SpringBoot2.0集成Shiro并使用EhCache缓存

Cshnuscw 2019-04-25

使用EhCache同时缓存数据库数据及其它需要缓存的数据和shrio共享(shiro主要用于会话的存储和持久化),集成整合步骤如下:

一:集成EhCache

<1>、在pom.xml文件中添加以下依赖。

<!-- 开启 cache 缓存 -->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-cache</artifactId>

        </dependency>

        <!-- ehcache 缓存 -->

        <dependency>

            <groupId>net.sf.ehcache</groupId>

            <artifactId>ehcache</artifactId>

        </dependency>

 <2>、添加配置文件 ehcache.xml,放在resources下,内容如下。

<ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

        xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd"

        updateCheck="false">

    <defaultCache

            eternal="false"

            maxElementsInMemory="1000"

            overflowToDisk="false"

            diskPersistent="false"

            timeToIdleSeconds="0"

            timeToLiveSeconds="600"

            memoryStoreEvictionPolicy="LRU" />

    <cache

            name="permissionCache"

            eternal="false"

            maxElementsInMemory="100"

            overflowToDisk="false"

            diskPersistent="false"

            timeToIdleSeconds="0"

            timeToLiveSeconds="300"

            memoryStoreEvictionPolicy="LRU" />

</ehcache>

<3>、在启动类加上启用缓存注解@EnableCaching。

<4>、经过上述步骤后,就可以使用缓存注解@Cacheable,@CachePut等。

二:集成Shiro并使用EhCache缓存

<1> 、在pom.xml文件中添加以下依赖。

<!-- shiro -->

        <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-spring</artifactId>

            <version>${shiro-spring.version}</version>

        </dependency>

        <!-- shiro ehcache -->

        <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-ehcache</artifactId>

            <version>${shiro-ehcache.version}</version>

        </dependency>

 <2>、编写Shiro的Realm验证,参考代码如下。

public class ShiroRealm extends AuthorizingRealm {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Resource

    private IUserService iUserService;

    @Resource

    private ILoginLogService iloginLogService;

    @Override

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        logger.info("权限配置----->ShiroRealm.doGetAuthorizationInfo()" );

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        UserInfo userInfo = (UserInfo) principals.getPrimaryPrincipal();

        authorizationInfo.addRole(userInfo.getRoleInfo().getRoleCode());

        for (Permission p : userInfo.getRoleInfo().getPermissions()) {

            authorizationInfo.addStringPermission(p.getPermissionCode());

        }

        //授权成功添加登录日志

        addLoginLog(userInfo);

        return authorizationInfo;

    }

    /*主要是用来进行身份认证的,也就是说验证用户输入的账号和密码是否正确*/

    @Override

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        logger.info("ShiroRealm.doGetAuthenticationInfo()" );

        //获取用户的输入的账号.

        String username = (String) token.getPrincipal();

        //通过username从数据库中查找 User对象,如果找到,没找到.

        //实际项目中,这里可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法

        UserInfo userInfo = iUserService.findUserInfo(username);

        logger.info("----->userInfo=" + userInfo);

        if (userInfo == null) {

            throw new AccountException();

        } else if (userInfo.getState() == 0) {

            throw new DisabledAccountException();

        } else if (userInfo.getState() == 2) {

            throw new LockedAccountException();

        }

        //保存登录用户ID

        Session session = SecurityUtils.getSubject().getSession();

        session.setAttribute(Constant.LOGIN_USER_ID, userInfo.getId());

        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(

                userInfo, //用户信息

                userInfo.getPassWord(), //密码

                ByteSource.Util.bytes(userInfo.getCredentialsSalt()),//salt=username+salt

                getName()  //realm name

        );

        return authenticationInfo;

    }

    private void addLoginLog(UserInfo userInfo) {

        LoginLog loginLog = new LoginLog();

        loginLog.setUserId(userInfo.getId());

        loginLog.setUserName(userInfo.getUserName());

        loginLog.setIpAddress(SecurityUtils.getSubject().getSession().getAttribute(Constant.LOGIN_IP_ADDRESS).toString());

        loginLog.setGeographyLocation(AddressUtils.getAddressByIp(loginLog.getIpAddress()));

        iloginLogService.insert(loginLog);

    }

}

 <3>、添加Shiro的配置类,参考代码如下。

@Configuration

public class ShiroConfig {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Bean

    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {

        logger.info("ShiroConfiguration.shirFilter()" );

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        shiroFilterFactoryBean.setSecurityManager(securityManager);

        //获取filters

        Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();

        //将自定义的FormAuthenticationFilter注入shiroFilter中(验证码校验)

        filters.put("authc" , new CustomFormAuthenticationFilter());

        //拦截器.

        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        // 配置不会被拦截的链接 顺序判断

        filterChainDefinitionMap.put("/static/**" , "anon" );

        filterChainDefinitionMap.put("/kaptcha/**" , "anon" );

        //配置退出 过滤器,其中的具体的退出代码Shiro已经替我们实现了

        filterChainDefinitionMap.put("/logout" , "logout" );

        //<!-- 过滤链定义,从上向下顺序执行,一般将/**放在最为下边 -->:这是一个坑呢,一不小心代码就不好使了;

        //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->

        filterChainDefinitionMap.put("/**" , "authc" );

        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面

        shiroFilterFactoryBean.setLoginUrl("/login" );

        // 登录成功后要跳转的链接

        shiroFilterFactoryBean.setSuccessUrl("/index" );

        //未授权界面;

        shiroFilterFactoryBean.setUnauthorizedUrl("/error/403" );

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;

    }

    /**

    * 凭证匹配器

    * (由于我们的密码校验交给Shiro的SimpleAuthenticationInfo进行处理了)

    *

    * @return

    */

    @Bean

    public HashedCredentialsMatcher hashedCredentialsMatcher() {

        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();

        hashedCredentialsMatcher.setHashAlgorithmName("md5" );//散列算法:这里使用MD5算法;

        hashedCredentialsMatcher.setHashIterations(2);//散列的次数,比如散列两次,相当于 md5(md5(""));

        return hashedCredentialsMatcher;

    }

    /**

    * 自定义身份认证realm

    *

    * @return

    */

    @Bean

    public ShiroRealm shiroRealm() {

        ShiroRealm shiroRealm = new ShiroRealm();

        shiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());

        return shiroRealm;

    }

    @Bean

    public EhCacheManager ehCacheManager(CacheManager cacheManager) {

        EhCacheManager em = new EhCacheManager();

        //将ehcacheManager转换成shiro包装后的ehcacheManager对象

        em.setCacheManager(cacheManager);

        //em.setCacheManagerConfigFile("classpath:ehcache.xml");

        return em;

    }

    @Bean

    public SessionDAO sessionDAO(){

        return new MemorySessionDAO();

    }

    /**

    * shiro session管理

    */

    @Bean

    public DefaultWebSessionManager sessionManager() {

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        sessionManager.setSessionDAO(sessionDAO());

        return sessionManager;

    }

    @Bean

    public SecurityManager securityManager(EhCacheManager ehCacheManager) {

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();

        // 设置realm

        securityManager.setRealm(shiroRealm());

        // 自定义缓存实现

        securityManager.setCacheManager(ehCacheManager);

        // 自定义session管理

        securityManager.setSessionManager(sessionManager());

        return securityManager;

    }

    /**

    * 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证

    * 配置以下两个bean(DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisor)即可实现此功能

    *

    * @return

    */

    @Bean

    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {

        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();

        advisorAutoProxyCreator.setProxyTargetClass(true);

        return advisorAutoProxyCreator;

    }

    /**

    * 开启shiro aop注解支持.

    * 使用代理方式;所以需要开启代码支持;

    *

    * @param securityManager

    * @return

    */

    @Bean

    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {

        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();

        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);

        return authorizationAttributeSourceAdvisor;

    }

}

注意:

@Bean

public EhCacheManager ehCacheManager(CacheManager cacheManager) {

    EhCacheManager em = new EhCacheManager();

    //将ehcacheManager转换成shiro包装后的ehcacheManager对象

    em.setCacheManager(cacheManager);

    //em.setCacheManagerConfigFile("classpath:ehcache.xml");

    return em;

}

如上是配置Shiro的缓存管理器org.apache.shiro.cache.ehcach.EhCacheManager,上面方法的参数是把Spring容器中的cacheManager对象注入到EhCacheManager中,这样就实现了Shiro和缓存注解使用同一种缓存方式。

三:代码示例

Gitee:https://gitee.com/xieke90/common-admin/tree/SpringBoot2.X_EhCache

相关推荐