<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><groupId>com.ihrm</groupId><artifactId>ihrm_parent</artifactId><version>1.0-SNAPSHOT</version><modules><module>ihrm_common</module><module>ihrm_common_model</module><module>ihrm_common</module><module>ihrm_common_model</module><module>ihrm_company</module><module>ihrm_system</module></modules><packaging>pom</packaging><name>ihrm_parent</name><description>IHRM-黑馬程序員</description><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.0.5.RELEASE</version><relativePath/></parent><properties><project.build.sourceEncoding>UTF-8</project.build.sourceEncoding><project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding><java.version>1.8</java.version><fastjson.version>1.2.47</fastjson.version></properties><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-logging</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope></dependency><dependency><groupId>com.alibaba</groupId><artifactId>fastjson</artifactId><version>${fastjson.version}</version></dependency><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId><version>1.16.16</version></dependency><!--shiro和spring整合--><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring</artifactId><version>1.3.2</version></dependency><!--shiro核心包--><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>1.3.2</version></dependency><!--shiro與redis整合--><dependency><groupId>org.crazycake</groupId><artifactId>shiro-redis</artifactId><version>3.0.0</version></dependency></dependencies><repositories><repository><id>spring-snapshots</id><name>Spring Snapshots</name><url>https://repo.spring.io/snapshot</url><snapshots><enabled>true</enabled></snapshots></repository><repository><id>spring-milestones</id><name>Spring Milestones</name><url>https://repo.spring.io/milestone</url><snapshots><enabled>false</enabled></snapshots></repository></repositories><pluginRepositories><pluginRepository><id>spring-snapshots</id><name>Spring Snapshots</name><url>https://repo.spring.io/snapshot</url><snapshots><enabled>true</enabled></snapshots></pluginRepository><pluginRepository><id>spring-milestones</id><name>Spring Milestones</name><url>https://repo.spring.io/milestone</url><snapshots><enabled>false</enabled></snapshots></pluginRepository></pluginRepositories><build><plugins><!--編譯插件--><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-compiler-plugin</artifactId><version>3.1</version><configuration><source>${java.version}</source><target>${java.version}</target></configuration></plugin><!--單元測試插件--><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-surefire-plugin</artifactId><version>2.12.4</version><configuration><skipTests>true</skipTests></configuration></plugin></plugins></build> </project> package com.learn.common.shiro.session;import org.apache.shiro.web.servlet.ShiroHttpServletRequest; import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; import org.apache.shiro.web.util.WebUtils; import org.springframework.util.StringUtils;import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import java.io.Serializable;public class CustomSessionManager extends DefaultWebSessionManager {/*** 頭信息中具有sessionid* 請求頭：Authorization： sessionid** 指定sessionId的獲取方式*/protected Serializable getSessionId(ServletRequest request, ServletResponse response) {//獲取請求頭Authorization中的數據String id = WebUtils.toHttp(request).getHeader("Authorization");if(StringUtils.isEmpty(id)) {//如果沒有攜帶，生成新的sessionIdreturn super.getSessionId(request,response);}else{//請求頭信息：bearer sessionidid = id.replaceAll("Bearer ","");//返回sessionId；request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE, "header");request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, id);request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);return id;}} } package com.learn.common.shiro.realm;import com.learn.domain.system.response.ProfileResult; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection;import java.util.Set;// 公共的realm：獲取安全數據，構造權限信息 public class IhrmRealm extends AuthorizingRealm {public void setName(String name) {super.setName("learnRealm");}//授權方法protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {//1.獲取安全數據ProfileResult result = (ProfileResult)principalCollection.getPrimaryPrincipal();//2.獲取權限信息Set<String> apisPerms = (Set<String>)result.getRoles().get("apis");//3.構造權限數據，返回值SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();info.setStringPermissions(apisPerms);return info;}//認證方法protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {return null;} } package com.learn.system.shiro.realm;import com.learn.common.shiro.realm.IhrmRealm; import com.learn.domain.system.Permission; import com.learn.domain.system.User; import com.learn.domain.system.response.ProfileResult; import com.learn.system.service.PermissionService; import com.learn.system.service.UserService; import org.apache.shiro.authc.*; import org.springframework.beans.factory.annotation.Autowired;import java.util.HashMap; import java.util.List; import java.util.Map;public class UserRealm extends IhrmRealm {@Autowiredprivate UserService userService;@Autowiredprivate PermissionService permissionService;//認證方法protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {//1.獲取用戶的手機號和密碼UsernamePasswordToken upToken = (UsernamePasswordToken) authenticationToken;String mobile = upToken.getUsername();String password = new String( upToken.getPassword());//2.根據手機號查詢用戶User user = userService.findByMobile(mobile);//3.判斷用戶是否存在，用戶密碼是否和輸入密碼一致if(user != null && user.getPassword().equals(password)) {//4.構造安全數據并返回（安全數據：用戶基本數據，權限信息 profileResult）ProfileResult result = null;if("user".equals(user.getLevel())) {result = new ProfileResult(user);}else {Map map = new HashMap();if("coAdmin".equals(user.getLevel())) {map.put("enVisible","1");}List<Permission> list = permissionService.findAll(map);result = new ProfileResult(user,list);}//構造方法：安全數據，密碼，realm域名SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(result,user.getPassword(),this.getName());return info;}//返回null，會拋出異常，標識用戶名和密碼不匹配return null;} } <?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><parent><artifactId>ihrm_parent</artifactId><groupId>com.ihrm</groupId><version>1.0-SNAPSHOT</version></parent><modelVersion>4.0.0</modelVersion><artifactId>ihrm_common</artifactId><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-data-jpa</artifactId></dependency><dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt</artifactId><version>0.6.0</version></dependency><dependency><groupId>com.ihrm</groupId><artifactId>ihrm_common_model</artifactId><version>1.0-SNAPSHOT</version></dependency></dependencies> </project> package com.learn.domain.system.response;import com.learn.domain.system.Permission; import com.learn.domain.system.Role; import com.learn.domain.system.User; import lombok.Getter; import lombok.Setter; import org.crazycake.shiro.AuthCachePrincipal;import java.io.Serializable; import java.util.*;@Setter @Getter public class ProfileResult implements Serializable,AuthCachePrincipal {private String mobile;private String username;private String company;private String companyId;private Map<String,Object> roles = new HashMap<>();/**** @param user*/public ProfileResult(User user, List<Permission> list) {this.mobile = user.getMobile();this.username = user.getUsername();this.company = user.getCompanyName();this.companyId = user.getCompanyId();Set<String> menus = new HashSet<>();Set<String> points = new HashSet<>();Set<String> apis = new HashSet<>();for (Permission perm : list) {String code = perm.getCode();if(perm.getType() == 1) {menus.add(code);}else if(perm.getType() == 2) {points.add(code);}else {apis.add(code);}}this.roles.put("menus",menus);this.roles.put("points",points);this.roles.put("apis",apis);}public ProfileResult(User user) {this.mobile = user.getMobile();this.username = user.getUsername();this.company = user.getCompanyName();this.companyId = user.getCompanyId();Set<Role> roles = user.getRoles();Set<String> menus = new HashSet<>();Set<String> points = new HashSet<>();Set<String> apis = new HashSet<>();for (Role role : roles) {Set<Permission> perms = role.getPermissions();for (Permission perm : perms) {String code = perm.getCode();if(perm.getType() == 1) {menus.add(code);}else if(perm.getType() == 2) {points.add(code);}else {apis.add(code);}}}this.roles.put("menus",menus);this.roles.put("points",points);this.roles.put("apis",apis);}@Overridepublic String getAuthCacheKey() {return null;} }

?

總結

以上是生活随笔為你收集整理的SasSHRM中基于shiro的认证授权：环境搭建的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。