欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

SpringBoot2.0集成Shiro并使用EhCache缓存

程序员文章站 2022-04-13 09:32:38
...

使用EhCache同时缓存数据库数据及其它需要缓存的数据和shrio共享(shiro主要用于会话的存储和持久化),集成整合步骤如下:

一:集成EhCache

<1>、在pom.xml文件中添加以下依赖。

        <!-- 开启 cache 缓存 -->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-cache</artifactId>

        </dependency>

        <!-- ehcache 缓存 -->

        <dependency>

            <groupId>net.sf.ehcache</groupId>

            <artifactId>ehcache</artifactId>

        </dependency>

 <2>、添加配置文件 ehcache.xml,放在resources下,内容如下。

<ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

        xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd"

        updateCheck="false">

    <defaultCache

            eternal="false"

            maxElementsInMemory="1000"

            overflowToDisk="false"

            diskPersistent="false"

            timeToIdleSeconds="0"

            timeToLiveSeconds="600"

            memoryStoreEvictionPolicy="LRU" />

    <cache

            name="permissionCache"

            eternal="false"

            maxElementsInMemory="100"

            overflowToDisk="false"

            diskPersistent="false"

            timeToIdleSeconds="0"

            timeToLiveSeconds="300"

            memoryStoreEvictionPolicy="LRU" />

</ehcache>

<3>、在启动类加上启用缓存注解@EnableCaching。

<4>、经过上述步骤后,就可以使用缓存注解@Cacheable,@CachePut等。

二:集成Shiro并使用EhCache缓存

<1> 、在pom.xml文件中添加以下依赖。

        <!-- shiro -->

        <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-spring</artifactId>

            <version>${shiro-spring.version}</version>

        </dependency>

        <!-- shiro ehcache -->

        <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-ehcache</artifactId>

            <version>${shiro-ehcache.version}</version>

        </dependency>

 <2>、编写Shiro的Realm验证,参考代码如下。

public class ShiroRealm extends AuthorizingRealm {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Resource

    private IUserService iUserService;

    @Resource

    private ILoginLogService iloginLogService;

    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        logger.info("权限配置----->ShiroRealm.doGetAuthorizationInfo()" );

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        UserInfo userInfo = (UserInfo) principals.getPrimaryPrincipal();

        authorizationInfo.addRole(userInfo.getRoleInfo().getRoleCode());

        for (Permission p : userInfo.getRoleInfo().getPermissions()) {

            authorizationInfo.addStringPermission(p.getPermissionCode());

        }

        //授权成功添加登录日志

        addLoginLog(userInfo);

        return authorizationInfo;

    }

    /*主要是用来进行身份认证的,也就是说验证用户输入的账号和密码是否正确*/

    @Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        logger.info("ShiroRealm.doGetAuthenticationInfo()" );

        //获取用户的输入的账号.

        String username = (String) token.getPrincipal();

        //通过username从数据库中查找 User对象,如果找到,没找到.

        //实际项目中,这里可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法

        UserInfo userInfo = iUserService.findUserInfo(username);

        logger.info("----->userInfo=" + userInfo);

        if (userInfo == null) {

            throw new AccountException();

        } else if (userInfo.getState() == 0) {

            throw new DisabledAccountException();

        } else if (userInfo.getState() == 2) {

            throw new LockedAccountException();

        }

        //保存登录用户ID

        Session session = SecurityUtils.getSubject().getSession();

        session.setAttribute(Constant.LOGIN_USER_ID, userInfo.getId());

        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(

                userInfo, //用户信息

                userInfo.getPassWord(), //密码

                ByteSource.Util.bytes(userInfo.getCredentialsSalt()),//salt=username+salt

                getName()  //realm name

        );

        return authenticationInfo;

    }

    private void addLoginLog(UserInfo userInfo) {

        LoginLog loginLog = new LoginLog();

        loginLog.setUserId(userInfo.getId());

        loginLog.setUserName(userInfo.getUserName());

        loginLog.setIpAddress(SecurityUtils.getSubject().getSession().getAttribute(Constant.LOGIN_IP_ADDRESS).toString());

        loginLog.setGeographyLocation(AddressUtils.getAddressByIp(loginLog.getIpAddress()));

        iloginLogService.insert(loginLog);

    }

}

 <3>、添加Shiro的配置类,参考代码如下。

@Configuration

public class ShiroConfig {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Bean

    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {

        logger.info("ShiroConfiguration.shirFilter()" );

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        shiroFilterFactoryBean.setSecurityManager(securityManager);

        //获取filters

        Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();

        //将自定义的FormAuthenticationFilter注入shiroFilter中(验证码校验)

        filters.put("authc" , new CustomFormAuthenticationFilter());

        //拦截器.

        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        // 配置不会被拦截的链接 顺序判断

        filterChainDefinitionMap.put("/static/**" , "anon" );

        filterChainDefinitionMap.put("/kaptcha/**" , "anon" );

        //配置退出 过滤器,其中的具体的退出代码Shiro已经替我们实现了

        filterChainDefinitionMap.put("/logout" , "logout" );

        //<!-- 过滤链定义,从上向下顺序执行,一般将/**放在最为下边 -->:这是一个坑呢,一不小心代码就不好使了;

        //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->

        filterChainDefinitionMap.put("/**" , "authc" );

        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面

        shiroFilterFactoryBean.setLoginUrl("/login" );

        // 登录成功后要跳转的链接

        shiroFilterFactoryBean.setSuccessUrl("/index" );

        //未授权界面;

        shiroFilterFactoryBean.setUnauthorizedUrl("/error/403" );

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;

    }

    /**

    * 凭证匹配器

    * (由于我们的密码校验交给Shiro的SimpleAuthenticationInfo进行处理了)

    *

    * @return

    */

    @Bean

    public HashedCredentialsMatcher hashedCredentialsMatcher() {

        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();

        hashedCredentialsMatcher.setHashAlgorithmName("md5" );//散列算法:这里使用MD5算法;

        hashedCredentialsMatcher.setHashIterations(2);//散列的次数,比如散列两次,相当于 md5(md5(""));

        return hashedCredentialsMatcher;

    }

    /**

    * 自定义身份认证realm

    *

    * @return

    */

    @Bean

    public ShiroRealm shiroRealm() {

        ShiroRealm shiroRealm = new ShiroRealm();

        shiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());

        return shiroRealm;

    }

    @Bean

    public EhCacheManager ehCacheManager(CacheManager cacheManager) {

        EhCacheManager em = new EhCacheManager();

        //将ehcacheManager转换成shiro包装后的ehcacheManager对象

        em.setCacheManager(cacheManager);

        //em.setCacheManagerConfigFile("classpath:ehcache.xml");

        return em;

    }

    @Bean

    public SessionDAO sessionDAO(){

        return new MemorySessionDAO();

    }

    /**

    * shiro session管理

    */

    @Bean

    public DefaultWebSessionManager sessionManager() {

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        sessionManager.setSessionDAO(sessionDAO());

        return sessionManager;

    }

    @Bean

    public SecurityManager securityManager(EhCacheManager ehCacheManager) {

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();

        // 设置realm

        securityManager.setRealm(shiroRealm());

        // 自定义缓存实现

        securityManager.setCacheManager(ehCacheManager);

        // 自定义session管理

        securityManager.setSessionManager(sessionManager());

        return securityManager;

    }

    /**

    * 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证

    * 配置以下两个bean(DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisor)即可实现此功能

    *

    * @return

    */

    @Bean

    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {

        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();

        advisorAutoProxyCreator.setProxyTargetClass(true);

        return advisorAutoProxyCreator;

    }

    /**

    * 开启shiro aop注解支持.

    * 使用代理方式;所以需要开启代码支持;

    *

    * @param securityManager

    * @return

    */

    @Bean

    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {

        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();

        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);

        return authorizationAttributeSourceAdvisor;

    }

}

注意:

@Bean

public EhCacheManager ehCacheManager(CacheManager cacheManager) {

    EhCacheManager em = new EhCacheManager();

    //将ehcacheManager转换成shiro包装后的ehcacheManager对象

    em.setCacheManager(cacheManager);

    //em.setCacheManagerConfigFile("classpath:ehcache.xml");

    return em;

}

如上是配置Shiro的缓存管理器org.apache.shiro.cache.ehcach.EhCacheManager,上面方法的参数是把Spring容器中的cacheManager对象注入到EhCacheManager中,这样就实现了Shiro和缓存注解使用同一种缓存方式。

三:代码示例

Gitee:https://gitee.com/xieke90/common-admin/tree/SpringBoot2.X_EhCache

 

转载请注明出处:https://xieke90.iteye.com/blog/2440426