9.springboot2.X整合redis-shiro

1.整合有关redis依赖

  <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.0</version>

        </dependency>
        <!--shiro整合redis缓存,和之前的缓存不同-->
        <dependency>
            <groupId>org.crazycake</groupId>
            <artifactId>shiro-redis</artifactId>
            <version>2.4.2.1-RELEASE</version>
        </dependency>
        <!--springboot2.X没有jedis,你需要一个redis客户端3以下-->
        <dependency>
            <groupId>redis.clients</groupId>
            <artifactId>jedis</artifactId>
            <version>2.9.0</version>
        </dependency>

2.redis缓存简单的配置,像序列化策略啥的都是默认的

/**
 * redis配置
 *
 * */
public class RedisConfig {
    /**
     * redisManager
     *
     * @return
     */
    public RedisManager redisManager() {
        RedisManager redisManager = new RedisManager ( );
        //主鸡地址
        redisManager.setHost ("127.0.0.1");
        //端口
        redisManager.setPort (6379);
        // 配置过期时间
        redisManager.setExpire (1800);
        return redisManager;
    }

    /**
     * cacheManager
     *
     * @return
     */
    public RedisCacheManager cacheManager() {
        RedisCacheManager redisCacheManager = new RedisCacheManager ( );
        redisCacheManager.setRedisManager (redisManager ( ));
        return redisCacheManager;
    }

    /**
     * redisSessionDAO
     */
    public RedisSessionDAO redisSessionDAO() {
        RedisSessionDAO redisSessionDAO = new RedisSessionDAO ( );
        redisSessionDAO.setRedisManager (redisManager ( ));
        return redisSessionDAO;
    }

    /**
     * sessionManager
     */
    public DefaultWebSessionManager SessionManager() {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager ( );
        sessionManager.setSessionDAO (redisSessionDAO ( ));
        return sessionManager;
    }
}

3.redis缓存配置到你的shiro配置里

 @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定义的Realm交给manager
        manager.setRealm (myRealm ( ));
        // 自定义缓存实现 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定义session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用记住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

你想要缓存必须配置session管理器,redis管理器 ,redisSession
贴上配置代码:

@Configuration

public class RememberMeConfig {

    /**
     * cookie设置
     * */
    public SimpleCookie rememberMeCookie(){
        //这个参数是cookie的名称，对应前端的checkbox的name = rememberMe
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        //cookie生效时间30天,单位秒;
        simpleCookie.setMaxAge(2592000);
        return simpleCookie;
    }

    /**
     * cookie管理对象;记住我功能
     * @return
     */
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        // cookieRememberMeManager.setCipherKey用来设置加密的Key,参数类型byte[],字节数组长度要求16
        // cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag=="));
        cookieRememberMeManager.setCipherKey("ZHANGXIAOHEI_CAT".getBytes());
        return cookieRememberMeManager;
    }







}

/*授权和认证逻*/
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    UserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println ("执行授权逻辑");

        SimpleAuthorizationInfo simpleInfo = new SimpleAuthorizationInfo ( );
        //获取登录用户名
        String name = (String) principalCollection.getPrimaryPrincipal ( );
        //之后在数据库查询他是什么角色 什么权限一一添加他们
        List<String> listRoles = userService.listRoles (name);
        // simpleInfo.addRoles (listRoles);直接添加多个角色或者forench添加
        for (String role : listRoles) {
            simpleInfo.addRole (role);
        }
        //添加角色下的权限 比如crud
        List<String> listPermissions = userService.listPermissions (name);
        System.out.println (listPermissions.size ( ));
        simpleInfo.addStringPermissions (listPermissions);
        //设置好权限返回
        return simpleInfo;
    }

       @Override
    protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        ;
        //加这一步的目的是在Post请求的时候会先进认证，然后在到请求
        if (null == authenticationToken.getPrincipal ( )) {
            return null;
        }
        System.out.println ("执行认证逻辑" + getName ( ));

        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //获取用户登陆的名
        String name = token.getUsername ( );
        //查出的密码和盐封装成User
        User user = userService.getPwdByName (name);

        if (null == user) {
            //用户名不存在
            return null;//抛出一个空的对象 抛出异常UnknowAccountException
        }
        //密码
        String pwd = user.getPassword ( );
        //盐
        String salt = user.getSalt ( );
        //真盐=name+salt
        salt = name + salt;

        //这里验证authenticationToken和simpleAuthenticationInfo的信息
        return new SimpleAuthenticationInfo (name, pwd, ByteSource.Util.bytes (salt), getName ( ));
    }
}

你的这些配置也可以配到shiroConfig 方法里

/*常用的过滤器
* anon:无认证
* authc:必须认证 登陆即可
* user: 使用记住我可以直接访问
* perms: 必须有资源权限 比如crud
* roles: 必须有角色权限
* */
@Configuration
public class ShiroConfig {
    /**
     * 创建自定义配置的Realm
     */
    @Bean
    CustomRealm myRealm() {
        CustomRealm customRealm = new CustomRealm ( );
        //注入加密算法
        customRealm.setCredentialsMatcher (hashedCredentialsMatcher ());
        return customRealm;
    }

    /**
     * 创建DefaultWebSecurityManager管理器,使它管理自定义的Realm
     */
    @Bean
    DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager ( );
        //自定义的Realm交给manager
        manager.setRealm (myRealm ( ));
        // 自定义缓存实现 使用redis
         manager.setCacheManager(new RedisConfig ().cacheManager ());
        // 自定义session管理 使用redis
          manager.setSessionManager(new RedisConfig ().SessionManager ());
        // 使用记住我,注入配置
       manager.setRememberMeManager(new RememberMeConfig ().rememberMeManager ());
        return manager;
    }

    /**
     *创建shiroFilterFactoryBean
     * 关联一个securityManager ( )管理器
     */
    @Bean
    ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean ( );
        bean.setSecurityManager (securityManager ( ));
        //登陆页
        bean.setLoginUrl ("/login");
        //登陆成功后界面
        bean.setSuccessUrl ("/index");
        //未授权跳转到
        bean.setUnauthorizedUrl ("/tip");
        Map<String, String> map = new LinkedHashMap<> ( );
        //anon是把限制权限改为无限制
        //map.put ("/index", "anon");
        //authc 登陆后可以访问
       // map.put ("/**", "authc");
        map.put ("/add", "authc");
        //权限必须有addProduct才可以访问
        map.put ("/update","perms[addProduct]");
        //角色是admin 才可以访问超级管理员界面
        map.put ("/admin","roles[admin]");
        bean.setFilterChainDefinitionMap (map);
        return bean;
    }
    /**用于ShiroDialect和thymeleaf标签配合使用*/
    @Bean(name = "shiroDialect")

    public ShiroDialect shiroDialect(){

        return new ShiroDialect ();

    }



    /**
     * 密码加密算法设置
     * @return
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //散列的次数
        hashedCredentialsMatcher.setHashIterations(2);
        return hashedCredentialsMatcher;
    };

}

具体细节就是redis缓存具体的配置还没弄,很多默认的设置,比如序列化后都乱码了而不是json格式的? 解决办法百度把