2. it
  3. ssm整合shiro

ssm整合shiro

mac2024-04-20  16
web.xml 文件配置filter <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>targetBeanName</param-name> <param-value>shiroFilter</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> applicationContext.xml配置shiro Bean <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="userRealm"></property> </bean> <bean id="userRealm" class="'"> <property name="credentialsMatcher " ref="credentialsMatcher"></property> </bean> <!-- 配置凭证匹配器 --> <bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher"> <property name="hashAlgorithmName" value="md5"></property> <property name="hashIterations" value="2"></property> </bean> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"></property> <property name="loginUrl" value="/login"></property> <!-- 配置认证成功后跳转地址,如果没有配置则跳转上一个路径 --> <property name="successUrl" value="/index"></property> <!-- 权限认证不通过访问路径 --> <property name="unauthorizedUrl " value="/logingUrl"></property> <!-- shiro过滤器链 --> <property name="filterChainDefinitions"> <value> /index=anon /login=authc /logout=logout /images/**=anon /js/**=anon /css/**=anon /**=authc </value> </property> </bean> <!-- 配置logout过滤器 --> <bean id="logout" class="org.apache.shiro.web.filter.authc.LogoutFilter"> <property name="redirectUrl " value="/login"></property> </bean> 创建实体类Realm -> UserRealm public class UserRealm extends AuthorizingRealm{ ... } 配置权限三种方式 注解方式 标签 过滤器

缓存管理

可以使用ehcache 或者redis集成

ehcache

引用ehcache.jar文件

ehcacee.xml

<ehcache> <diskStore path="java.io.tmpdir/shiro-ehcache"/> <defaultCache maxElementsInMemory="10000" eternal="false" timeToIdleSeconds="120" timeToLiveSeconds="120" overflowToDisk="false" diskPersistent="false" diskExpiryThreadIntervalSeconds="120" /> </ehcache>

配置applicationContext.xml

<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="userRealm"></property> <property name="cacheManager" ref="cacheManager"/> </bean> <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager" > <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/> </bean>

SessionManager

<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> <property name="globalSessionTimeout" value="1800000"/> <property name="deleteInvalidSessions" value="true"/> </bean>

RemeberMe

最新回复(0)