spring boot 整合 shiro 权限框架 / 开普饭

1.配置 pom

<shiro.version>1.4.0</shiro.version>

       <!--shiro start-->    <dependency>      <groupId>org.apache.shiro</groupId>      <artifactId>shiro-core</artifactId>      <version>${shiro.version}</version>    </dependency>    <dependency>      <groupId>org.apache.shiro</groupId>      <artifactId>shiro-web</artifactId>      <version>${shiro.version}</version>    </dependency>    <dependency>      <groupId>org.apache.shiro</groupId>      <artifactId>shiro-ehcache</artifactId>      <version>${shiro.version}</version>    </dependency>    <dependency>      <groupId>org.apache.shiro</groupId>      <artifactId>shiro-spring</artifactId>      <version>${shiro.version}</version>    </dependency><!--shiro end-->

2. MyShiroRealm.java

package org.fh.realm;

import java.util.Collection;import java.util.HashSet;

import org.apache.shiro.authc.*;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.authz.SimpleAuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.session.Session;import org.apache.shiro.subject.PrincipalCollection;import org.fh.service.system.UsersService;import org.fh.util.Const;import org.fh.util.Jurisdiction;import org.fh.entity.PageData;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Lazy;

/** * 说明：Shiro身份认证 * 作者：FH * From：www.fhadmin.org */public class MyShiroRealm extends AuthorizingRealm {

    @Autowired    @Lazy    private UsersService usersService;    /**     * 登录认证     */    @Override    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken; //UsernamePasswordToken用于存放提交的登录信息    PageData pd = new PageData();    pd.put("USERNAME", token.getUsername());try {pd = usersService.findByUsername(pd);if (pd != null){    return new SimpleAuthenticationInfo(pd.getString("USERNAME"), pd.getString("PASSWORD"), getName());        }} catch (Exception e) {return null;}return null;    }@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {String USERNAME = (String) super.getAvailablePrincipal(principals);SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();Session session = Jurisdiction.getSession();Collection<String> shiroSet= new HashSet<String>();shiroSet = (Collection<String>)session.getAttribute(USERNAME + Const.SHIROSET);if(null != shiroSet){info.addStringPermissions(shiroSet);return info;}else {return null;}}

}

spring boot 整合 shiro 权限框架

相关推荐