Shiro系列之Shiro+Spring MVC整合

Shiro系列之Shiro+Spring MVC整合

第一步,Shiro Filter

在web.xml文件中增加以下代码,确保Web项目中需要权限管理的URL都可以被Shiro拦截过滤。

[xml]  view plain  copy
  1.   
  2.     <filter>  
  3.         <filter-name>shiroFilterfilter-name>  
  4.         <filter-class>org.springframework.web.filter.DelegatingFilterProxyfilter-class>  
  5.         <init-param>  
  6.             <param-name>targetFilterLifecycleparam-name>  
  7.             <param-value>trueparam-value>  
  8.         init-param>  
  9.     filter>  
  10.     <filter-mapping>  
  11.         <filter-name>shiroFilterfilter-name>  
  12.         <url-pattern>/*url-pattern>  
  13.     filter-mapping>  

通常将这段代码中的filter-mapping放在所有filter-mapping之前,以达到shiro是第一个对web请求进行拦截过滤之目的。这里的fileter-name应该要和第二步中配置的Java bean的id一致。

 

第二步,配置各种Java Bean

在root-context.xml文件中配置Shiro

[xml]  view plain  copy
  1. xml version="1.0" encoding="UTF-8"?>  
  2. <beans xmlns="http://www.springframework.org/schema/beans"  
  3.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
  4.     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">  
  5.   
  6.       
  7.   
  8.       
  9.     <bean id="dataSource"  
  10.         class="org.springframework.jdbc.datasource.DriverManagerDataSource">  
  11.         <property name="driverClassName" value="com.mysql.jdbc.Driver" />  
  12.         <property name="url" value="jdbc:mysql://127.0.0.1:3306/etao_java" />  
  13.         <property name="username" value="root" />  
  14.         <property name="password" value="cope9020" />  
  15.     bean>  
  16.   
  17.     <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor">bean>  
  18.   
  19.       
  20.     <bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.Md5CredentialsMatcher">bean>  
  21.   
  22.       
  23.     <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager">bean>  
  24.   
  25.       
  26.     <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">  
  27.         <property name="realm" ref="jdbcRealm">property>  
  28.         <property name="cacheManager" ref="cacheManager">property>  
  29.     bean>  
  30.   
  31.       
  32.         <property name="securityManager" ref="securityManager">property>  
  33.           
  34.         <property name="loginUrl" value="/security/login">property>  
  35.           
  36.           
  37.           
  38.         <property name="unauthorizedUrl" value="/">property>  
  39.         <property name="filterChainDefinitions">  
  40.             <value>  
  41.                 /security/*=anon  
  42.                 /tag=authc  
  43.             value>  
  44.         property>  
  45.     bean>  
  46.   
  47.     

你可能感兴趣的:(web开发)