前言:

  Shiro是一个权限、会话管理的开源Java安全框架;Spring Boot集成Shiro后可以方便的使用Session;

工程概述:

(工程结构图)

一、建立Spring Boot工程

  参照http://www.cnblogs.com/liangblog/p/5207855.html 建立一个SpringBoot工程;

二、修改pom.xml,引入所需jar包

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

  <modelVersion>4.0.0</modelVersion>

  <groupId>com.ddd</groupId>

  <artifactId>programme</artifactId>

  <version>0.0.1</version>

  <packaging>jar</packaging>

  <name>programme</name>

  <url>http://maven.apache.org</url>

  <properties>

    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

  </properties>

    <parent>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-parent</artifactId>

        <version>1.4.2.RELEASE</version>

    </parent>

  <dependencies>

    <dependency>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-web</artifactId>

    </dependency>

    <dependency>

      <groupId>junit</groupId>

      <artifactId>junit</artifactId>

      <scope>test</scope>

    </dependency>

    <dependency>

        <groupId>org.springframework.data</groupId>

        <artifactId>spring-data-commons</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.data</groupId>

        <artifactId>spring-data-jpa</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.data</groupId>

        <artifactId>spring-data-jdbc-core</artifactId>

        <version>1.2.1.RELEASE</version>

    </dependency>

    <dependency>

        <groupId>com.fasterxml.jackson.core</groupId>

        <artifactId>jackson-core</artifactId>

    </dependency>

    <dependency>

        <groupId>com.fasterxml.jackson.core</groupId>

        <artifactId>jackson-annotations</artifactId>

    </dependency>

    <dependency>

        <groupId>com.fasterxml.jackson.core</groupId>

        <artifactId>jackson-databind</artifactId>

    </dependency>

    <dependency>

        <groupId>org.slf4j</groupId>

        <artifactId>slf4j-api</artifactId>

    </dependency>

    <dependency>

        <groupId>org.apache.httpcomponents</groupId>

        <artifactId>httpcore</artifactId>

        </dependency>

    <dependency>

        <groupId>org.apache.httpcomponents</groupId>

        <artifactId>httpclient</artifactId>

        </dependency>

    <dependency>

        <groupId>org.apache.httpcomponents</groupId>

        <artifactId>httpmime</artifactId>

        </dependency>

    <dependency>

              <groupId>mysql</groupId>

              <artifactId>mysql-connector-java</artifactId>

          </dependency>

          <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-jdbc</artifactId>

        </dependency>

          <dependency>

              <groupId>javax</groupId>

              <artifactId>javaee-api</artifactId>

              <version>7.0</version>

          </dependency>

          <dependency>

              <groupId>org.apache.shiro</groupId>

              <artifactId>shiro-spring</artifactId>

              <version>1.2.3</version>

          </dependency>

          <dependency>

              <groupId>org.apache.shiro</groupId>

              <artifactId>shiro-cas</artifactId>

              <version>1.2.3</version>

          </dependency>

          <dependency>

              <groupId>org.apache.shiro</groupId>

              <artifactId>shiro-ehcache</artifactId>

              <version>1.2.3</version>

          </dependency>

          <dependency>

              <groupId>org.springframework</groupId>

              <artifactId>spring-jdbc</artifactId>

              </dependency>

          <dependency>

              <groupId>org.apache.shiro</groupId>

              <artifactId>shiro-core</artifactId>

              <version>1.2.3</version>

          </dependency>

          <dependency>

              <groupId>org.apache.shiro</groupId>

              <artifactId>shiro-web</artifactId>

              <version>1.2.3</version>

          </dependency>

          <dependency>

              <groupId>org.jasig.cas.client</groupId>

              <artifactId>cas-client-core</artifactId>

              <version>3.4.1</version>

          </dependency>

  </dependencies>

   <!-- Package as an executable jar -->

    <build>

        <defaultGoal>compile</defaultGoal>

        <plugins>

            <plugin>

                <groupId>org.springframework.boot</groupId>

                <artifactId>spring-boot-maven-plugin</artifactId>

            </plugin>

        </plugins>

    </build>

    <!-- Add Spring repositories -->

    <!-- (you don't need this if you are using a .RELEASE version) -->

     <!--

         <repositories>

        <repository>

            <id>spring-snapshots</id>

            <url>http://repo.spring.io/snapshot</url>

            <snapshots><enabled>true</enabled></snapshots>

        </repository>

        <repository>

            <id>spring-milestones</id>

            <url>http://repo.spring.io/milestone</url>

        </repository>

    </repositories>

    <pluginRepositories>

        <pluginRepository>

            <id>spring-snapshots</id>

            <url>http://repo.spring.io/snapshot</url>

        </pluginRepository>

        <pluginRepository>

            <id>spring-milestones</id>

            <url>http://repo.spring.io/milestone</url>

        </pluginRepository>

    </pluginRepositories>

    -->

</project>

pom.xml

  主要引入日志、数据库,shrio相关的jar包

三、添加配置文件和日志文件

配置文件需要放到resource文件夹下(指向classpath),并取名aplication.properties,工程会自动查找到文件配置信息

  配置文件:

displayname = pm

server.port=8011

server.session.timeout=1000

server.tomcat.uri-encoding=UTF-8

spring.datasource.url=jdbc:mysql://127.0.0.1:3306/test

spring.datasource.username=root

spring.datasource.password=123456

spring.datasource.driver-class-name=com.mysql.jdbc.Driver

spring.datasource.max-idle=10

spring.datasource.max-wait=10000

spring.datasource.min-idle=5

spring.datasource.initial-size=5

logging.config=classpath:pm-logback.xml

logging.path=log

  日志文件:

<configuration scan="true" scanPeriod="10 seconds">

    <include resource="org/springframework/boot/logging/logback/base.xml" />

    <!-- 日志的级别:debug,info,warn,error -->

    <appender name="INFO_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">

<!--

        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

            <level>DEBUG</level>

        </filter>

 -->

         <File>${LOG_PATH}/info.log</File>

        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

            <fileNamePattern>${LOG_PATH}/pm-info-%d{yyyyMMdd}.log.%i</fileNamePattern>

            <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

                <maxFileSize>100MB</maxFileSize>

            </timeBasedFileNamingAndTriggeringPolicy>

            <maxHistory>2</maxHistory>

        </rollingPolicy>

        <layout class="ch.qos.logback.classic.PatternLayout">

            <Pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} -%msg%n

            </Pattern>

        </layout>

    </appender>

    <appender name="ERROR_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">

        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

            <level>ERROR</level>

        </filter>

        <File>${LOG_PATH}/error.log</File>

        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

            <fileNamePattern>${LOG_PATH}/pm-error-%d{yyyyMMdd}.log.%i

            </fileNamePattern>

            <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

                <maxFileSize>100MB</maxFileSize>

            </timeBasedFileNamingAndTriggeringPolicy>

            <maxHistory>2</maxHistory>

        </rollingPolicy>

        <layout class="ch.qos.logback.classic.PatternLayout">

            <Pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} -%msg%n

            </Pattern>

        </layout>

    </appender>

    <root level="INFO">

        <appender-ref ref="INFO_FILE" />

        <appender-ref ref="ERROR_FILE" />

    </root>

</configuration>

pm-logback.xml

  部署工程时可以放到工程jar所在文件夹内,部署的工程会自动找到文件;

四、添加Shiro支持功能:

  1、新建shiro配置类,Shiro的主要配置信息都在此文件内实现;

package com.ddd.program.config;

import java.util.ArrayList;

import java.util.Collection;

import java.util.LinkedHashMap;

import java.util.Map;

import org.apache.shiro.cache.ehcache.EhCacheManager;

import org.apache.shiro.mgt.SecurityManager;

import org.apache.shiro.session.SessionListener;

import org.apache.shiro.session.mgt.SessionManager;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;

import org.apache.shiro.web.mgt.DefaultWebSecurityManager;

import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

@Configuration

public class ShiroConfiguration {

    /**

     * ShiroFilterFactoryBean 处理拦截资源文件问题。

     * 注意:单独一个ShiroFilterFactoryBean配置是或报错的

     * 初始化ShiroFilterFactoryBean的时候需要注入:SecurityManager

     */

    @Bean

    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        // 必须设置 SecurityManager

        shiroFilterFactoryBean.setSecurityManager(securityManager);

        // 拦截器.

        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();

        //filterChainDefinitionMap.put("/page/*", "authc");

        // 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了

        //filterChainDefinitionMap.put("/security/logoff", "logout");

        shiroFilterFactoryBean.setLoginUrl("/#/login");

        // 未授权界面;

        shiroFilterFactoryBean.setUnauthorizedUrl("/403");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;

    }

    @Bean

    public SecurityManager securityManager() {

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();

        MyRealm myRealm = new MyRealm();

        securityManager.setRealm(myRealm);

        securityManager.setSessionManager(sessionManager());

        securityManager.setCacheManager(ehCacheManager());

        return securityManager;

    }

    @Bean

    public SessionManager sessionManager() {

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        Collection<SessionListener> listeners = new ArrayList<SessionListener>();

        listeners.add(new MySessionListener());

        sessionManager.setSessionListeners(listeners);

        return sessionManager;

    }

    @Bean

    public EhCacheManager ehCacheManager() {

        EhCacheManager ehCacheManager = new EhCacheManager();

        //ehCacheManager.setCacheManagerConfigFile("classpath:encache.xml");

        return ehCacheManager;

    }

}

  2、新建登录验证和Session监听的类(上面的类所需要的两个类)

    登录相关:

package com.ddd.program.config;

import org.apache.shiro.authc.AuthenticationException;

import org.apache.shiro.authc.AuthenticationInfo;

import org.apache.shiro.authc.AuthenticationToken;

import org.apache.shiro.authc.SimpleAuthenticationInfo;

import org.apache.shiro.authc.UnknownAccountException;

import org.apache.shiro.authc.UsernamePasswordToken;

import org.apache.shiro.authz.AuthorizationInfo;

import org.apache.shiro.authz.SimpleAuthorizationInfo;

import org.apache.shiro.realm.AuthorizingRealm;

import org.apache.shiro.subject.PrincipalCollection;

import org.slf4j.Logger;

import org.slf4j.LoggerFactory;

import com.cdv.nsite.program.model.AppUser;

import com.cdv.nsite.program.services.impl.AppUserServiceImpl;

public class MyRealm extends AuthorizingRealm {

    private final static Logger logger = LoggerFactory.getLogger(MyRealm.class);

    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        logger.debug("登录验证后进行权限认证....");

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

        return info;

    }

    @Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        logger.debug("登录操作进行登录认证......");

        UsernamePasswordToken  token = (UsernamePasswordToken)authenticationToken;

        AppUser user = SpringContextUtils.getBean(AppUserServiceImpl.class).getUserByName(token.getUsername());

        if (user == null) {

            // 没找到帐号

            throw new UnknownAccountException(

                    "没有在本系统中找到对应的用户信息。");

        }

        //简单验证

        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(

                user.getUsername(),user.getPassword(),getName());

        return info;

    }

}

MyRealm.java

    Session相关:

package com.ddd.program.config;

import java.util.concurrent.atomic.AtomicInteger;

import org.apache.shiro.session.Session;

import org.apache.shiro.session.SessionListener;

import org.springframework.stereotype.Component;

@Component

public class MySessionListener implements SessionListener {

    private final AtomicInteger sessionCount = new AtomicInteger(0);

    @Override

    public void onStart(Session session) {

        sessionCount.incrementAndGet();

        System.out.println("登录+1=="+sessionCount.get());

    }

    @Override

    public void onStop(Session session) {

        sessionCount.decrementAndGet();

        System.out.println("登录退出-1=="+sessionCount.get());

    }

    @Override

    public void onExpiration(Session session) {

        sessionCount.decrementAndGet();

        System.out.println("登录过期-1=="+sessionCount.get());

    }

    public int getSessionCount() {

        return sessionCount.get();

    }

}

MySessionListener.java

  3、添加静态页面:

    在resource文件夹下新建static或public文件夹,工程会默认找static文件夹下的index.*,没有在找public文件夹下的index.*;

  4、新建登录的接口和实现

   完整代码---> https://github.com/liangguang/springboot_18

结述:

  以上代码只是个例子,主要是获得登录的Session用作其他用途;

---------------------------------------------------添加热部署支持-----------------------

  <!-- 模板引擎 暂时不用 -->

         <!--  <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-thymeleaf</artifactId>

          </dependency> -->

        <!--

            devtools可以实现热部署。devtools会监听classpath下的文件变动,并且会立即重启应用(发生在保存时机),注意:因为其采用的虚拟机机制,该项重启是很快的

            如果设置SpringApplication.setRegisterShutdownHook(false),则自动重启将不起作用。

            设置 spring.devtools.restart.enabled 属性为false,可以关闭该特性。

         -->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-devtools</artifactId>

            <optional>true</optional>

            <!-- optional=true,依赖不会传递,-->

        </dependency>

添加devtools依赖

spring.devtools.restart.enabled = true

application.properties中添加配置项;

Spring Boot 添加Shiro支持的更多相关文章

  1. Spring Boot 添加JSP支持【转】

    Spring Boot 添加JSP支持 大体步骤: (1)            创建Maven web project: (2)            在pom.xml文件添加依赖: (3)     ...

  2. (19)Spring Boot 添加JSP支持【从零开始学Spring Boot】

    [来也匆匆,去也匆匆,在此留下您的脚印吧,转发点赞评论: 您的认可是我最大的动力,感谢您的支持] 看完本文章您可能会有些疑问,可以查看之后的一篇博客: 81. Spring Boot集成JSP疑问[从 ...

  3. 19. Spring Boot 添加JSP支持【从零开始学Spring Boot】

    转:http://blog.csdn.net/linxingliang/article/details/52017140 这个部分比较复杂,所以单独创建一个工程来进行讲解: 大体步骤: (1)     ...

  4. Spring boot 加入shiro支持

    在项目添加依赖 <!-- shiro spring. --> <dependency> <groupId>org.apache.shiro</groupId& ...

  5. spring boot 添加jsp支持注意事项

    1.一定要使用war包<packaging>war</packaging>2.将provided改为compile,具体如下: <dependency> <g ...

  6. 快速搭建Spring Boot + Apache Shiro 环境

    个人博客网:https://wushaopei.github.io/    (你想要这里多有) 一.Apache Shiro 介绍及概念 概念:Apache Shiro是一个强大且易用的Java安全框 ...

  7. Spring Boot 集成Shiro和CAS

    Spring Boot 集成Shiro和CAS 标签: springshirocas 2016-01-17 23:03 35765人阅读 评论(22) 收藏 举报  分类: Spring(42)  版 ...

  8. Spring Boot 整合 Shiro ,两种方式全总结!

    在 Spring Boot 中做权限管理,一般来说,主流的方案是 Spring Security ,但是,仅仅从技术角度来说,也可以使用 Shiro. 今天松哥就来和大家聊聊 Spring Boot ...

  9. Springboot 系列(十七)迅速使用 Spring Boot Admin 监控你的 Spring Boot 程序,支持异常邮件通知

    1. Spring Boot Admin 是什么 Spring Boot Admin 是由 codecentric 组织开发的开源项目,使用 Spring Boot Admin 可以管理和监控你的 S ...

随机推荐

  1. Java线程

    线程 线程 线程(Thread)是控制线程(Thread of Control)的缩写,是程序运行的基本单位,它是具有一定顺序的指令序列(即所编写的程序代码).存放方法中定义局部变量的栈和一些共享数据 ...

  2. 一次部署HTTPS的相关事件引发的思考

    前言: 上周五快要下班的时候,突然收到通知客户希望了解一下部署HTTPS的流程,这种事情谁听了都会有几分诧异的.因为这件事虽然和工作有一定的相关度,但平时不会走这个方向,实际上也较少接触.此外,客户手 ...

  3. Dagger2 (一) 入坑篇

    为什么是Dagger2 为了更好的了解Dagger2,请先阅读RoboGuice篇了解依赖注入. 官方文档称,依赖注入这种技术已经在存在多年了,为什么Dagger2要造轮子? Dagger2是第一个全 ...

  4. 【代码笔记】iOS-获得设备型号

    一,代码. - (void)viewDidLoad { [super viewDidLoad]; // Do any additional setup after loading the view. ...

  5. iOS json解析的几种方法 NSJSONSerialization,JSONKit,SBJson ,TouchJson

    相关的第三方类库大家可以去github上下载 1.NSJSONSerialization 具体代码如下 : - (void)viewDidLoad { [super viewDidLoad]; NSD ...

  6. iOS开发之功能模块--根据需求开发横向的子弹盒View

    这个需求是本人工作开发中后期需求要添加的新功能,本人模仿UITableView的代理和数据源方法进行了第一阶段的开发.第二阶段是添加丰富的动画. 这个功能需求描述:能上传添加五个待选头像,五个头像分别 ...

  7. ns3重要类

    1. simple-ref-count 递归模板,使得通过定义T:SimpleRefCount<T>使得T类都具有计数功能 template <typename T, typenam ...

  8. ORACLE计算表引占用空间大小

    在ORACLE数据库中,如何计算一个表所占用的存储空间呢?我们可以通过系统视图DBA_SEGMENTS.USER_SEGMETNS.DBA_TABLES来查看一个表所占空间的大小,如下所示:   SE ...

  9. java实现支付宝接口--文档..转载

    //实现java支付宝很简单,只要从支付宝官方下载   http://help.alipay.com/support/index_sh.htm下载程序,配置一下参数就OK了:   1.先到http:/ ...

  10. 如何使用 OpenStack CLI - 每天5分钟玩转 OpenStack(22)

    本节首先讨论 image 删除操作,然后介绍 OpenStack CLI 的使用方法,最后讨如何 Troubleshoot. Web UI 删除 image admin 登录后,Project -&g ...