項目中需要包含shrio包
WebContent.WEB-INF.lib.shrio-all-1.2.1.jar
在項目的web.xml文件中加入
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>其中 <filter-name>shiroFilter</filter-name>需要與之後的xml配置中的名字相關聯
<url-pattern>/*</url-pattern>將會攔截所有url,這裏可能會由於之後xml配置中的url攔截設置出問題。、
在config-log.xml配置文件中(此配置文件是當前項目特有的,相當於spring對應的正規.xml配置文件)添加
首先創建一個bean,名字關聯2中的filter-name
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/login.jsp" />
<!-- <property name="successUrl" value="/main" /> -->
<property name="unauthorizedUrl" value="/login.jsp" />
<property name="filterChainDefinitions">
<value>
/login = anon
/logout = logout
/view/** = anon
/UI/** = anon
/user/login = anon<!-- /login = anon (這裏開始被註釋掉)
/logout = logout
/images/** = anon
/scripts/** = anon
/frames/** = anon
/Flex/** = anon
/Flex/**/** = anon
/Flex/apps/qxgt/** = anon
/Flex/**/**/** = anon
/Flex/**/**/**/** = anon
/Flex/widgets/DKAnalysis/DKAnalysisWidget.swf = anon
/*.swf = anon
/*.xml = anon
/logout = logout
/login = anon
/** = anon (如果此行不被註釋掉,將引起問題,與2中攔截所有url有關聯)
/view/** = user
/** = user
-->
</value>
</property>
</bean>繼續3,繼續添加bean
定義自定義的realm,後面的class是自己編寫的類,其中有需要注入的dao層實例
<!--自定義Realm 繼承自AuthorizingRealm -->
<bean id="myDaoRealm" class="cn.stargis.estar.basic.log.realm.myrealm">
<property name="logindao" ref="logtestdao"></property>
</bean>利用自定義的realm製作securityManager
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!--設置自定義realm -->
<property name="realm" ref="myDaoRealm" />
</bean>繼續4,繼續添加bean
此處相當於securityManager的factory的生成,此處如果正常工作,在代碼中就可直接得到subject然後進行login,集成spring之前需要factory.xx
<!-- securityManager -->
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager" />
<property name="arguments" ref="securityManager" />
</bean>
至此,需要配置的內容已經完畢