如何使用 Spring Boot 配置 Shiro [英] How to configure Shiro with Spring Boot
问题描述
我有一个 Spring MVC Web 应用程序,它使用使用 Spring 配置而不是 shiro.ini 的 Shiro 身份验证.
I have a Spring MVC web application that uses Shiro authentication using Spring configuration rather than a shiro.ini.
我想过渡到 Spring Boot 应用程序.
I want to transition to a Spring Boot application.
我主要是成功的.应用程序在 Spring Boot 中启动,我的 Shiro 环境得到设置.但是我就是不知道如何正确设置 Shiro 过滤器.我需要这样做以确保请求最终由正确的线程处理.
I have been mainly successful. The application starts in Spring Boot and my Shiro environment gets setup. However I just cannot work out how to setup the Shiro Filter correctly. I need this to be working to make sure requests end up being handled by the correct thread.
在原始应用程序中,我在 web.xml 中配置了 Shiro 过滤器,如下所示:
In the original app I configured the Shiro Filter in the web.xml like this:
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
我尝试使用这样的 Java 配置来复制它:
I have tried replicate this using a Java Config like this:
@Autowired
private WebSecurityManager webSecurityManager;
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean() {
ShiroFilterFactoryBean shiroFilterFactoryBean = new org.apache.shiro.spring.web.ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(webSecurityManager);
return shiroFilterFactoryBean;
}
@Bean
public org.apache.shiro.spring.LifecycleBeanPostProcessor lifecycleBeanPostProcessor()
{
return new org.apache.shiro.spring.LifecycleBeanPostProcessor();
}
@Bean
public Filter shiroFilter()
{
DelegatingFilterProxy filter = new DelegatingFilterProxy();
filter.setTargetBeanName("shiroFilterFactoryBean");
filter.setTargetFilterLifecycle(true);
return filter;
}
但是,我无法将所有内容组合在一起,也没有足够的知识来解决问题.我只是看不到将过滤器连接到环境.我猜这与设置的顺序有关.
However I just cannot get everything to fit together and don't have enough knowledge to sort it out. I just can't see to connect the filter to the environment. I would guess it is something to do with the order things are setup.
有没有人成功地将 Spring Boot 和 Shiro 一起使用?
Has anyone managed to use Spring Boot and Shiro together successfully?
推荐答案
好吧,好像少了点什么,java config是这样的:
Well, it seems that the lack of something, java config like this:
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import org.apache.shiro.realm.text.PropertiesRealm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.web.filter.authc.AnonymousFilter;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.filter.authc.UserFilter;
import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.mgt.WebSecurityManager;
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilter() {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setLoginUrl("/login");
shiroFilter.setSuccessUrl("/index");
shiroFilter.setUnauthorizedUrl("/forbidden");
Map<String, String> filterChainDefinitionMapping = new HashMap<String, String>();
filterChainDefinitionMapping.put("/", "anon");
filterChainDefinitionMapping.put("/home", "authc,roles[guest]");
filterChainDefinitionMapping.put("/admin", "authc,roles[admin]");
shiroFilter.setFilterChainDefinitionMap(filterChainDefinitionMapping);
shiroFilter.setSecurityManager(securityManager());
Map<String, Filter> filters = new HashMap<String, Filter>();
filters.put("anon", new AnonymousFilter());
filters.put("authc", new FormAuthenticationFilter());
filters.put("logout", new LogoutFilter());
filters.put("roles", new RolesAuthorizationFilter());
filters.put("user", new UserFilter());
shiroFilter.setFilters(filters);
System.out.println(shiroFilter.getFilters().size());
return shiroFilter;
}
@Bean(name = "securityManager")
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(realm());
return securityManager;
}
@Bean(name = "realm")
@DependsOn("lifecycleBeanPostProcessor")
public PropertiesRealm realm() {
PropertiesRealm propertiesRealm = new PropertiesRealm();
propertiesRealm.init();
return propertiesRealm;
}
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
https://github.com/lenicliu/eg-spring/tree/master/eg-spring-boot/eg-spring-boot-shiro
这篇关于如何使用 Spring Boot 配置 Shiro的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!