Spring Boot 添加Shiro支持
前言:
Shiro是一个权限、会话管理的开源Java安全框架;Spring Boot集成Shiro后可以方便的使用Session;
工程概述:
(工程结构图)
一、建立Spring Boot工程
参照http://www.cnblogs.com/liangblog/p/5207855.html 建立一个SpringBoot工程;
二、修改pom.xml,引入所需jar包
- <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>com.ddd</groupId>
- <artifactId>programme</artifactId>
- <version>0.0.1</version>
- <packaging>jar</packaging>
- <name>programme</name>
- <url>http://maven.apache.org</url>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- </properties>
- <parent>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-parent</artifactId>
- <version>1.4.2.RELEASE</version>
- </parent>
- <dependencies>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-web</artifactId>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.data</groupId>
- <artifactId>spring-data-commons</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.data</groupId>
- <artifactId>spring-data-jpa</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.data</groupId>
- <artifactId>spring-data-jdbc-core</artifactId>
- <version>1.2.1.RELEASE</version>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-annotations</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpcore</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpmime</artifactId>
- </dependency>
- <dependency>
- <groupId>mysql</groupId>
- <artifactId>mysql-connector-java</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-jdbc</artifactId>
- </dependency>
- <dependency>
- <groupId>javax</groupId>
- <artifactId>javaee-api</artifactId>
- <version>7.0</version>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-spring</artifactId>
- <version>1.2.3</version>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-cas</artifactId>
- <version>1.2.3</version>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-ehcache</artifactId>
- <version>1.2.3</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-jdbc</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-core</artifactId>
- <version>1.2.3</version>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-web</artifactId>
- <version>1.2.3</version>
- </dependency>
- <dependency>
- <groupId>org.jasig.cas.client</groupId>
- <artifactId>cas-client-core</artifactId>
- <version>3.4.1</version>
- </dependency>
- </dependencies>
- <!-- Package as an executable jar -->
- <build>
- <defaultGoal>compile</defaultGoal>
- <plugins>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- </plugin>
- </plugins>
- </build>
- <!-- Add Spring repositories -->
- <!-- (you don't need this if you are using a .RELEASE version) -->
- <!--
- <repositories>
- <repository>
- <id>spring-snapshots</id>
- <url>http://repo.spring.io/snapshot</url>
- <snapshots><enabled>true</enabled></snapshots>
- </repository>
- <repository>
- <id>spring-milestones</id>
- <url>http://repo.spring.io/milestone</url>
- </repository>
- </repositories>
- <pluginRepositories>
- <pluginRepository>
- <id>spring-snapshots</id>
- <url>http://repo.spring.io/snapshot</url>
- </pluginRepository>
- <pluginRepository>
- <id>spring-milestones</id>
- <url>http://repo.spring.io/milestone</url>
- </pluginRepository>
- </pluginRepositories>
- -->
- </project>
pom.xml
主要引入日志、数据库,shrio相关的jar包
三、添加配置文件和日志文件
配置文件需要放到resource文件夹下(指向classpath),并取名aplication.properties,工程会自动查找到文件配置信息
配置文件:
- displayname = pm
- server.port=8011
- server.session.timeout=1000
- server.tomcat.uri-encoding=UTF-8
- spring.datasource.url=jdbc:mysql://127.0.0.1:3306/test
- spring.datasource.username=root
- spring.datasource.password=123456
- spring.datasource.driver-class-name=com.mysql.jdbc.Driver
- spring.datasource.max-idle=10
- spring.datasource.max-wait=10000
- spring.datasource.min-idle=5
- spring.datasource.initial-size=5
- logging.config=classpath:pm-logback.xml
- logging.path=log
日志文件:
- <configuration scan="true" scanPeriod="10 seconds">
- <include resource="org/springframework/boot/logging/logback/base.xml" />
- <!-- 日志的级别:debug,info,warn,error -->
- <appender name="INFO_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>DEBUG</level>
- </filter>
- -->
- <File>${LOG_PATH}/info.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${LOG_PATH}/pm-info-%d{yyyyMMdd}.log.%i</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>100MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>2</maxHistory>
- </rollingPolicy>
- <layout class="ch.qos.logback.classic.PatternLayout">
- <Pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} -%msg%n
- </Pattern>
- </layout>
- </appender>
- <appender name="ERROR_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>ERROR</level>
- </filter>
- <File>${LOG_PATH}/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${LOG_PATH}/pm-error-%d{yyyyMMdd}.log.%i
- </fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>100MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>2</maxHistory>
- </rollingPolicy>
- <layout class="ch.qos.logback.classic.PatternLayout">
- <Pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} -%msg%n
- </Pattern>
- </layout>
- </appender>
- <root level="INFO">
- <appender-ref ref="INFO_FILE" />
- <appender-ref ref="ERROR_FILE" />
- </root>
- </configuration>
pm-logback.xml
部署工程时可以放到工程jar所在文件夹内,部署的工程会自动找到文件;
四、添加Shiro支持功能:
1、新建shiro配置类,Shiro的主要配置信息都在此文件内实现;
- package com.ddd.program.config;
- import java.util.ArrayList;
- import java.util.Collection;
- import java.util.LinkedHashMap;
- import java.util.Map;
- import org.apache.shiro.cache.ehcache.EhCacheManager;
- import org.apache.shiro.mgt.SecurityManager;
- import org.apache.shiro.session.SessionListener;
- import org.apache.shiro.session.mgt.SessionManager;
- import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
- import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
- import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- @Configuration
- public class ShiroConfiguration {
- /**
- * ShiroFilterFactoryBean 处理拦截资源文件问题。
- * 注意:单独一个ShiroFilterFactoryBean配置是或报错的
- * 初始化ShiroFilterFactoryBean的时候需要注入:SecurityManager
- */
- @Bean
- public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
- ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
- // 必须设置 SecurityManager
- shiroFilterFactoryBean.setSecurityManager(securityManager);
- // 拦截器.
- Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
- //filterChainDefinitionMap.put("/page/*", "authc");
- // 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了
- //filterChainDefinitionMap.put("/security/logoff", "logout");
- shiroFilterFactoryBean.setLoginUrl("/#/login");
- // 未授权界面;
- shiroFilterFactoryBean.setUnauthorizedUrl("/403");
- shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
- return shiroFilterFactoryBean;
- }
- @Bean
- public SecurityManager securityManager() {
- DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
- MyRealm myRealm = new MyRealm();
- securityManager.setRealm(myRealm);
- securityManager.setSessionManager(sessionManager());
- securityManager.setCacheManager(ehCacheManager());
- return securityManager;
- }
- @Bean
- public SessionManager sessionManager() {
- DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
- Collection<SessionListener> listeners = new ArrayList<SessionListener>();
- listeners.add(new MySessionListener());
- sessionManager.setSessionListeners(listeners);
- return sessionManager;
- }
- @Bean
- public EhCacheManager ehCacheManager() {
- EhCacheManager ehCacheManager = new EhCacheManager();
- //ehCacheManager.setCacheManagerConfigFile("classpath:encache.xml");
- return ehCacheManager;
- }
- }
2、新建登录验证和Session监听的类(上面的类所需要的两个类)
登录相关:
- package com.ddd.program.config;
- import org.apache.shiro.authc.AuthenticationException;
- import org.apache.shiro.authc.AuthenticationInfo;
- import org.apache.shiro.authc.AuthenticationToken;
- import org.apache.shiro.authc.SimpleAuthenticationInfo;
- import org.apache.shiro.authc.UnknownAccountException;
- import org.apache.shiro.authc.UsernamePasswordToken;
- import org.apache.shiro.authz.AuthorizationInfo;
- import org.apache.shiro.authz.SimpleAuthorizationInfo;
- import org.apache.shiro.realm.AuthorizingRealm;
- import org.apache.shiro.subject.PrincipalCollection;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import com.cdv.nsite.program.model.AppUser;
- import com.cdv.nsite.program.services.impl.AppUserServiceImpl;
- public class MyRealm extends AuthorizingRealm {
- private final static Logger logger = LoggerFactory.getLogger(MyRealm.class);
- @Override
- protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
- logger.debug("登录验证后进行权限认证....");
- SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
- return info;
- }
- @Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
- logger.debug("登录操作进行登录认证......");
- UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
- AppUser user = SpringContextUtils.getBean(AppUserServiceImpl.class).getUserByName(token.getUsername());
- if (user == null) {
- // 没找到帐号
- throw new UnknownAccountException(
- "没有在本系统中找到对应的用户信息。");
- }
- //简单验证
- SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
- user.getUsername(),user.getPassword(),getName());
- return info;
- }
- }
MyRealm.java
Session相关:
- package com.ddd.program.config;
- import java.util.concurrent.atomic.AtomicInteger;
- import org.apache.shiro.session.Session;
- import org.apache.shiro.session.SessionListener;
- import org.springframework.stereotype.Component;
- @Component
- public class MySessionListener implements SessionListener {
- private final AtomicInteger sessionCount = new AtomicInteger(0);
- @Override
- public void onStart(Session session) {
- sessionCount.incrementAndGet();
- System.out.println("登录+1=="+sessionCount.get());
- }
- @Override
- public void onStop(Session session) {
- sessionCount.decrementAndGet();
- System.out.println("登录退出-1=="+sessionCount.get());
- }
- @Override
- public void onExpiration(Session session) {
- sessionCount.decrementAndGet();
- System.out.println("登录过期-1=="+sessionCount.get());
- }
- public int getSessionCount() {
- return sessionCount.get();
- }
- }
MySessionListener.java
3、添加静态页面:
在resource文件夹下新建static或public文件夹,工程会默认找static文件夹下的index.*,没有在找public文件夹下的index.*;
4、新建登录的接口和实现
完整代码---> https://github.com/liangguang/springboot_18
结述:
以上代码只是个例子,主要是获得登录的Session用作其他用途;
---------------------------------------------------添加热部署支持-----------------------
- <!-- 模板引擎 暂时不用 -->
- <!-- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-thymeleaf</artifactId>
- </dependency> -->
- <!--
- devtools可以实现热部署。devtools会监听classpath下的文件变动,并且会立即重启应用(发生在保存时机),注意:因为其采用的虚拟机机制,该项重启是很快的
- 如果设置SpringApplication.setRegisterShutdownHook(false),则自动重启将不起作用。
- 设置 spring.devtools.restart.enabled 属性为false,可以关闭该特性。
- -->
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-devtools</artifactId>
- <optional>true</optional>
- <!-- optional=true,依赖不会传递,-->
- </dependency>
添加devtools依赖
- spring.devtools.restart.enabled = true
application.properties中添加配置项;
Spring Boot 添加Shiro支持的更多相关文章
- Spring Boot 添加JSP支持【转】
Spring Boot 添加JSP支持 大体步骤: (1) 创建Maven web project: (2) 在pom.xml文件添加依赖: (3) ...
- (19)Spring Boot 添加JSP支持【从零开始学Spring Boot】
[来也匆匆,去也匆匆,在此留下您的脚印吧,转发点赞评论: 您的认可是我最大的动力,感谢您的支持] 看完本文章您可能会有些疑问,可以查看之后的一篇博客: 81. Spring Boot集成JSP疑问[从 ...
- 19. Spring Boot 添加JSP支持【从零开始学Spring Boot】
转:http://blog.csdn.net/linxingliang/article/details/52017140 这个部分比较复杂,所以单独创建一个工程来进行讲解: 大体步骤: (1) ...
- Spring boot 加入shiro支持
在项目添加依赖 <!-- shiro spring. --> <dependency> <groupId>org.apache.shiro</groupId& ...
- spring boot 添加jsp支持注意事项
1.一定要使用war包<packaging>war</packaging>2.将provided改为compile,具体如下: <dependency> <g ...
- 快速搭建Spring Boot + Apache Shiro 环境
个人博客网:https://wushaopei.github.io/ (你想要这里多有) 一.Apache Shiro 介绍及概念 概念:Apache Shiro是一个强大且易用的Java安全框 ...
- Spring Boot 集成Shiro和CAS
Spring Boot 集成Shiro和CAS 标签: springshirocas 2016-01-17 23:03 35765人阅读 评论(22) 收藏 举报 分类: Spring(42) 版 ...
- Spring Boot 整合 Shiro ,两种方式全总结!
在 Spring Boot 中做权限管理,一般来说,主流的方案是 Spring Security ,但是,仅仅从技术角度来说,也可以使用 Shiro. 今天松哥就来和大家聊聊 Spring Boot ...
- Springboot 系列(十七)迅速使用 Spring Boot Admin 监控你的 Spring Boot 程序,支持异常邮件通知
1. Spring Boot Admin 是什么 Spring Boot Admin 是由 codecentric 组织开发的开源项目,使用 Spring Boot Admin 可以管理和监控你的 S ...
随机推荐
- jQuery静态方法isPlainObject,isEmptyObject方法使用和源码分析
isPlainObject方法 测试对象是否是纯粹的对象(通过 "{}" 或者 "new Object" 创建的) 示例: //测试是否为纯粹的对象 jQuer ...
- 轻松掌握:JavaScript单例模式
单例模式 定义:保证一个对象(类)仅有一个实例,并提供一个访问它的全局访问点: 实现原理:利用闭包来保持对一个局部变量的引用,这个变量保存着首次创建的唯一的实例; 主要用于:全局缓存.登录浮窗等只需要 ...
- 奇妙的CSS之布局与定位
前言 关于布局与定位是Web前端开发里非常基础而又重要的部分.介绍相关知识的文章,很容易就可以找到.虽然,这方面的知识点不是很多,但我们如果不弄清楚,在运用时候往往会出现预料之外的布局,这些“意外”有 ...
- SharePoint 2013 激活标题字段外的Menu菜单
前言 SharePoint 有个很特别的字段,就是标题(Title)字段,无论想要链接到项目,还是弹出操作项目的菜单,都是通过标题字段,一直以来需要的时候,都是通过将标题字段改名进行的. 其实,Sha ...
- iOS之 block,代替代理作为回调函数
最近在弄一个视频会议的项目,但今天要说的跟视频基本没关系,我们来说一下在一个view中创建一个button,在controller中加载这个view 当button被点击后将时间响应传递给contro ...
- Python之基础
# 需要导入字符编码,否则遇到中文会报错 # coding=utf-8 # 1 定义变量 a = 10 b = 2 c = a+b print(c) # 2 判断语句 score = 90 if sc ...
- tomcat 应用部署的几点注意
将应用部署到Tomcat根目录的目的是可以通过"http://[ip]:[port]"直接访问应用,而不是使用"http://[ip]:[port]/[appName]& ...
- sp_executesql得到执行sql语句的返回值
执行 sql语句,得到 变量的值 ' declare @Partition int; ); ); SET @SQLString = N'SELECT @RangeKeyOUT = $PARTITION ...
- linux中位置参数变量和预定义变量
位置参数变量 预定义变量
- [转]Python 字符串操作实现代码(截取/替换/查找/分割)
原文地址:http://www.jb51.net/article/38102.htm ps:好久没更新python代码了,这次用到了字符串,转来看看 Python 截取字符串使用 变量[头下标:尾下标 ...