2019獨角獸企業重金招聘Python工程師標準>>>

核心類簡介

xxxToken：用戶憑證 xxxFilter：生產token，設置登錄成功，登錄失敗處理方法，判斷是否登錄連接等 xxxRealm：依據配置的支持Token來認證用戶信息，授權用戶權限

核心配置

Shrio整體配置：ShrioConfig.java

@Beanpublic ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();shiroFilterFactoryBean.setSecurityManager(securityManager);Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();//將自定義 的FormAuthenticationFilter注入shiroFilter中filters.put("authc", new AuthenticationFilter());filters.put("wechat",new ExWechatAppFilter());shiroFilterFactoryBean.setFilters(filters);Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();...//建立url和filter之間的關系filterChainDefinitionMap.put("/wechat/**","wechat");filterChainDefinitionMap.put("/**", "authc");...shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);return shiroFilterFactoryBean;}@Beanpublic SecurityManager securityManager() {DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();securityManager.setAuthenticator(exModularRealmAuthenticator());List<Realm> realms = new ArrayList<>();//設置多Realmrealms.add(systemRealm());realms.add(wechatAppRealm());securityManager.setRealms(realms);securityManager.setCacheManager(ehCacheManager());securityManager.setRememberMeManager(cookieRememberMeManager());return securityManager;}//重要！！定義token與Realm關系，設置認證策略public MyModularRealmAuthenticator myModularRealmAuthenticator(){MyModularRealmAuthenticator authenticator = new MyModularRealmAuthenticator();FirstSuccessfulStrategy strategy = new FirstSuccessfulStrategy();authenticator.setAuthenticationStrategy(strategy);return authenticator;}@Beanpublic SystemRealm systemRealm() {SystemRealm systemRealm = new SystemRealm();systemRealm.setAuthorizationCachingEnabled(true);systemRealm.setAuthorizationCacheName("authorization");systemRealm.setCredentialsMatcher(hashedCredentialsMatcher());return systemRealm;}@Beanpublic WechatAppRealm WechatAppRealm(){WechatAppRealm wechatAppRealm = new WechatAppRealm();wechatAppRealm.setAuthorizationCachingEnabled(false);return WechatAppRealm;}

Realm，Token關聯關系配置：MyModularRealmAuthenticator.java

public class MyModularRealmAuthenticator extends ModularRealmAuthenticator {@Overrideprotected AuthenticationInfo doAuthenticate(AuthenticationToken authenticationToken) throws AuthenticationException {assertRealmsConfigured(); //依據Realm中配置的支持Token來進行過濾List<Realm> realms = this.getRealms().stream().filter(realm -> realm.supports(authenticationToken)).collect(Collectors.toList());if (realms.size() == 1) {return doSingleRealmAuthentication(realms.get(0), authenticationToken);} else {return doMultiRealmAuthentication(realms, authenticationToken);}}}

認證授權配置：Realm.java

public class SystemRealm extends AuthorizingRealm {... @Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {//重要！！多realm每個都會執行授權相關信息，此處進行過濾if(principals.fromRealm(getName()).isEmpty()){return null;}//授權代碼...return authorizationInfo;}/*** 主要是用來進行身份認證的*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)throws AuthenticationException {//生產AuthenticationInfo代碼...//校驗的部分由配置的credentialsMatcher進行處理return authenticationInfo;}/*** 擴展認證token** @param authenticationToken* @return boolean* @author mjm* @date 2018/7/3 12:32*/@Overridepublic boolean supports(AuthenticationToken authenticationToken) {//設置此Realm支持的Tokenreturn authenticationToken != null && (authenticationToken instanceof UsernamePasswordToken );} }

過濾器配置：AuthenticationFilter.java

基礎的過濾器類型：官網中默認有很多已實現的過濾器，可依據需求擴展

public class AuthenticationFilter extends FormAuthenticationFilter {..../*** 創建令牌** @param servletRequest ServletRequest* @param servletResponse ServletResponse* @return 令牌*/@Overrideprotected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {//依據request中不同的參數創建不同的token...return new xxxToken(...);}.... }

參考資料

http://shiro.apache.org/realm.html#Realm-Supporting{{AuthenticationTokens}}

轉載于:https://my.oschina.net/MeiJianMing/blog/3017838

總結

以上是生活随笔為你收集整理的Spring Boot -Shiro配置多Realm的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。