简单demo的github地址
登录
表单验证
1
2
3
4
5
6<bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
<property name="usernameParam" value="username"/>
<property name="passwordParam" value="password"/>
<property name="loginUrl" value="/login"/>
<property name="successUrl" value="/success"/>
</bean>- loginUrl:登录url
- successUrl:登录成功后跳转到的url
拦截器链配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login"/>
<property name="filters">
<util:map>
<entry key="sysUser" value-ref="sysUserFilter"/>
<entry key="authc" value-ref="formAuthenticationFilter"/>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/login = authc
/** = user,sysUser
</value>
</property>
</bean>配置authc用formAuthenticationFilter来做
登出
使用shiro自带的LogoutFilter
1
2
3<bean id="logout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
<property name="redirectUrl" value="/login" />
</bean>拦截器链配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login"/>
<property name="filters">
<util:map>
<entry key="sysUser" value-ref="sysUserFilter"/>
<entry key="authc" value-ref="formAuthenticationFilter"/>
<entry key="logout" value-ref="logout"/>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/login = authc
/logout = logout
/** = user,sysUser
</value>
</property>
</bean>
授权
controller中根据需要使用@RequiresPermissions(“…”)或@RequiresRoles(“…”)