今天跟着狂神学习Shiro,遇到了这个问题,我对应ShrioConfig的配置如下
java
package com.example.demo.config;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.security.ConditionalOnDefaultWebSecurity;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
//ShiroFilterBean
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("f2") DefaultWebSecurityManager defaultWebSecurityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
/*添加shiro的内置过滤器
* anon : 无需认值据可以访问
* authc : 必须认证了才能访问
* user : 必须拥有记住我功能才能使用
* role : 拥有莫格角色权限才能访问
* perms : 拥有对某个资源的权限才能访问
*
* */
Map map = new LinkedHashMap<>();
map.put("/user/add","authc");
map.put("/user/update","authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
return shiroFilterFactoryBean;
}
//DefaultWebSecurityManager
@Bean(name="f2")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//关联UserRealm
securityManager.setRealm(userRealm);
return securityManager;
}
//创建 realm 对象 ,需要自定义
@Bean
public UserRealm userRealm(){
return new UserRealm();
}
}查询资料后,了解只需在ShiroFilterBean后面的Bean加上(name = "shiroFilterFactoryBean")
问题解决
