springboot_shiro與shiro.ini文件

package com.book.app.utils;

import java.util.LinkedHashMap;
import java.util.Map;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

/**
*
* 功能：shiro和springboot的整合相當於shiro.ini文件
* 作者：張
* 2018年10月18日上午10:18:35
*/
@Configuration
public class ShiroConfiguration {

/**
* LifecycleBeanPostProcessor，這是個DestructionAwareBeanPostProcessor的子類，
* 負責org.apache.shiro.util.Initializable類型bean的生命周期的，初始化和銷毀。
* 主要是AuthorizingRealm類的子類，以及EhCacheManager類。
*/
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}

/**
* HashedCredentialsMatcher，這個類是為了對密碼進行編碼的，
* 防止密碼在數據庫里明碼保存，當然在登陸認證的時候，
* 這個類也負責對form里輸入的密碼進行編碼。
*/
@Bean(name = "hashedCredentialsMatcher")
public HashedCredentialsMatcher hashedCredentialsMatcher() {
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName("MD5");
credentialsMatcher.setHashIterations(2);
credentialsMatcher.setStoredCredentialsHexEncoded(true);
return credentialsMatcher;
}

/**ShiroRealm，這是個自定義的認證類，繼承自AuthorizingRealm，
* 負責用戶的認證和權限的處理，可以參考JdbcRealm的實現。
*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public MyRealm shiroRealm() {
return new MyRealm();
}

/**
* SecurityManager，權限管理，這個類組合了登陸，登出，權限，session的處理，是個比較重要的類。
*/
@Bean(name = "securityManager")
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(shiroRealm());
return securityManager;
}

/**
* ShiroFilterFactoryBean，是個factorybean，為了生成ShiroFilter。
* 它主要保持了三項數據，securityManager，filters，filterChainDefinitionManager。
*/
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilterFactoryBean() {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager());
Map<String, String> filterChainDefinitionManager = new LinkedHashMap<String, String>();
filterChainDefinitionManager.put("/jquery/**", "anon");
filterChainDefinitionManager.put("/login", "anon");
// filterChainDefinitionManager.put("/**", "anon");
filterChainDefinitionManager.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionManager);
return shiroFilterFactoryBean;
}

}