Apache Shiro\u662fJava\u7684\u4e00\u4e2a\u5b89\u5168\u6846\u67b6\u3002\u529f\u80fd\u5f3a\u5927\uff0c\u4f7f\u7528\u7b80\u5355\u7684Java\u5b89\u5168\u6846\u67b6\uff0c\u5b83\u4e3a\u5f00\u53d1\u4eba\u5458\u63d0\u4f9b\u4e00\u4e2a\u76f4\u89c2\u800c\u5168\u9762\u7684\u8ba4\u8bc1\uff0c\u6388\u6743\uff0c\u52a0\u5bc6\u53ca\u4f1a\u8bdd\u7ba1\u7406\u7684\u89e3\u51b3\u65b9\u6848\u3002<\/p>\n
\u5b9e\u9645\u4e0a\uff0cShiro\u7684\u4e3b\u8981\u529f\u80fd\u662f\u7ba1\u7406\u5e94\u7528\u7a0b\u5e8f\u4e2d\u4e0e\u5b89\u5168\u76f8\u5173\u7684\u5168\u90e8\uff0c\u540c\u65f6\u5c3d\u53ef\u80fd\u652f\u6301\u591a\u79cd\u5b9e\u73b0\u65b9\u6cd5\u3002Shiro\u662f\u5efa\u7acb\u5728\u5b8c\u5584\u7684\u63a5\u53e3\u9a71\u52a8\u8bbe\u8ba1\u548c\u9762\u5411\u5bf9\u8c61\u539f\u5219\u4e4b\u4e0a\u7684\uff0c\u652f\u6301\u5404\u79cd\u81ea\u5b9a\u4e49\u884c\u4e3a\u3002Shiro\u63d0\u4f9b\u7684\u9ed8\u8ba4\u5b9e\u73b0\uff0c\u4f7f\u5176\u80fd\u5b8c\u6210\u4e0e\u5176\u4ed6\u5b89\u5168\u6846\u67b6\u540c\u6837\u7684\u529f\u80fd\uff01<\/p>\n
<\/p>\n
Shiro\u53ef\u4ee5\u975e\u5e38\u5bb9\u6613\u7684\u5f00\u53d1\u51fa\u8db3\u591f\u597d\u7684\u5e94\u7528\uff0c\u5176\u4e0d\u4ec5\u53ef\u4ee5\u7528\u5728JavaSE\u73af\u5883\uff0c\u4e5f\u53ef\u4ee5\u7528\u5728JavaEE\u73af\u5883\u3002Shiro\u53ef\u4ee5\u5e2e\u52a9\u6211\u4eec\u5b8c\u6210\uff1a\u8ba4\u8bc1\u3001\u6388\u6743\u3001\u52a0\u5bc6\u3001\u4f1a\u8bdd\u7ba1\u7406\u3001\u4e0eWeb\u96c6\u6210\u3001\u7f13\u5b58\u7b49\u3002Shiro\u57fa\u672c\u529f\u80fd\u70b9\uff1a<\/p>\n
\u8bb0\u4f4f\u4e00\u70b9\uff0cShiro\u4e0d\u4f1a\u53bb\u7ef4\u62a4\u7528\u6237\u3001\u7ef4\u62a4\u6743\u9650\uff1b\u8fd9\u4e9b\u9700\u8981\u6211\u4eec\u81ea\u5df1\u53bb\u8bbe\u8ba1\/\u63d0\u4f9b\uff1b\u7136\u540e\u901a\u8fc7\u76f8\u5e94\u7684\u63a5\u53e3\u6ce8\u5165\u7ed9Shiro\u5373\u53ef<\/strong>\u3002<\/p>\n Shiro\u5e94\u7528\u4ee3\u7801\u76f4\u63a5\u4ea4\u4e92\u7684\u5bf9\u8c61\u662fSubject\uff0c\u4e5f\u5c31\u662f\u8bf4Shiro\u7684\u5bf9\u5916API\u6838\u5fc3\u5c31\u662fSubject<\/strong>\u3002\u5176\u6bcf\u4e2aAPI\u7684\u542b\u4e49\uff1a<\/p>\n Subject\uff1a\u4e3b\u4f53<\/strong>\uff0c\u4ee3\u8868\u4e86\u5f53\u524d\u201c\u7528\u6237\u201d\uff0c\u8fd9\u4e2a\u7528\u6237\u4e0d\u4e00\u5b9a\u662f\u4e00\u4e2a\u5177\u4f53\u7684\u4eba\uff0c\u4e0e\u5f53\u524d\u5e94\u7528\u4ea4\u4e92\u7684\u4efb\u4f55\u4e1c\u897f\u90fd\u662fSubject\uff0c\u5982\u7f51\u7edc\u722c\u866b\uff0c\u673a\u5668\u4eba\u7b49\uff1b\u5373\u4e00\u4e2a\u62bd\u8c61\u6982\u5ff5\uff1b\u6240\u6709Subject\u90fd\u7ed1\u5b9a\u5230SecurityManager\uff0c\u4e0eSubject\u7684\u6240\u6709\u4ea4\u4e92\u90fd\u4f1a\u59d4\u6258\u7ed9SecurityManager\uff1b\u53ef\u4ee5\u628aSubject\u8ba4\u4e3a\u662f\u4e00\u4e2a\u95e8\u9762\uff1bSecurityManager\u624d\u662f\u5b9e\u9645\u7684\u6267\u884c\u8005\uff1b<\/p>\n<\/li>\n SecurityManager\uff1a\u5b89\u5168\u7ba1\u7406\u5668<\/strong>\uff1b\u5373\u6240\u6709\u4e0e\u5b89\u5168\u6709\u5173\u7684\u64cd\u4f5c\u90fd\u4f1a\u4e0eSecurityManager\u4ea4\u4e92\uff1b\u4e14\u5b83\u7ba1\u7406\u7740\u6240\u6709Subject\uff1b\u53ef\u4ee5\u770b\u51fa\u5b83\u662fShiro\u7684\u6838\u5fc3\uff0c\u5b83\u8d1f\u8d23\u4e0e\u540e\u8fb9\u4ecb\u7ecd\u7684\u5176\u4ed6\u7ec4\u4ef6\u8fdb\u884c\u4ea4\u4e92\uff0c\u53ef\u4ee5\u628a\u5b83\u770b\u6210SpringMVC\u7684DispatcherServlet\u524d\u7aef\u63a7\u5236\u5668\uff1b<\/p>\n<\/li>\n Realm\uff1a\u57df<\/strong>\uff0cShiro\u4eceRealm\u83b7\u53d6\u5b89\u5168\u6570\u636e\uff08\u5982\u7528\u6237\u3001\u89d2\u8272\u3001\u6743\u9650\uff09\uff0c\u5c31\u662f\u8bf4SecurityManager\u8981\u9a8c\u8bc1\u7528\u6237\u8eab\u4efd\uff0c\u90a3\u4e48\u5b83\u9700\u8981\u4eceRealm\u83b7\u53d6\u76f8\u5e94\u7684\u7528\u6237\u8fdb\u884c\u6bd4\u8f83\u4ee5\u786e\u5b9a\u7528\u6237\u8eab\u4efd\u662f\u5426\u5408\u6cd5\uff1b\u4e5f\u9700\u8981\u4eceRealm\u5f97\u5230\u7528\u6237\u76f8\u5e94\u7684\u89d2\u8272\/\u6743\u9650\u8fdb\u884c\u9a8c\u8bc1\u7528\u6237\u662f\u5426\u80fd\u8fdb\u884c\u64cd\u4f5c\uff1b\u53ef\u4ee5\u628aRealm\u770b\u6210DataSource\uff0c\u5373\u5b89\u5168\u6570\u636e\u6e90\u3002<\/p>\n<\/li>\n<\/ul>\n \u4e5f\u5c31\u662f\u8bf4\u5bf9\u4e8e\u6211\u4eec\u800c\u8a00\uff0c\u6700\u7b80\u5355\u7684\u4e00\u4e2aShiro\u5e94\u7528\uff1a<\/p>\n \uff081\uff09\u5e94\u7528\u4ee3\u7801\u901a\u8fc7Subject\u6765\u8fdb\u884c\u8ba4\u8bc1\u548c\u6388\u6743\uff0c\u800cSubject\u53c8\u59d4\u6258\u7ed9SecurityManager\uff1b \u4ece\u4ee5\u4e0a\u4e5f\u53ef\u4ee5\u770b\u51fa\uff0cShiro\u4e0d\u63d0\u4f9b\u7ef4\u62a4\u7528\u6237\/\u6743\u9650\uff0c\u800c\u662f\u901a\u8fc7Realm\u8ba9\u5f00\u53d1\u4eba\u5458\u81ea\u5df1\u6ce8\u5165\u3002<\/p>\n Shiro\u914d\u7f6e\u66f4\u52a0\u5bb9\u6613\u7406\u89e3\uff0c\u5bb9\u6613\u4e0a\u624b\uff1bSpring Security\u914d\u7f6e\u76f8\u5bf9\u6bd4\u8f83\u96be\u61c2<\/p>\n \u5728Spring\u7684\u73af\u5883\u4e0b\uff0cSpring Security\u6574\u5408\u6027\u66f4\u597d\u3002Shiro\u5bf9\u5f88\u591a\u5176\u4ed6\u7684\u6846\u67b6\u517c\u5bb9\u6027\u66f4\u597d\uff0c\u53f7\u79f0\u662f\u65e0\u7f1d\u96c6\u6210<\/p>\n Shiro\u4e0d\u4ec5\u4ec5\u53ef\u4ee5\u4f7f\u7528\u5728web\u4e2d\uff0c\u5b83\u53ef\u4ee5\u5de5\u4f5c\u5728\u4efb\u4f55\u5e94\u7528\u73af\u5883\u4e2d<\/p>\n \u5728\u96c6\u7fa4\u4f1a\u8bdd\u65f6Shiro\u6700\u91cd\u8981\u7684\u4e00\u4e2a\u597d\u5904\u6216\u8bb8\u5c31\u662f\u5b83\u7684\u4f1a\u8bdd\u662f\u72ec\u7acb\u4e8e\u5bb9\u5668\u7684<\/p>\n Shiro\u63d0\u4f9b\u7684\u5bc6\u7801\u52a0\u5bc6\u4f7f\u7528\u8d77\u6765\u975e\u5e38\u65b9\u4fbf<\/p>\n Shiro\u4e5f\u652f\u6301\u6ce8\u89e3\u65b9\u5f0f<\/p>\n \u6ce8\u89e3\u65b9\u5f0f\u63a7\u5236\u6743\u9650\u53ea\u80fd\u662f\u5728\u65b9\u6cd5\u4e0a\u63a7\u5236\uff0c\u65e0\u6cd5\u63a7\u5236\u7c7b\u7ea7\u522b\u8bbf\u95ee<\/p>\n \u8fc7\u6ee4\u5668\u65b9\u5f0f\u63a7\u5236\u662f\u6839\u636e\u8bbf\u95ee\u7684URL\u8fdb\u884c\u63a7\u5236\u3002\u5141\u8bb8\u4f7f\u7528*\u5339\u914dURL\uff0c\u6240\u4ee5\u53ef\u4ee5\u8fdb\u884c\u7c97\u7c92\u5ea6\uff0c\u4e5f\u53ef\u4ee5\u8fdb\u884c\u7ec6\u7c92\u5ea6\u63a7\u5236\u3002<\/p>\n \u867d\u7136\u9700\u8981\u914d\u7f6e10\u4e2a\u8fc7\u6ee4\u5668\uff0c\u4f46\u662f\u4f7f\u7528\u7684\u65f6\u5019\u53ea\u9700\u8981\u5728web.xml\u4e2d\u914d\u7f6e\u4e00\u4e2a\u5c31\u53ef\u4ee5\uff08DelegatingFulterProxy\uff09\uff0c\u5177\u4f53\u914d\u7f6e\u5982\u4e0b<\/p>\n \u5bc6\u7801\u6bd4\u8f83\u5668\uff0c\u7528\u4e8e\u7528\u6237\u767b\u5f55\u8eab\u4efd\u9a8c\u8bc1\uff0c\u7528md5\u52a0\u5bc6<\/p>\n Shiro\u7b80\u4ecb Apache Shiro\u662fJava\u7684\u4e00\u4e2a\u5b89\u5168\u6846\u67b6\u3002\u529f\u80fd\u5f3a\u5927\uff0c\u4f7f\u7528\u7b80\u5355\u7684Java\u5b89\u5168\u6846\u67b6\uff0c\u5b83\u4e3a\u5f00 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[43],"tags":[513],"class_list":["post-2051","post","type-post","status-publish","format-standard","hentry","category-java-basic","tag-shiro"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/2051","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=2051"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/2051\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=2051"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=2051"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=2051"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Shiro\u5de5\u4f5c\u539f\u7406<\/h2>\n
Shiro\u5916\u90e8\u67b6\u6784<\/h3>\n
\n
\n\uff082\uff09\u6211\u4eec\u9700\u8981\u7ed9Shiro\u7684SecurityManager\u6ce8\u5165Realm\uff0c\u4ece\u800c\u8ba9SecurityManager\u80fd\u5f97\u5230\u5408\u6cd5\u7684\u7528\u6237\u53ca\u5176\u6743\u9650\u8fdb\u884c\u5224\u65ad\u3002<\/p>\nShiro\u5185\u90e8\u67b6\u6784<\/h3>\n
\n
\u8fc7\u6ee4\u5668\u548c\u6743\u9650\u62e6\u622a\u5668<\/h2>\n
\n\n
\n \n\u8fc7\u6ee4\u5668\u7b80\u79f0<\/th>\n \u5bf9\u5e94\u7684Java\u7c7b<\/th>\n<\/tr>\n<\/thead>\n \n anon<\/code><\/td>\norg.apache.shiro.web.filter.authc.AnonymousFilter<\/code><\/td>\n<\/tr>\n\n authc<\/code><\/td>\norg.apache.shiro.web.filter.authc.FormAuthenticationFilter<\/code><\/td>\n<\/tr>\n\n authcBasic<\/code><\/td>\norg.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter<\/code><\/td>\n<\/tr>\n\n perms<\/code><\/td>\norg.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter<\/code><\/td>\n<\/tr>\n\n port<\/code><\/td>\norg.apache.shiro.web.filter.authz.PortFilter<\/code><\/td>\n<\/tr>\n\n rest<\/code><\/td>\norg.apache.shiro.web.filter.authz.HttpMethodPermissionFilter<\/code><\/td>\n<\/tr>\n\n roles<\/code><\/td>\norg.apache.shiro.web.filter.authz.RolesAuthorizationFilter<\/code><\/td>\n<\/tr>\n\n ssl<\/code><\/td>\norg.apache.shiro.web.filter.authz.SslFilter<\/code><\/td>\n<\/tr>\n\n user<\/code><\/td>\norg.apache.shiro.web.filter.authc.UserFilter<\/code><\/td>\n<\/tr>\n\n logout<\/code><\/td>\norg.apache.shiro.web.filter.authc.LogoutFilter<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\u524d\u7aefShiro\u6807\u7b7e<\/h2>\n
\n\n
\n \n\u6807\u7b7e\u540d\u79f0<\/th>\n \u6807\u7b7e\u6761\u4ef6\uff08\u5747\u662f\u663e\u793a\u6807\u7b7e\u5185\u5bb9\uff09<\/th>\n<\/tr>\n<\/thead>\n \n <shiro:authenticated><\/code><\/td>\n\u767b\u5f55\u4e4b\u540e<\/td>\n<\/tr>\n \n <shiro:notAuthenticated><\/code><\/td>\n\u4e0d\u5728\u767b\u5f55\u72b6\u6001\u65f6<\/td>\n<\/tr>\n \n <shiro:guest><\/code><\/td>\n\u7528\u6237\u5728\u6ca1\u6709RememberMe\u65f6<\/td>\n<\/tr>\n \n <shiro:user><\/code><\/td>\n\u7528\u6237\u5728RememberMe\u65f6<\/td>\n<\/tr>\n \n <shiro:hasAnyRoles name="abc,123"><\/code><\/td>\n\u5728\u6709abc\u6216\u8005123\u89d2\u8272\u65f6<\/td>\n<\/tr>\n \n <shiro:hasRole name="abc"><\/code><\/td>\n\u62e5\u6709\u89d2\u8272abc<\/td>\n<\/tr>\n \n <shiro:lacksRole name="abc"><\/code><\/td>\n\u6ca1\u6709\u89d2\u8272abc<\/td>\n<\/tr>\n \n <shiro:hasPermission name="abc"><\/code><\/td>\n\u62e5\u6709\u6743\u9650\u8d44\u6e90abc<\/td>\n<\/tr>\n \n <shiro:lacksPermission name="abc"><\/code><\/td>\n\u6ca1\u6709abc\u6743\u9650\u8d44\u6e90<\/td>\n<\/tr>\n \n <shiro:principal><\/code><\/td>\n\u9ed8\u8ba4\u663e\u793a\u7528\u6237\u540d\u79f0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Spring Security\u548cApache shiro\u5dee\u522b<\/h2>\n
\u63a7\u5236\u7cbe\u5ea6<\/h2>\n
Shiro\u5177\u4f53\u5e94\u7528<\/h2>\n
\u5bfc\u5165jar\u5305<\/h3>\n
<dependency>\n <groupId>org.apache.shiro<\/groupId>\n <artifactId>shiro-all<\/artifactId>\n <version>${shiro.version}<\/version>\n<\/dependency><\/code><\/pre>\n\u8fc7\u6ee4\u5668\u7684\u914d\u7f6e<\/h3>\n
<!-- Shiro Security filter filter-name\u8fd9\u4e2a\u540d\u5b57\u7684\u503c\u5c06\u6765\u8fd8\u4f1a\u5728spring\u4e2d\u7528\u5230 -->\n<filter>\n <filter-name>shiroFilter<\/filter-name>\n <filter-class>org.springframework.web.filter.DelegatingFilterProxy<\/filter-class>\n <init-param>\n <param-name>targetFilterLifecycle<\/param-name>\n <param-value>true<\/param-value>\n <\/init-param>\n<\/filter>\n<filter-mapping>\n <filter-name>shiroFilter<\/filter-name>\n <url-pattern>\/*<\/url-pattern>\n<\/filter-mapping><\/code><\/pre>\nShiro\u914d\u7f6e\u6587\u4ef6<\/h3>\n
<?xml version="1.0" encoding="UTF-8"?>\n<beans xmlns="http:\/\/www.springframework.org\/schema\/beans" \n xmlns:xsi="http:\/\/www.w3.org\/2001\/XMLSchema-instance" \n xmlns:p="http:\/\/www.springframework.org\/schema\/p" \n xmlns:context="http:\/\/www.springframework.org\/schema\/context" \n xmlns:tx="http:\/\/www.springframework.org\/schema\/tx" \n xmlns:aop="http:\/\/www.springframework.org\/schema\/aop" \n xsi:schemaLocation="http:\/\/www.springframework.org\/schema\/beans \n http:\/\/www.springframework.org\/schema\/beans\/spring-beans.xsd \n http:\/\/www.springframework.org\/schema\/aop \n http:\/\/www.springframework.org\/schema\/aop\/spring-aop.xsd \n http:\/\/www.springframework.org\/schema\/tx \n http:\/\/www.springframework.org\/schema\/tx\/spring-tx.xsd \n http:\/\/www.springframework.org\/schema\/context \n http:\/\/www.springframework.org\/schema\/context\/spring-context.xsd">\n\n <description>Shiro\u7684\u914d\u7f6e\u6587\u4ef6<\/description>\n\n <!-- SecurityManager\u914d\u7f6e -->\n <!-- \u914d\u7f6eRealm\u57df -->\n <!-- \u5bc6\u7801\u6bd4\u8f83\u5668 -->\n <!-- \u4ee3\u7406\u5982\u4f55\u751f\u6210\uff1f \u7528\u5de5\u5382\u6765\u751f\u6210Shiro\u7684\u76f8\u5173\u8fc7\u6ee4\u5668-->\n <!-- \u914d\u7f6e\u7f13\u5b58\uff1aehcache\u7f13\u5b58 -->\n <!-- \u5b89\u5168\u7ba1\u7406 -->\n <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">\n <!-- Single realm app. If you have multiple realms, use the 'realms' property instead. -->\n <property name="realm" ref="authRealm"\/><!-- \u5f15\u7528\u81ea\u5b9a\u4e49\u7684realm -->\n <!-- \u7f13\u5b58 -->\n <property name="cacheManager" ref="shiroEhcacheManager"\/>\n <\/bean>\n\n <!-- \u81ea\u5b9a\u4e49\u6743\u9650\u8ba4\u8bc1 -->\n <bean id="authRealm" class="cn.appblog.jk.shiro.AuthRealm">\n <property name="userService" ref="userService"\/>\n <!-- \u81ea\u5b9a\u4e49\u5bc6\u7801\u52a0\u5bc6\u7b97\u6cd5 -->\n <property name="credentialsMatcher" ref="passwordMatcher"\/>\n <\/bean>\n\n <!-- \u8bbe\u7f6e\u5bc6\u7801\u52a0\u5bc6\u7b56\u7565 md5hash -->\n <bean id="passwordMatcher" class="cn.appblog.jk.shiro.CustomCredentialsMatcher"\/>\n\n <!-- filter-name\u8fd9\u4e2a\u540d\u5b57\u7684\u503c\u6765\u81ea\u4e8eweb.xml\u4e2dfilter\u7684\u540d\u5b57 -->\n <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">\n <property name="securityManager" ref="securityManager"\/>\n <!--\u767b\u5f55\u9875\u9762 -->\n <property name="loginUrl" value="\/index.jsp"><\/property>\n <!-- \u767b\u5f55\u6210\u529f\u540e --> \n <property name="successUrl" value="\/home.action"><\/property>\n <property name="filterChainDefinitions">\n <!-- \/**\u4ee3\u8868\u4e0b\u9762\u7684\u591a\u7ea7\u76ee\u5f55\u4e5f\u8fc7\u6ee4 -->\n <value>\n \/index.jsp* = anon\n \/home* = anon\n \/sysadmin\/login\/login.jsp* = anon\n \/sysadmin\/login\/logout.jsp* = anon\n \/login* = anon\n \/logout* = anon\n \/components\/** = anon\n \/css\/** = anon\n \/images\/** = anon\n \/js\/** = anon\n \/make\/** = anon\n \/skin\/** = anon\n \/stat\/** = anon\n \/ufiles\/** = anon\n \/validator\/** = anon\n \/resource\/** = anon\n \/** = authc\n \/*.* = authc\n <\/value>\n <\/property>\n <\/bean>\n\n <!-- \u7528\u6237\u6388\u6743\/\u8ba4\u8bc1\u4fe1\u606fCache, \u91c7\u7528EhCache \u7f13\u5b58 -->\n <bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">\n <property name="cacheManagerConfigFile" value="classpath:ehcache-shiro.xml"\/>\n <\/bean>\n\n <!-- \u4fdd\u8bc1\u5b9e\u73b0\u4e86Shiro\u5185\u90e8lifecycle\u51fd\u6570\u7684bean\u6267\u884c -->\n <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"\/>\n\n <!-- \u751f\u6210\u4ee3\u7406\uff0c\u901a\u8fc7\u4ee3\u7406\u8fdb\u884c\u63a7\u5236 -->\n <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"\n depends-on="lifecycleBeanPostProcessor">\n <property name="proxyTargetClass" value="true"\/>\n <\/bean>\n\n <!-- \u5b89\u5168\u7ba1\u7406\u5668 -->\n <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">\n <property name="securityManager" ref="securityManager"\/>\n <\/bean>\n\n<\/beans><\/code><\/pre>\n\u81ea\u5b9a\u4e49\u5bc6\u7801\u6bd4\u8f83\u5668<\/h3>\n
\/**\n * \u5bc6\u7801\u6bd4\u8f83\u5668\uff1a\u89c4\u8303\u662fextends SimpleCredentialsMatcher \n * @author Administrator\n *\n *\/\npublic class CustomCredentialsMatcher extends SimpleCredentialsMatcher {\n\n \/**\n * \u91cd\u5199\u7236\u7c7b\u7684\u5bc6\u7801\u6bd4\u8f83\u7684\u65b9\u6cd5\n * \u6bd4\u8f83\u7684\u7b97\u6cd5\uff1a\n * 1.\u63a5\u6536\u7528\u6237\u5728\u5bc6\u7801\u6846\u8f93\u5165\u7684\u660e\u6587\n * 2.\u4f7f\u7528Md5Hash\u7b97\u6cd5\u8fdb\u884c\u52a0\u5bc6 \n * 3.\u83b7\u53d6\u6570\u636e\u5e93\u4e2d\u7684\u52a0\u5bc6\u7684\u5bc6\u7801\u8fdb\u884c\u6bd4\u8f83\n * \n * \u7b2c\u4e00\u4e2a\u53c2\u6570token\uff1a\u4ee3\u8868\u7528\u6237\u5728\u754c\u9762\u4e0a\u8f93\u5165\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801\n * \u7b2c\u4e8c\u4e2a\u53c2\u6570info\uff1a\u5b83\u5185\u90e8\u4f1a\u5305\u542b\u6570\u636e\u5e93\u4e2d\u7684\u5bc6\u7801\uff08\u5f53\u524d\u7528\u6237\u52a0\u5bc6\u540e\u7684\u5bc6\u7801\uff09\n * \n * \u8fd4\u56de\u503c\uff1a\u5982\u679c\u8fd4\u56detrue\u4ee3\u8868\u5bc6\u7801\u9a8c\u8bc1\u6210\u529f\uff0c\u5982\u679c\u8fd4\u56defalse\u4ee3\u8868\u5bc6\u7801\u6bd4\u5bf9\u5931\u8d25\uff0c\u5931\u8d25\u540e\u7a0b\u5e8f\u5c31\u4f1a\u51fa\u73b0\u5f02\u5e38 \n *\/\n public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {\n \/\/1.\u5411\u4e0b\u8f6c\u578b\n UsernamePasswordToken upToken = (UsernamePasswordToken) token;\n\n \/\/2.\u83b7\u53d6\u7528\u6237\u540d\u6216\u5bc6\u7801\n String username = upToken.getUsername();\n \/\/\u83b7\u53d6\u5bc6\u7801\u5e76\u4f7f\u7528Md5Hash\u7b97\u6cd5\u8fdb\u884c\u52a0\u5bc6 \n String inputPwdEncrypt = Encrypt.md5(new String(upToken.getPassword()), username);\n\n \/\/3.\u83b7\u53d6\u6570\u636e\u5e93\u4e2d\u7684\u52a0\u5bc6\u7684\u5bc6\u7801\n String dbPwd = info.getCredentials().toString();\n\n return equals(inputPwdEncrypt, dbPwd);\n }\n\n}<\/code><\/pre>\n\u7f16\u5199\u81ea\u5b9a\u4e49realm\u57df<\/h3>\n
public class AuthRealm extends AuthorizingRealm {\n private UserService userService;\n public void setUserService(UserService userService) {\n this.userService = userService;\n }\n\n \/\/\u6388\u6743 \u7b2c\u4e00\u4e2a\u53c2\u6570PrincipalCollection\uff1aPrincipal\u7684\u96c6\u5408\uff0c\u5176\u5b9e\u5b83\u91cc\u9762\u653e\u4e86\u4e00\u4e2a\u7528\u6237\u7684\u4fe1\u606f\n \/**\n * \u5f53jsp\u9875\u9762\u78b0\u5230shiro\u6807\u7b7e\u65f6\uff0c\u5c31\u4f1a\u81ea\u52a8\u8fd9\u4e2a\u65b9\u6cd5\n *\/\n protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {\n \/\/1.\u4eceShiro\u4e2d\u53d6\u51fa\u5f53\u524d\u8ba4\u8bc1\u7684\u7528\u6237\u5bf9\u8c61\n User user = (User)pc.fromRealm(this.getName()).iterator().next();\n\n \/\/2.\u83b7\u53d6\u7528\u6237\u7684\u76f8\u5173\u6743\u9650\uff0c\u9996\u5148\u8981\u53bb\u627e\u5230\u89d2\u8272\n Set<Role> roles = user.getRoles(); \/\/\u5bf9\u8c61\u5bfc\u822a\n\n List<String> permissions = new ArrayList<String>(); \/\/\u4ea7\u751f\u4e00\u4e2a\u7528\u4e8e\u4fdd\u5b58\u6a21\u5757\u5217\u8868\u7684\u96c6\u5408 \n \/\/3.\u904d\u5386\u96c6\u5408\n for (Role role : roles) {\n \/\/\u5f97\u5230\u6bcf\u4e2a\u89d2\u8272\u5bf9\u8c61\n Set<Module> modules = role.getModules(); \/\/\u5bf9\u8c61\u5bfc\u822a\uff0c\u5f97\u5230\u8fd9\u4e2a\u89d2\u8272\u4e0b\u9762\u7684\u6a21\u5757\u5217\u8868\n\n for (Module module :modules) {\n \/\/\u53ef\u4ee5\u53d6\u5230\u6bcf\u4e2a\u6a21\u5757\n permissions.add(module.getCpermission());\n }\n }\n\n \/\/\u4ea7\u751f\u4e00\u4e2a\u8fd4\u56de\u503c\u7684\u5bf9\u8c61\n SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();\n info.addStringPermissions(permissions);\n\n return info;\n }\n\n \/\/\u8ba4\u8bc1 \u7b2c\u4e00\u4e2a\u53c2\u6570token:\u4ee3\u8868\u7528\u6237\u5728\u754c\u9762\u4e0a\u8f93\u5165\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801 AuthenticationInfo\n \/\/\u5982\u679c\u51fd\u6570\u8fd4\u56denull\uff0c\u7a0b\u5e8f\u4e5f\u4f1a\u629b\u51fa\u5f02\u5e38 \u5982\u679c\u6b63\u5e38\u7a0b\u5e8f\u5c31\u4f1a\u81ea\u52a8\u8fdb\u5165\u5230\u5bc6\u7801\u6bd4\u8f83\u5668\n protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {\n\n \/\/1.\u5411\u4e0b\u8f6c\u578b\n UsernamePasswordToken upToken = (UsernamePasswordToken) token;\n\n \/\/2.\u83b7\u53d6\u7528\u6237\u540d\n String username = upToken.getUsername();\n\n \/\/3.\u6839\u636e\u7528\u6237\u540d\u67e5\u8be2\u6570\u636e\u5e93\n List<User> userList = userService.find("from User where userName=?", User.class, new String[]{username});\n\n if (userList!=null && userList.size()>0) {\n User user = userList.get(0);\n \/\/\u7b2c\u4e00\u4e2a\u53c2\u6570\uff1a\u4ee3\u8868\u7528\u6237\u7684\u5b9e\u4f53\u5bf9\u8c61\uff1b\u7b2c\u4e8c\u4e2a\u53c2\u6570credentials\u5bc6\u7801\uff1b\u7b2c\u4e09\u4e2a\u53c2\u6570\uff1arelam\u7684\u540d\u5b57\n return new SimpleAuthenticationInfo(user, user.getPassword(), this.getName());\n }\n return null;\n }\n}<\/code><\/pre>\n\u767b\u5f55\u64cd\u4f5c<\/h3>\n
public class LoginAction extends BaseAction {\n\n private static final long serialVersionUID = 1L;\n\n private String username;\n private String password;\n\n \/\/SSH\u4f20\u7edf\u767b\u5f55\u65b9\u5f0f\n public String login() throws Exception {\n\/\/ if (true) {\n\/\/ String msg = "\u767b\u5f55\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u586b\u5199\u7528\u6237\u540d\u5bc6\u7801!";\n\/\/ this.addActionError(msg);\n\/\/ throw new Exception(msg);\n\/\/ }\n\/\/ User user = new User(username, password);\n\/\/ User login = userService.login(user);\n\/\/ if (login != null) {\n\/\/ ActionContext.getContext().getValueStack().push(user);\n\/\/ session.put(SysConstant.CURRENT_USER_INFO, login); \/\/\u8bb0\u5f55session\n\/\/ return SUCCESS;\n\/\/ }\n\/\/ return "login";\n\n if (UtilFuns.isEmpty(username)) {\n return "login";\n }\n\n try {\n \/\/1.\u5f97\u5230Subject\n Subject subject =SecurityUtils.getSubject();\n\n \/\/2.\u8c03\u7528\u5b83\u7684\u767b\u5f55\u65b9\u6cd5\n UsernamePasswordToken token = new UsernamePasswordToken(username, password);\n subject.login(token);\n\n \/\/3.\u53d6\u51faShiro\u4e2d\u4fdd\u5b58\u7684\u7528\u6237\u4fe1\u606f\n User user = (User) subject.getPrincipal();\n\n \/\/4.\u5c06\u7528\u6237\u4fe1\u606f\u4fdd\u5b58\u5230session\u4e2d\n session.put(SysConstant.CURRENT_USER_INFO, user);\n\n return SUCCESS;\n } catch (Exception e) {\n e.printStackTrace();\n request.put("errorInfo", "\u767b\u5f55\u5931\u8d25\uff0c\u7528\u6237\u540d\u6216\u5bc6\u7801\u9519\u8bef\uff01");\n return "login";\n }\n }\n\n \/\/\u9000\u51fa\n public String logout() {\n session.remove(SysConstant.CURRENT_USER_INFO); \/\/\u5220\u9664session\n\n SecurityUtils.getSubject().logout();\n return "logout";\n }\n\n public String getUsername() {\n return username;\n }\n\n public void setUsername(String username) {\n this.username = username;\n }\n\n public String getPassword() {\n return password;\n }\n\n public void setPassword(String password) {\n this.password = password;\n }\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"