springboot中shiro权限控制的使用

springboot中shiro权限控制的使用

先新建一个UserRealm

public class UserRealm extends AuthorizingRealm {//授权@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {System.out.println("执行了=>AuthorizationInfo授权方法");SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();info.addStringPermission("权限");//拿到当前登录的对象Subject subject= SecurityUtils.getSubject();User user= (User) subject.getPrincipal();//设置当前用户的权限info.addStringPermissions(user.getPerms());return null;}//认证@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {System.out.println("执行了=>AuthenticationInfo认证方法");//获取用户UsernamePasswordToken userToken= (UsernamePasswordToken) token;//User user=userService.getUserName(userToken.getUsername);if(!userToken.getUsername().equals("从数据库取出的用户")){return null ;}//密码认证(数据库中的数据)return new SimpleAuthenticationInfo("user","pass","");}
}

shiro配置

拥有对某个资源的权限才能访问role:拥有某个角色权限才能访问*/Map<String,String> filterMap=new LinkedHashMap<>();filterMap.put("请求","authc");bean.setFilterChainDefinitionMap(filterMap);//设置登录的请求bean.setLoginUrl("/toLogin");return bean;}@Bean(name = "securityManager")public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
//        关联RealmsecurityManager.setRealm(userRealm);return securityManager;}@Beanpublic UserRealm userRealm(){return new UserRealm();}
}