Apache Shiro Learning----configuration (integrated with SPRINGMVC)

Configuration in the 1.web.xml file

<!--give the Shiro configuration file to the spring listener for initialization   -

    <context-param>        <param-name>contextConfigLocation</param-name>        <param-value> Classpath:spring.xml,classpath:spring-shiro-web.xml</param-value>    </context-param>

  <!--Shiro Configuration Start- ->   <!-- shiro  Filter name is Shirofilter, then in the Shiro configuration file to have a name of Shirofilter Bean-->       

    <filter>        <filter-name>shiroFilter</filter-name>        <filter-class> Org.springframework.web.filter.delegatingfilterproxy</filter-class>        <async-supported>true</ async-supported>        <init-param>            <param-name>targetFilterLifecycle</param-name>            <param-value>true</param-value>        </init-param>    </filter>    < filter-mapping>        <filter-name>shiroFilter</filter-name>        <url-pattern>/*</ url-pattern>    </filter-mapping>    <!--Shiro Configuration end --

Because the project is managed by spring, all configurations are, in principle, given to spring. Delegatingfilterproxy's function is to notify spring to give all the filter to Shirofilter management.

2. Configure the Spring-shiro-web.xml file under the Classpath path

<beans xmlns= "Http://www.springframework.org/schema/beans"Xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance" xmlns:p= "http://www.springframework.org/schema/p"Xmlns:context= "Http://www.springframework.org/schema/context"Xmlns:mvc= "Http://www.springframework.org/schema/mvc"xsi:schemalocation= "Http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsdhttp//Www.springframework.org/schema/contexthttp//www.springframework.org/schema/context/spring-context-3.1.xsdhttp//Www.springframework.org/schema/mvchttp//www.springframework.org/schema/mvc/spring-mvc-4.0.xsd "><!--cache Manager uses Ehcache to <bean id= "CacheManager"class= "Org.apache.shiro.cache.ehcache.EhCacheManager" > <property name= "cachemanagerconfigfile" value= "classpath: Ehcache.xml "/> </bean> <!--voucher match--<bean id=" Credentialsmatcher "class= "Utils." Retrylimithashedcredentialsmatcher "> <constructor-arg ref=" CacheManager "/> <property name=" Hash Algorithmname "value=" MD5 "/> <property name=" hashiterations "value=" 2 "/> <property name=" store Dcredentialshexencoded "value=" true "/> </bean> <!--Realms and <bean id=" Userrealm "class= "Utils." Userrealm "> <property name=" credentialsmatcher "ref=" Credentialsmatcher "/> </bean><!--security Manager --<bean id= "SecurityManager"class= "Org.apache.shiro.web.mgt.DefaultWebSecurityManager" > <property name= "Realm" ref= "Userrealm"/> </b Ean> <!--Shiro Web Filter--<bean id= "Shirofilter"class= "Org.apache.shiro.spring.web.ShiroFilterFactoryBean" > <property name= "SecurityManager" ref= " SecurityManager "/> <property name=" loginurl "value="/"/> <property name=" Unauthorizedurl "Valu E= "/"/> <property name= "filterchaindefinitions" > <value>/authc/admin =Roles[admin]/authc/** = authc/** = anon </value> </property> </bean>< ; Bean id= "Lifecyclebeanpostprocessor" class= "Org.apache.shiro.spring.LifecycleBeanPostProcessor"/> </beans>     

It is important to note that the configuration of the path in the Filterchaindefinitions filter is sequential, and the container will not continue looking after the matching entry is found. Therefore, the path with the wildcard character is placed behind.

3.Shiro Built-in filter description ( Shiro Filter Execution order: From top to bottom, from left to right. )

It is usually divided into three groups:

1)-------Authc,anon,authcbasic,logout,user related to authentication

Note that user and authc are different: When the app turns on RememberMe, users can be a subscriber the next time they visit, but it will never be authc, because AUTHC needs to be re-certified

2) Licensing-related----PERMS,PORT,REST,ROLES,SSL

3) Other---nosessioncreation

Apache Shiro Learning----configuration (integrated with SPRINGMVC)