9.springboot2.X整合redis-shiro

1.整合有關redis依賴

  <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.0</version>

        </dependency>
        <!--shiro整合redis緩存,和之前的緩存不同-->
        <dependency>
            <groupId>org.crazycake</groupId>
            <artifactId>shiro-redis</artifactId>
            <version>2.4.2.1-RELEASE</version>
        </dependency>
        <!--springboot2.X沒有jedis,你需要一個redis客戶端3以下-->
        <dependency>
            <groupId>redis.clients</groupId>
            <artifactId>jedis</artifactId>
            <version>2.9.0</version>
        </dependency>

2.redis緩存簡單的配置,像序列化策略啥的都是默認的

/**
 * redis配置
 *
 * */
public class RedisConfig {
    /**
     * redisManager
     *
     * @return
     */
    public RedisManager redisManager() {
        RedisManager redisManager = new RedisManager ( );
        //主雞地址
        redisManager.setHost ("127.0.0.1");
        //端口
        redisManager.setPort (6379);
        // 配置過期時間
        redisManager.setExpire (1800);
        return redisManager;
    }

    /**
     * cacheManager
     *
     * @return
     */
    public RedisCacheManager cacheManager() {
        RedisCacheManager redisCacheManager = new RedisCacheManager ( );
        redisCacheManager.setRedisManager (redisManager ( ));
        return redisCacheManager;
    }

    /**
     * redisSessionDAO
     */
    public RedisSessionDAO redisSessionDAO() {
        RedisSessionDAO redisSessionDAO = new RedisSessionDAO ( );
        redisSessionDAO.setRedisManager (redisManager ( ));
        return redisSessionDAO;
    }

    /**
     * sessionManager
     */
    public DefaultWebSessionManager SessionManager() {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager ( );
        sessionManager.setSessionDAO (redisSessionDAO ( ));
        return sessionManager;
    }
}

3.redis緩存配置到你的shiro配置裏

 @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定義的Realm交給manager
        manager.setRealm (myRealm ( ));
        // 自定義緩存實現 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定義session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用記住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

你想要緩存必須配置session管理器,redis管理器 ,redisSession
貼上配置代碼:

@Configuration

public class RememberMeConfig {

    /**
     * cookie設置
     * */
    public SimpleCookie rememberMeCookie(){
        //這個參數是cookie的名稱，對應前端的checkbox的name = rememberMe
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        //cookie生效時間30天,單位秒;
        simpleCookie.setMaxAge(2592000);
        return simpleCookie;
    }

    /**
     * cookie管理對象;記住我功能
     * @return
     */
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        // cookieRememberMeManager.setCipherKey用來設置加密的Key,參數類型byte[],字節數組長度要求16
        // cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag=="));
        cookieRememberMeManager.setCipherKey("ZHANGXIAOHEI_CAT".getBytes());
        return cookieRememberMeManager;
    }







}

/*授權和認證邏*/
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    UserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println ("執行授權邏輯");

        SimpleAuthorizationInfo simpleInfo = new SimpleAuthorizationInfo ( );
        //獲取登錄用戶名
        String name = (String) principalCollection.getPrimaryPrincipal ( );
        //之後在數據庫查詢他是什麼角色 什麼權限一一添加他們
        List<String> listRoles = userService.listRoles (name);
        // simpleInfo.addRoles (listRoles);直接添加多個角色或者forench添加
        for (String role : listRoles) {
            simpleInfo.addRole (role);
        }
        //添加角色下的權限 比如crud
        List<String> listPermissions = userService.listPermissions (name);
        System.out.println (listPermissions.size ( ));
        simpleInfo.addStringPermissions (listPermissions);
        //設置好權限返回
        return simpleInfo;
    }

       @Override
    protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        ;
        //加這一步的目的是在Post請求的時候會先進認證，然後在到請求
        if (null == authenticationToken.getPrincipal ( )) {
            return null;
        }
        System.out.println ("執行認證邏輯" + getName ( ));

        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //獲取用戶登陸的名
        String name = token.getUsername ( );
        //查出的密碼和鹽封裝成User
        User user = userService.getPwdByName (name);

        if (null == user) {
            //用戶名不存在
            return null;//拋出一個空的對象 拋出異常UnknowAccountException
        }
        //密碼
        String pwd = user.getPassword ( );
        //鹽
        String salt = user.getSalt ( );
        //真鹽=name+salt
        salt = name + salt;

        //這裏驗證authenticationToken和simpleAuthenticationInfo的信息
        return new SimpleAuthenticationInfo (name, pwd, ByteSource.Util.bytes (salt), getName ( ));
    }
}

你的這些配置也可以配到shiroConfig 方法裏

/*常用的過濾器
* anon:無認證
* authc:必須認證 登陸即可
* user: 使用記住我可以直接訪問
* perms: 必須有資源權限 比如crud
* roles: 必須有角色權限
* */
@Configuration
public class ShiroConfig {
    /**
     * 創建自定義配置的Realm
     */
    @Bean
    CustomRealm myRealm() {
        CustomRealm customRealm = new CustomRealm ( );
        //注入加密算法
        customRealm.setCredentialsMatcher (hashedCredentialsMatcher ());
        return customRealm;
    }

    /**
     * 創建DefaultWebSecurityManager管理器,使它管理自定義的Realm
     */
    @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定義的Realm交給manager
        manager.setRealm (myRealm ( ));
        // 自定義緩存實現 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定義session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用記住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

    /**
     *創建shiroFilterFactoryBean
     * 關聯一個securityManager ( )管理器
     */
    @Bean
    ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean ( );
        bean.setSecurityManager (securityManager ( ));
        //登陸頁
        bean.setLoginUrl ("/login");
        //登陸成功後界面
        bean.setSuccessUrl ("/index");
        //未授權跳轉到
        bean.setUnauthorizedUrl ("/tip");
        Map<String, String> map = new LinkedHashMap<> ( );
        //anon是把限制權限改爲無限制
        //map.put ("/index", "anon");
        //authc 登陸後可以訪問
       // map.put ("/**", "authc");
        map.put ("/add", "authc");
        //權限必須有addProduct纔可以訪問
        map.put ("/update","perms[addProduct]");
        //角色是admin 纔可以訪問超級管理員界面
        map.put ("/admin","roles[admin]");
        bean.setFilterChainDefinitionMap (map);
        return bean;
    }
    /**用於ShiroDialect和thymeleaf標籤配合使用*/
    @Bean(name = "shiroDialect")

    public ShiroDialect shiroDialect(){

        return new ShiroDialect ();

    }



    /**
     * 密碼加密算法設置
     * @return
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //散列的次數
        hashedCredentialsMatcher.setHashIterations(2);
        return hashedCredentialsMatcher;
    };

}

具體細節就是redis緩存具體的配置還沒弄,很多默認的設置,比如序列化後都亂碼了而不是json格式的? 解決辦法百度把