springboot2.0 shiro整合使用redis缓存

最近自己搭建了个springboot2.x整合shiro框架使用Redis缓存的环境，以后可能会用得上，特意保存记录下来。

首先是必要的一些依赖

 4.0.0org.springframework.bootspring-boot-starter-parent2.1.4.RELEASE comzjcloud0.0.1-SNAPSHOTwarzjcloudDemo project for Spring Boot1.8org.springframework.bootspring-boot-starter-data-redisorg.springframework.bootspring-boot-starter-weborg.mybatis.spring.bootmybatis-spring-boot-starter2.0.1com.github.pagehelperpagehelper-spring-boot-starter1.2.7com.alibabadruid-spring-boot-starter1.1.13com.alibabafastjson1.2.57mysqlmysql-connector-javaruntimeorg.springframework.bootspring-boot-starter-tomcatprovidedorg.springframework.bootspring-boot-starter-data-redisorg.crazycakeshiro-redis-spring-boot-starter3.2.1org.apache.shiroshiro-spring-boot-web-starter1.4.0-RC2org.springframework.bootspring-boot-starter-testtestcom.alibabafastjson1.2.47org.springframework.bootspring-boot-maven-plugin
 

然后是ShiroConfig配置类，里面的配置很重要。

package com.zjcloud.util.shiro;import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
 import org.apache.shiro.mgt.SessionsSecurityManager;
 import org.apache.shiro.session.mgt.SessionManager;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
 import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
 import org.crazycake.shiro.RedisCacheManager;
 import org.crazycake.shiro.RedisManager;
 import org.crazycake.shiro.RedisSessionDAO;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;import java.util.LinkedHashMap;
 import java.util.Map;@Configuration
 public class ShiroConfig {//不需要在此处配置权限页面,因为上面的ShiroFilterFactoryBean已经配置过,但是此处必须存在,因为shiro-spring-boot-web-starter或查找此Bean,没有会报错@Beanpublic ShiroFilterChainDefinition shiroFilterChainDefinition() {return new DefaultShiroFilterChainDefinition();}/*** 配置shiroFilter过滤器** @return*/@Beanpublic ShiroFilterFactoryBean shiroFilterFactoryBean() {ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();//设置安全管理器shiroFilterFactoryBean.setSecurityManager(securityManager());//权限配置Map filterChainDefinitionMap = new LinkedHashMap<>();shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);return shiroFilterFactoryBean;}/*** 配置securityManager 安全管理器** @return*/@Beanpublic SessionsSecurityManager securityManager() {DefaultWebSecurityManager webSecurityManager = new DefaultWebSecurityManager();//配置认证器webSecurityManager.setRealm(userRealm());webSecurityManager.setSessionManager(sessionManager());webSecurityManager.setCacheManager(redisCacheManager());return webSecurityManager;}/*** 配置自定义认证器** @return*/@Beanpublic UserRealm userRealm() {UserRealm userRealm = new UserRealm();userRealm.setCredentialsMatcher(hashedCredentialsMatcher());return userRealm;}/*** 配置加密方式** @return*/@Beanpublic HashedCredentialsMatcher hashedCredentialsMatcher() {//盐HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();//配置散列算法，，使用MD5加密算法hashedCredentialsMatcher.setHashAlgorithmName("md5");//设置散列次数hashedCredentialsMatcher.setHashIterations(1024);return hashedCredentialsMatcher;}/*** Session Manager* 使用的是shiro-redis开源插件*/@Beanpublic SessionManager sessionManager() {DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();sessionManager.setSessionDAO(redisSessionDAO());return sessionManager;}/*** cacheManager 缓存 redis实现* 使用的是shiro-redis开源插件** @return*/@Beanpublic RedisCacheManager redisCacheManager() {RedisCacheManager redisCacheManager = new RedisCacheManager();redisCacheManager.setRedisManager(redisManager());redisCacheManager.setExpire(5000);//指定存入Redis的主键redisCacheManager.setPrincipalIdFieldName("id");return redisCacheManager;}/*** 配置shiro redisManager* 使用的是shiro-redis开源插件**/@Beanpublic RedisManager redisManager() {RedisManager redisManager = new RedisManager();return redisManager;}/*** RedisSessionDAO shiro sessionDao层的实现 通过redis* 使用的是shiro-redis开源插件*/@Beanpublic RedisSessionDAO redisSessionDAO() {RedisSessionDAO redisSessionDAO = new RedisSessionDAO();redisSessionDAO.setRedisManager(redisManager());redisSessionDAO.setExpire(2000);return redisSessionDAO;}}

自定义Realm，这个不通用啊，别复制。

package com.zjcloud.util.shiro;import com.zjcloud.custsystem.mapper.ZjEmpAccountMapper;
 import com.zjcloud.custsystem.mapper.ZjEmpMenubarMapper;
 import com.zjcloud.custsystem.mapper.ZjEmpRoleMapper;
 import com.zjcloud.custsystem.pojo.ZjEmpAccount;
 import com.zjcloud.custsystem.pojo.ZjEmpAccountExample;
 import com.zjcloud.custsystem.pojo.ZjEmpMenubar;
 import com.zjcloud.custsystem.pojo.ZjEmpRole;
 import org.apache.shiro.authc.*;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.util.ByteSource;
 import org.springframework.beans.factory.annotation.Autowired;import java.util.List;public class UserRealm extends AuthorizingRealm {/*** 授权** @param principalCollection* @return*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection){SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();principalCollection.getPrimaryPrincipal();//添加角色//添加权限}return info;}/*** 认证** @param authenticationToken* @return* @throws AuthenticationException*/@Overrideprotected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;//获取用户名String username = token.getUsername();//查询实体类//获取密码//加盐SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(实体类,密码,盐,this.getName());return info;}
 }

只是当做保存，以后方便查看，所以就只是把一些核心代码贴出来就行了。

还有个加密密码的，也贴出来

String hex = new SimpleHash("MD5", "123", "abc", 1024).toHex();