filter;
}

编写RedisCacheSessionDAO

public class RedisCacheSessionDAO extends EnterpriseCacheSessionDAO {

    private static final Logger log = LoggerFactory.getLogger(RedisCacheSessionDAO.class);

    // Session超时时间,单位为秒
private long expireTime = 3600; @Autowired
private RedisTemplate redisTemplate; public RedisCacheSessionDAO() {
super();
} @Override
protected Serializable doCreate(Session session) {
Serializable sessionId = generateSessionId(session);
assignSessionId(session,sessionId);
redisTemplate.opsForValue().set(sessionId, session, expireTime, TimeUnit.SECONDS);
return sessionId;
} @Override
protected Session doReadSession(Serializable sessionId) {
if(sessionId == null){
return null;
}
//这里一定要在redis拿到session返回,不然在记住账号(remeberMe=true)的情况下一直生成新的session,不记住账号的情况下登录不上session倒是没少生成 单机下这里返回空是没啥问题的
return (Session) redisTemplate.opsForValue().get(sessionId);
} @Override
protected void doUpdate(Session session) {
super.doUpdate(session);
if(session == null){
return;
}
session.setTimeout(expireTime * 1000);
redisTemplate.opsForValue().set(session.getId(), session, expireTime, TimeUnit.SECONDS);
} @Override
protected void doDelete(Session session) {
super.doDelete(session);
if(session == null){
return;
}
redisTemplate.opsForValue().getOperations().delete(session.getId());
} public long getExpireTime() {
return expireTime;
} public void setExpireTime(long expireTime) {
this.expireTime = expireTime;
} public RedisTemplate getRedisTemplate() {
return redisTemplate;
} public void setRedisTemplate(RedisTemplate redisTemplate) {
this.redisTemplate = redisTemplate;
}
}

cipherKey   字符串生成策略  Base64.decode的字符串参数

KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128,new SecureRandom("spring-boot-0.0.1".getBytes()));
SecretKey secretKey =keyGenerator.generateKey();
SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(),"AES");
//cipherKey
System.out.println(new String(Base64.encode(secretKeySpec.getEncoded())));

springboot shiro ehcache redis 简单使用的更多相关文章

  1. 修改记录-优化后(springboot+shiro+session+redis+ngnix共享)

    1.普通用户实现redis共享session 1.配置 #cache指定缓存类型 spring.cache.type=REDIS #data-redis spring.redis.database=1 ...

  2. SpringBoot中整合Redis、Ehcache使用配置切换 并且整合到Shiro中

    在SpringBoot中Shiro缓存使用Redis.Ehcache实现的两种方式实例 SpringBoot 中配置redis作为session 缓存器. 让shiro引用 本文是建立在你是使用这sh ...

  3. springboot之集成mybatis mongo shiro druid redis jsp

    闲来无事,研究一下spingboot  发现好多地方都不一样了,第一个就是官方默认不支持jsp  于是开始狂找资料  终于让我找到了 首先引入依赖如下: <!-- tomcat的支持.--> ...

  4. SpringBoot+Shiro+Redis共享Session入门小栗子

    在单机版的Springboot+Shiro的基础上,这次实现共享Session. 这里没有自己写RedisManager.SessionDAO.用的 crazycake 写的开源插件 pom.xml ...

  5. springboot+shiro+redis(单机redis版)整合教程-续(添加动态角色权限控制)

    相关教程: 1. springboot+shiro整合教程 2. springboot+shiro+redis(单机redis版)整合教程 3. springboot+shiro+redis(集群re ...

  6. springboot+shiro+redis(集群redis版)整合教程

    相关教程: 1. springboot+shiro整合教程 2. springboot+shiro+redis(单机redis版)整合教程 3.springboot+shiro+redis(单机red ...

  7. springboot+shiro+redis(单机redis版)整合教程

    相关教程: 1. springboot+shiro整合教程 2. springboot+shiro+redis(集群redis版)整合教程 3.springboot+shiro+redis(单机red ...

  8. Shiro经过Redis管理会话实现集群(转载)

    原文:http://www.myexception.cn/software-architecture-design/1815507.html Shiro通过Redis管理会话实现集群 写在前面 1.在 ...

  9. 由浅入深学习springboot中使用redis

    很多时候,我们会在springboot中配置redis,但是就那么几个配置就配好了,没办法知道为什么,这里就详细的讲解一下 这里假设已经成功创建了一个springboot项目. redis连接工厂类 ...

随机推荐

  1. sed使用案例

    简介: sed是一种流编辑器,它是文本处理中非常重要的工具,能够完美的配合正则表达式使用,功能不同凡响.处理时,把当前处理的行存储在临时缓冲区中,称为“模式空间”(pattern space),接着用 ...

  2. const成员函数返回*this

    #include <iostream> using namespace std; class A{ public: A &set(char); const A &displ ...

  3. Java学生管理系统(IO版)

    图解: cade: student.java /* * 这是我的学生类 */ public class Student { //学号 private String id; //姓名 private S ...

  4. 根据pdf文件获取标题等信息

    根据 kdd2019的 pdf文件, 生成索引文档. 代码如下: for fname in ` ls pdfs/*.pdf`; do title=$(mdls -name kMDItemTitle - ...

  5. mybatis-地区三表生成地区树

    package com.dhht.manager.vo.area; import lombok.Data; import java.io.Serializable;import java.util.L ...

  6. 为什么声明了int型的变量并且直接初始化后,int型变量的地址一直在变化?

    /************************************************************************* > File Name: ptr_varia ...

  7. ftp限制

    /etc/hosts.deny /etc/vsftpd/user_list 从2.3.5之后,vsftpd增强了安全检查,如果用户被限定在了其主目录下,则该用户的主目录不能再具有写权限了!如果检查发现 ...

  8. Vue动画封装

    <head> <meta charset="UTF-8"> <title>Title</title> <script src= ...

  9. h5-sessionStorage储存的使用

    <!-- sessionStorage的使用:存储数据到本地.存储的容量5mb左右 1.这个数据本质是储存在当前页面的内存中 2.他的生命周期为关闭当前页面,关闭页面,数据会自动清楚 setTt ...

  10. Hibernate(三)--关联映射

    1.多对一 product----category category.hbm.xml <?xml version="1.0"?> <!DOCTYPE hibern ...