其实只要知道shiro和spring整合,那么使用springboot也就一样,通过springboot则是将之前的一堆复杂的配置,全部写到代码中去,同样作为maven项目,对应的pom文件如下:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.6.RELEASE</version>
<relativePath></relativePath>
</parent>
<properties>
<java.version>1.8</java.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<shiro.version>1.4.0-RC2</shiro.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
</dependencies>
其次就是shiro spring配置,当然 目前没有增加太多配置,但是原理都是一样的:
@Configuration
public class ShiroConfiguration {
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(getSecurityManager());
shiroFilterFactoryBean.setLoginUrl("login.html");
shiroFilterFactoryBean.setSuccessUrl("index.html");
Map<String, String> shiroFilterChainDefinitionMap = new LinkedHashMap<String,String>();
shiroFilterChainDefinitionMap.put("/dologin","anon");
shiroFilterChainDefinitionMap.put("/login.html","anon");
shiroFilterChainDefinitionMap.put("/index.html","authc");
shiroFilterChainDefinitionMap.put("/logout","anon");
shiroFilterChainDefinitionMap.put("/**","authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(shiroFilterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean("securityManager")
public SecurityManager getSecurityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
Collection<Realm> realms = new ArrayList<Realm>();
((ArrayList<Realm>) realms).add(new DefaultRealm());
securityManager.setRealms(realms);
return securityManager;
}
@Bean
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor(){
LifecycleBeanPostProcessor lifecycleBeanPostProcessor = new LifecycleBeanPostProcessor();
return lifecycleBeanPostProcessor;
}
}
其余的就是realm的定义,这些都是和spring一样使用,没什么特别的,最终的问题基本上都是对springboot的使用,因为平时用的springmvc比较多,那么如果将springboot配置成springmvc的使用模式,则需要相关的配置加以支持。如果使用相关的模板方式,则一样通过配置对应的过滤器完成即可。
整体的代码量比较少,由于springboot提供了相关的支持。
git地址:shiro springboot