Shiro Integration with spring

The Shiro application requires an application with a singleton SecurityManager instance. Please note that
This will not be a static singleton, but there should be only one instance that the application can use, whether it is
No is static single case.

To enable the simplest configuration of the application singleton SecurityManager in the Spring application:

<bean class= "Org.springframework.beans.factory.config.MethodInvokingFactoryBean" ><property name= " Staticmethod "value=" Org.apache.shiro.SecurityUtils.setSecurityManager "/><property name=" arguments "ref=" SecurityManager "/></bean><!--Security Manager--  

Note: The security Manager uses Defaultwebsecuritymanager for the Web environment.

In Web. xml:

<!--Delegatingfilterproxy automatically looks for the bean named Shirofilter in the spring container and gives the filter request to it for processing--><filter>      < filter-name>shirofilter</filter-name>      <filter-class>   Org.springframework.web.filter.DelegatingFilterProxy      </filter-class>   <init-param>< Param-name>targetfilterlifecycle</param-name><param-value>true</param-value>   </ init-param></filter>      <filter-mapping>    <filter-name>shirofilter</filter-name >    <url-pattern>/*    <url-pattern>     

Note: Delegatingfilterproxy automatically looks for the bean named Shirofilter in the spring container and gives the filter request to it for processing.

In spring's Applicationcontext.xml file, define the Web-supported SecurityManager
And the ' shirofilter ' bean will be referenced by the Web. XML:

<!--shiro Web filter; Shirofilter: Use Shirofilterfactorybean here to create a shirofilter filter; The filters attribute is used to define its own filter, which is in the INI configuration [ Filters] Part; Filterchaindefinitions is used to declare the relationship between the URL and filter, which is the [URLs] section in the INI configuration. --<bean id= "Shirofilter" class= "Org.apache.shiro.spring.web.ShiroFilterFactoryBean" ><property name= " SecurityManager "ref=" SecurityManager "/><!--The following optional configurations, please configure--><property name=" loginurl "value=" according to the actual project needs /login.jsp "/><property name=" Unauthorizedurl "value="/unauthorized.jsp "/><!--filters properties are also optional, Used to declare some filter that can be used in filterchaindefinitions. If you declare that the filter name is Shiro default, then the default filter--><property name= "Filters" ><util:map><!--will be overwritten. For example: This filter is Shiro inside, then the custom filter will override the default--><entry key= "authc" value-ref= "Formauthenticationfilter"/> <!--For example: This filter is the new filter--><entry key= "Jcaptchavalidate" value-ref= "Jcaptchavalidatefilter"/>< /util:map></property><property name= "Filterchaindefinitions" ><value><!--here to configure URLs, to a different URLConfiguration needs to pass the filter-->/jcaptcha* = Anon/logout = Logout/login = jcaptchavalidate,authc</value></property> </bean>

Note:shirofilter: Use Shirofilterfactorybean to create shirofilter filters here; The filters attribute is used to define its own filter, which is the [filters] section in the INI configuration The filterchaindefinitions is used to declare the relationship between the URL and filter, which is the [URLs] section in the INI configuration.

<!-- Replace the default form validation filter--><bean id= "Formauthenticationfilter" class= "Cn.javass.CustomFormAuthenticationFilter" > ... </bean><!--then Securitymanger, Realms et--><bean id= "SecurityManager" class= " Org.apache.shiro.mgt.DefaultSecurityManager "><property name=" Realm "ref=" Myrealm "/></bean>< Bean id= "Myrealm" class= "Org.apache.shiro.realm.text.IniRealm" ><property name= "ResourcePath" value= "d:/wp/ Src/testshiro.ini "></property></bean><bean class="      Org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator "depends-on=" Lifecyclebeanpo Stprocessor "><property name=" Proxytargetclass "value=" true "/></bean><bean class=" Org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor "><property name=" SecurityManager "ref=" SecurityManager "/></BEAN> 

Note:formauthenticationfilter is a form-based authentication filter; Here you can add your own filter bean definition

<!--opening annotations--><bean class= "Org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on= "Lifecyclebeanpostprocessor" ><property name= "Proxytargetclass" value= "true"/></bean> <bean class= "Org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor" >< Property Name= "SecurityManager" ref= "SecurityManager"/></bean>

Summary: Shiro and Spring integration, spring management Shiro of each management class and filter, container management, application more convenient.

Shiro Integration with spring