@Configuration public class ShiroConfig extends Object
| 构造器和说明 |
|---|
ShiroConfig() |
| 限定符和类型 | 方法和说明 |
|---|---|
org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator |
advisorAutoProxyCreator()
开启Shiro的注解(如@RequiresRoles , @RequiresPermissions),需借助SspringAOP扫描使用Sshiro注解的类,并在必要时进行安全逻辑验证
配置以下两个bean(Defaul tAdvisorAutoProxyCreator和uthorizat ionAttributeSourceAdvisor)即可实现此功能
|
org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor |
authorizationAttributeSourceAdvisor(org.apache.shiro.mgt.SecurityManager securityManager)
开启shiro aop注解支持
使用代理方式;所以需要开启代码支持
|
ManagerAuthRealm |
customRealm()
自定义身份认证 realm;
必须写这个类,并加上 @Bean 注解,目的是注入 CustomRealm, 否则会影响 CustomRealm类 中其他类的依赖注入
|
org.apache.shiro.web.session.mgt.DefaultWebSessionManager |
defaultWebSessionManager()
重写defaultWebSessionManager,防止url拼接jsessionid
|
org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor |
getAuthorizationAttributeSourceAdvisor(org.apache.shiro.web.mgt.DefaultWebSecurityManager securityManager) |
org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator |
getDefaultAdvisorAutoProxyCreator() |
org.apache.shiro.session.mgt.eis.MemorySessionDAO |
getMemorySessionDAO() |
org.apache.shiro.web.servlet.SimpleCookie |
getSimpleCookie() |
ILoginStrategy |
loginStrategy()
管理登录策略
|
IModelStrategy |
modelStrategy()
管理员菜单策略
|
org.apache.shiro.web.servlet.SimpleCookie |
rememberMeCookie()
cookie对象
|
org.apache.shiro.web.mgt.CookieRememberMeManager |
rememberMeManager()
cookie管理对象
|
org.apache.shiro.mgt.SecurityManager |
securityManager(org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionManager)
注入 securityManager
|
org.apache.shiro.spring.web.ShiroFilterFactoryBean |
shirFilter(org.apache.shiro.mgt.SecurityManager securityManager) |
@Bean public org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator()
@Bean public org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(org.apache.shiro.mgt.SecurityManager securityManager)
securityManager - @Bean
public org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(@Autowired(required=false)
org.apache.shiro.web.mgt.DefaultWebSecurityManager securityManager)
@Bean public org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator()
@Bean public org.apache.shiro.spring.web.ShiroFilterFactoryBean shirFilter(org.apache.shiro.mgt.SecurityManager securityManager)
@Bean public org.apache.shiro.mgt.SecurityManager securityManager(org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionManager)
@Bean public org.apache.shiro.web.session.mgt.DefaultWebSessionManager defaultWebSessionManager()
public org.apache.shiro.web.servlet.SimpleCookie rememberMeCookie()
public org.apache.shiro.web.mgt.CookieRememberMeManager rememberMeManager()
@Bean public org.apache.shiro.session.mgt.eis.MemorySessionDAO getMemorySessionDAO()
@Bean public org.apache.shiro.web.servlet.SimpleCookie getSimpleCookie()
@Bean public ManagerAuthRealm customRealm()
必须写这个类,并加上 @Bean 注解,目的是注入 CustomRealm, 否则会影响 CustomRealm类 中其他类的依赖注入
@Bean public IModelStrategy modelStrategy()
@Bean public ILoginStrategy loginStrategy()
Copyright © 2024. All rights reserved.