欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

9.springboot2.X整合redis-shiro

程序员文章站 2022-05-21 17:47:53
...

1.整合有关redis依赖

  <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.0</version>

        </dependency>
        <!--shiro整合redis缓存,和之前的缓存不同-->
        <dependency>
            <groupId>org.crazycake</groupId>
            <artifactId>shiro-redis</artifactId>
            <version>2.4.2.1-RELEASE</version>
        </dependency>
        <!--springboot2.X没有jedis,你需要一个redis客户端3以下-->
        <dependency>
            <groupId>redis.clients</groupId>
            <artifactId>jedis</artifactId>
            <version>2.9.0</version>
        </dependency>

2.redis缓存简单的配置,像序列化策略啥的都是默认的

/**
 * redis配置
 *
 * */
public class RedisConfig {
    /**
     * redisManager
     *
     * @return
     */
    public RedisManager redisManager() {
        RedisManager redisManager = new RedisManager ( );
        //主鸡地址
        redisManager.setHost ("127.0.0.1");
        //端口
        redisManager.setPort (6379);
        // 配置过期时间
        redisManager.setExpire (1800);
        return redisManager;
    }

    /**
     * cacheManager
     *
     * @return
     */
    public RedisCacheManager cacheManager() {
        RedisCacheManager redisCacheManager = new RedisCacheManager ( );
        redisCacheManager.setRedisManager (redisManager ( ));
        return redisCacheManager;
    }

    /**
     * redisSessionDAO
     */
    public RedisSessionDAO redisSessionDAO() {
        RedisSessionDAO redisSessionDAO = new RedisSessionDAO ( );
        redisSessionDAO.setRedisManager (redisManager ( ));
        return redisSessionDAO;
    }

    /**
     * sessionManager
     */
    public DefaultWebSessionManager SessionManager() {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager ( );
        sessionManager.setSessionDAO (redisSessionDAO ( ));
        return sessionManager;
    }
}

3.redis缓存配置到你的shiro配置里

 @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定义的Realm交给manager
        manager.setRealm (myRealm ( ));
        // 自定义缓存实现 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定义session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用记住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

你想要缓存必须配置session管理器,redis管理器 ,redisSession
贴上配置代码:

@Configuration

public class RememberMeConfig {

    /**
     * cookie设置
     * */
    public SimpleCookie rememberMeCookie(){
        //这个参数是cookie的名称,对应前端的checkbox的name = rememberMe
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        //cookie生效时间30天,单位秒;
        simpleCookie.setMaxAge(2592000);
        return simpleCookie;
    }

    /**
     * cookie管理对象;记住我功能
     * @return
     */
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        // cookieRememberMeManager.setCipherKey用来设置加密的Key,参数类型byte[],字节数组长度要求16
        // cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag=="));
        cookieRememberMeManager.setCipherKey("ZHANGXIAOHEI_CAT".getBytes());
        return cookieRememberMeManager;
    }







}
/*授权和认证逻*/
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    UserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println ("执行授权逻辑");

        SimpleAuthorizationInfo simpleInfo = new SimpleAuthorizationInfo ( );
        //获取登录用户名
        String name = (String) principalCollection.getPrimaryPrincipal ( );
        //之后在数据库查询他是什么角色 什么权限一一添加他们
        List<String> listRoles = userService.listRoles (name);
        // simpleInfo.addRoles (listRoles);直接添加多个角色或者forench添加
        for (String role : listRoles) {
            simpleInfo.addRole (role);
        }
        //添加角色下的权限 比如crud
        List<String> listPermissions = userService.listPermissions (name);
        System.out.println (listPermissions.size ( ));
        simpleInfo.addStringPermissions (listPermissions);
        //设置好权限返回
        return simpleInfo;
    }

       @Override
    protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        ;
        //加这一步的目的是在Post请求的时候会先进认证,然后在到请求
        if (null == authenticationToken.getPrincipal ( )) {
            return null;
        }
        System.out.println ("执行认证逻辑" + getName ( ));

        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //获取用户登陆的名
        String name = token.getUsername ( );
        //查出的密码和盐封装成User
        User user = userService.getPwdByName (name);

        if (null == user) {
            //用户名不存在
            return null;//抛出一个空的对象 抛出异常UnknowAccountException
        }
        //密码
        String pwd = user.getPassword ( );
        //盐
        String salt = user.getSalt ( );
        //真盐=name+salt
        salt = name + salt;

        //这里验证authenticationToken和simpleAuthenticationInfo的信息
        return new SimpleAuthenticationInfo (name, pwd, ByteSource.Util.bytes (salt), getName ( ));
    }
}

你的这些配置也可以配到shiroConfig 方法里

/*常用的过滤器
* anon:无认证
* authc:必须认证 登陆即可
* user: 使用记住我可以直接访问
* perms: 必须有资源权限 比如crud
* roles: 必须有角色权限
* */
@Configuration
public class ShiroConfig {
    /**
     * 创建自定义配置的Realm
     */
    @Bean
    CustomRealm myRealm() {
        CustomRealm customRealm = new CustomRealm ( );
        //注入加密算法
        customRealm.setCredentialsMatcher (hashedCredentialsMatcher ());
        return customRealm;
    }

    /**
     * 创建DefaultWebSecurityManager管理器,使它管理自定义的Realm
     */
    @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定义的Realm交给manager
        manager.setRealm (myRealm ( ));
        // 自定义缓存实现 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定义session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用记住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

    /**
     *创建shiroFilterFactoryBean
     * 关联一个securityManager ( )管理器
     */
    @Bean
    ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean ( );
        bean.setSecurityManager (securityManager ( ));
        //登陆页
        bean.setLoginUrl ("/login");
        //登陆成功后界面
        bean.setSuccessUrl ("/index");
        //未授权跳转到
        bean.setUnauthorizedUrl ("/tip");
        Map<String, String> map = new LinkedHashMap<> ( );
        //anon是把限制权限改为无限制
        //map.put ("/index", "anon");
        //authc 登陆后可以访问
       // map.put ("/**", "authc");
        map.put ("/add", "authc");
        //权限必须有addProduct才可以访问
        map.put ("/update","perms[addProduct]");
        //角色是admin 才可以访问超级管理员界面
        map.put ("/admin","roles[admin]");
        bean.setFilterChainDefinitionMap (map);
        return bean;
    }
    /**用于ShiroDialect和thymeleaf标签配合使用*/
    @Bean(name = "shiroDialect")

    public ShiroDialect shiroDialect(){

        return new ShiroDialect ();

    }



    /**
     * 密码加密算法设置
     * @return
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //散列的次数
        hashedCredentialsMatcher.setHashIterations(2);
        return hashedCredentialsMatcher;
    };

}

具体细节就是redis缓存具体的配置还没弄,很多默认的设置,比如序列化后都乱码了而不是json格式的? 解决办法百度把
9.springboot2.X整合redis-shiro