Shiro和spring的整合之基础篇

来源：互联网发布：经典相声知乎编辑：程序博客网时间：2024/05/18 02:30

Shiro和spring的整合之基础篇;

标签： Shiro

说明:本教程适合对spring和springmvc框架有一定认识的读者,因为其中有省略的内容;

简介

Apche Shiro 是Java的一个安全(权限)框架;
Shiro可以非常容易的开发出足够好的应用,其不仅可以用在JAVASE环境,也可以用在JJavaEE环境;
Shiro可以完成:认证,授权,加密,回话管理,与WEB集成,缓存等;
下载地址: http://shiro.apache.org/

配置spring和shiro整合:

步骤1.配置架包

需要的架包有spring,springmvc,shiro和hibernate中的ehcache-core-2.4.3.jar ;
com.springsource.net.sf.cglib-2.2.0.jar
com.springsource.org.aopalliance-1.0.0.jar
com.springsource.org.aspectj.weaver-1.6.8.RELEASE.jar
commons-logging-1.1.3.jar
ehcache-core-2.4.3.jar
jackson-all-1.9.11.jar
log4j-1.2.15.jar
shiro-all-1.3.2.jar
slf4j-api-1.6.1.jar
slf4j-log4j12-1.6.1.jar
spring-aop-4.0.0.RELEASE.jar
spring-aspects-4.0.0.RELEASE.jar
spring-beans-4.0.0.RELEASE.jar
spring-context-4.0.0.RELEASE.jar
spring-context-support-4.0.0.RELEASE.jar
spring-core-4.0.0.RELEASE.jar
spring-expression-4.0.0.RELEASE.jar
spring-jdbc-4.0.0.RELEASE.jar
spring-orm-4.0.0.RELEASE.jar
spring-tx-4.0.0.RELEASE.jar
spring-web-4.0.0.RELEASE.jar
spring-webmvc-4.0.0.RELEASE.jar

步骤二,配置文件

web.xml

<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">  <display-name>ShiroAndSpringAndSpringmvcDemo</display-name>    <context-param>        <param-name>contextConfigLocation</param-name>        <param-value>classpath:applicationContext.xml</param-value>    </context-param>    <listener>        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>    </listener>    <filter>        <filter-name>shiroFilter</filter-name>        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>        <init-param>            <param-name>targetFilterLifecycle</param-name>            <param-value>true</param-value>        </init-param>    </filter>    <filter-mapping>        <filter-name>shiroFilter</filter-name>        <url-pattern>/*</url-pattern>    </filter-mapping>    <servlet>        <servlet-name>springDispatcherServlet</servlet-name>        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class><!--  springmvc配置文件的位置和名称，默认为WEB-INF目录下，名称为[<servlet-name>]-servlet.xml，如springDispatcherServlet-servlet.xml,本整合安装中在web-lib下-->             <load-on-startup>1</load-on-startup>    </servlet>    <servlet-mapping>        <servlet-name>springDispatcherServlet</servlet-name>        <url-pattern>/</url-pattern>    </servlet-mapping></web-app>

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"    xmlns:context="http://www.springframework.org/schema/context"    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">    <!-- 1.配置SecuityManager -->    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">        <property name="cacheManager" ref="cacheManager"/>        <property name="realm" ref="jdbcRealm"/>    </bean>    <!--         2.配置cacheManager             2.1 需要加入ehchche的jar包及配置文件;    -->    <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">        <!-- 可以直接配置ehcache的配置文件,也可以自己指定一个配置文件 -->        <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/>    </bean>    <!--         3.配置realm            3.1 配置realm 必须实现realm接口,并且覆写方法;            说明:这里的class类是自己实现了org.apache.shiro.realm.Realm接口的,所以要自己写入;     -->    <bean id="jdbcRealm" class="com.chenhao.shiro.ShiroRealm"></bean>   <!--         4.配置LifecycleBeanPostProcessor,可以自定的来调用配置在springIOC容器中shiro bean 的生命周期方法;    -->    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>    <!--         5.启用IOC容器中使用shiro的注解,但必须在配置了LifecycleBaenPostProcessor之后才可以使用;     -->       <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"          depends-on="lifecycleBeanPostProcessor"/>    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">        <property name="securityManager" ref="securityManager"/>    </bean>    <!--         6.配置shirofilter             6.1 id必须和web.xml文件中配置的DelegatingFilterProxy的filter-name一致;   -->    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">        <property name="securityManager" ref="securityManager"/>        <property name="loginUrl" value="/login.jsp"/>        <property name="successUrl" value="/list.jsp"/>        <property name="unauthorizedUrl" value="/unauthorized.jsp"/>        <!--             配置哪些页面需要受保护.            以及访问哪些页面需要的权限            1).anon 可以被匿名访问;            2).authc必须认真(即登录)后才能访问的页面;         -->        <property name="filterChainDefinitions">            <value>                                         /login.jsp = anon                              # everything else requires authentication:                /** = authc            </value>        </property>    </bean></beans>

springDispatcherServlet-servlet.xml(springmvc的配置文件)

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"    xmlns:mvc="http://www.springframework.org/schema/mvc"    xmlns:context="http://www.springframework.org/schema/context"    xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">    <context:component-scan base-package="com.chenhao.shiro"></context:component-scan>    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">        <property  name="prefix" value="/"></property>        <property name="suffix" value=".jsp"></property>    </bean>    <mvc:annotation-driven></mvc:annotation-driven>    <mvc:default-servlet-handler/></beans>

注意:
1.省略的一个自定义的类:com.chenhao.shiro.ShiroRealm
2.省略的几个jsp页面,login.jsp,list.jsp,unauthorized.jsp;
3.省略了一个ehcache.xml的配置文件(你的hibernate架包存放路径\hibernate-release-4.2.4.Final\project\etc\此目录下有;);

阅读全文

0 0