SpringBoot 整合 Shiro 认证返回 json 数据

程序员文章站 2024-02-03 10:06:10

...

一、简介

要解决ajax请求和前后端分离返回数据，问题很简单，比如你没有登录，去请求数据的时候，shiro指定了一个登录界面，会自动重定向那个界面

二、具体代码

关键步骤：添加shrio自定义拦截器

/**
 * @program: hopson
 * @Date: 2019/10/15 15:43
 * @Author: wangmx
 * @Description:
 */
public class ShiroLoginFilter extends UserFilter {

    @Override
    protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");
        JSONObject res = new JSONObject();
        res.put("error", "登录已失效，请重新登录！");
        res.put("message", "登录已失效，请重新登录！");
        res.put("status", 401);
        response.getWriter().print(res.toString());
    }

}

将拦截器添加到shrio配置类中

 /**
 * Shiro的配置文件
 *
 * @author wangmx
 */
@Configuration
public class ShiroConfig {

    /**
     * 单机环境，session交给shiro管理
     */
    @Bean
    @ConditionalOnProperty(prefix = "wangmx", name = "cluster", havingValue = "false")
    public DefaultWebSessionManager sessionManager(@Value("${wangmx.globalSessionTimeout:3600}") long globalSessionTimeout){
       /* DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setSessionValidationSchedulerEnabled(true);
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
        sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);*/

       MySessionManager sessionManager = new MySessionManager();
       sessionManager.setSessionValidationSchedulerEnabled(true);
       sessionManager.setSessionIdUrlRewritingEnabled(false);
       sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
       sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);

        return sessionManager;
    }

    /**
     * 集群环境，session交给spring-session管理
     */
    @Bean
    @ConditionalOnProperty(prefix = "wangmx", name = "cluster", havingValue = "true")
    public ServletContainerSessionManager servletContainerSessionManager() {
        return new ServletContainerSessionManager();
    }

    @Bean("securityManager")
    public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        securityManager.setSessionManager(sessionManager);
        securityManager.setRememberMeManager(null);

        return securityManager;
    }


    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        //shiroFilter.setLoginUrl("/401");
        //shiroFilter.setUnauthorizedUrl("/401");
	    //这是重点   将拦截器添加到shrio配置类中
        Map<String, Filter> filters = shiroFilter.getFilters();
        filters.put("authc", new ShiroLoginFilter());
        shiroFilter.setFilters(filters);

        Map<String, String> filterMap = new LinkedHashMap<>();

        filterMap.put("/services/*","anon");
        filterMap.put("/swagger/**", "anon");
        filterMap.put("/v2/api-docs", "anon");
        filterMap.put("/swagger-ui.html", "anon");
        filterMap.put("/webjars/**", "anon");
        filterMap.put("/swagger-resources/**", "anon");
        filterMap.put("/doc.html","anon");
        filterMap.put("/druid/**","anon");

        filterMap.put("/statics/**", "anon");
        filterMap.put("/login.html", "anon");
        filterMap.put("/sys/login", "anon");
        filterMap.put("/favicon.ico", "anon");
        filterMap.put("/captcha.jpg", "anon");
        filterMap.put("/**", "authc");
        shiroFilter.setFilterChainDefinitionMap(filterMap);

        return shiroFilter;
    }

    @Bean("lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }
}

主要代码

Map<String, Filter> filters = shiroFilter.getFilters();
filters.put("authc", new ShiroLoginFilter());
shiroFilter.setFilters(filters);

SpringBoot 整合 Shiro 认证返回 json 数据

一、简介

二、具体代码

2.springboot:返回json数据

SpringBoot 整合 Shiro 认证返回 json 数据

SpringBoot返回JSON数据

SpringBoot整合MyBatis获得插入数据后获取主键，返回值总是1

springboot activiti 整合项目框架源码 druid 数据库连接池 shiro 安全框架

SpringBoot整合Shiro实现登录认证的方法

SpringBoot 整合 Shiro 密码登录与邮件验证码登录功能(多 Realm 认证)

SpringBoot整合MyBatis获得插入数据后获取主键，返回值总是1

springboot windows10风格 activiti 整合项目框架源码 shiro 安全框架 druid 数据库连接池

shiro学习三（spring boot整合shiro读取数据库数据实现用户登录，权限认证）