Apache Shiro User Manual (5) Shiro configuration instructions, apacheshiro

Source: Internet
Author: User

Apache Shiro User Manual (5) Shiro configuration instructions, apacheshiro

The configuration of Apache Shiro is mainly divided into four parts:

  • Definition and configuration of objects and Properties
  • URL filter configuration
  • Static User Configuration
  • Static role configuration

Among them, because the user and role are generally dynamic data operated by the background, Shiro configuration generally only contains the first two configurations.

Most components of Apache Shiro are based on POJO, so we can use any configuration mechanism compatible with POJO, such as Java code, Sping XML, YAML, JSON, and INI files. The following uses Spring XML configuration as an example to describe some configuration parameters.

Shiro object Configuration:
It mainly defines and configures the implementation of various Shiro components. The main components have been briefly introduced in the previous article and are not described here.

Xml Code
  1. <Bean id = "securityManager" class = "org. apache. shiro. mgt. DefaultSecurityManager">
  2. <Property name = "cacheManager" ref = "cacheManager"/>
  3. <Property name = "sessionMode" value = "native"/>
  4. <! -- Single realm app. If you have multiple realms, use the 'realms' property instead. -->
  5. <Property name = "realm" ref = "myRealm"/>
  6. <Property name = "sessionManager" ref = "sessionManager"/>
  7. </Bean>



Configuration of Shiro Filter
Shiro mainly manages security through URL filtering. The configuration here is to specify the specific authorization rule definition.

Xml Code
  1. <Bean id = "shiroFilter" class = "org. apache. shiro. spring. web. ShiroFilterFactoryBean">
  2. <Property name = "securityManager" ref = "securityManager"/>
  3. <Property name = "loginUrl" value = "/login. jsp"/>
  4. <Property name = "successUrl" value = "/home. jsp"/>
  5. <Property name = "unauthorizedUrl" value = "/unauthorized. jsp"/> -->
  6. <Property name = "filterChainDefinitions">
  7. <Value>
  8. # Some example chain definitions:
  9. /Admin/** = authc, roles [admin]
  10. /Docs/** = authc, perms [document: read]
  11. /** = Authc
  12. # More URL-to-FilterChain definitions here
  13. </Value>
  14. </Property>
  15. </Bean>


URL filter configuration instructions:
Shiro can implement URL-based authorization Authentication through the configuration file. FilterChain Definition Format:
URL_Ant_Path_Expression = Path_Specific_Filter_Chain
Each URL configuration indicates that application requests matching the URL are verified by the corresponding filter.
For example:
[Urls]
/Index.html = anon
/User/create = anon
/User/** = authc
/Admin/** = authc, roles [administrator]
/Rest/** = authc, rest
/Remoting/rpc/** = authc, perms ["remote: invoke"]

URL expression description
1. the URL directory is set based on HttpServletRequest. getContextPath ().
2. Wildcards can be used for URLs. ** represents any subdirectory.
3. When Shiro verifies the URL, the matching will no longer be performed if the URL matches successfully. Pay attention to the URL sequence in the configuration file, especially when using wildcards.

Filter Chain Definition
1. Multiple filters can be configured for a URL, which are separated by commas (,).
2. When multiple filters are set, they are regarded as pass only when all the filters pass the verification.
3. Some filters can specify parameters, such as perms and roles.

Shiro built-in FilterChain

Filter Name Class
Anon Org. apache. shiro. web. filter. authc. AnonymousFilter
Authc Org. apache. shiro. web. filter. authc. FormAuthenticationFilter
AuthcBasic Org. apache. shiro. web. filter. authc. BasicHttpAuthenticationFilter
Perms Org. apache. shiro. web. filter. authz. PermissionsAuthorizationFilter
Port Org. apache. shiro. web. filter. authz. PortFilter
Rest Org. apache. shiro. web. filter. authz. HttpMethodPermissionFilter
Roles Org. apache. shiro. web. filter. authz. RolesAuthorizationFilter
Ssl Org. apache. shiro. web. filter. authz. SslFilter
User Org. apache. shiro. web. filter. authc. UserFilter

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.