Notes on shrio integration in spring
The project must contain the shrio package WebContent. WEB-INF.lib.shrio-all-1.2.1.jar in the project web. add <filter> <filter-name> shiroFilter </filter-name> <filter-class> org. springframework. web. filter. delegatingFilterProxy </filter-class> <init-param> <param-name> targetFilterLifecycle </param-name> <param-value> true </param-value> </init- param> </filter> <filter-mapping> <filter-name> shiroFilter </filter-name> <url-pattern>/* </url-pattern> </Filter-mapping> <filter-name> shiroFilter </filter-name> must be associated with the name in the subsequent xml configuration. <url-pattern>/* </url -pattern> All URLs are blocked, there may be problems with url interception settings in later xml configurations. In the config-log.xml configuration file (this configuration file is unique to the current project, equivalent to the regular spring. add a bean, and associate the filter-name <bean id = "shiroFilter" class = "org. apache. shiro. spring. web. shiroFilterFactoryBean "> <property name =" securityManager "ref =" securityManager "/> <property name =" loginUrl "value ="/login. jsp "/> <! -- <Property name = "successUrl" value = "/main"/> --> <property name = "unauthorizedUrl" value = "/login. jsp "/> <property name =" filterChainDefinitions "> <value>/login = anon/logout = logout/view/** = anon/UI/** = anon/user/ login = anon <! --/Login = anon (commented out here) /logout = logout/images/** = anon/scripts/** = anon/frames/** = anon/Flex /**/** = anon/Flex/apps/qxgt/** = anon/Flex /**/**/**/** = anon/Flex/widgets/DKAnalysis/DKAnalysisWidget.swf = anon /*. swf = anon /*. xml = anon/logout = logout/login = anon/** = anon) /view/** = user --> </value> </Property> </bean> continue 3. Add the custom bean-defined realm. The class that follows is a self-compiled class, where there is a dao layer instance to be injected. <! -- Custom Realm inherits from AuthorizingRealm --> <bean id = "myDaoRealm" class = "cn. stargis. estar. basic. log. realm. myrealm "> <property name =" logindao "ref =" logtestdao "> </property> </bean> use a custom realm to create a securityManager <bean id =" securityManager "class = "org. apache. shiro. web. mgt. defaultWebSecurityManager "> <! -- Set custom realm --> <property name = "realm" ref = "myDaoRealm"/> </bean> to continue 4. Adding a bean is equivalent to generating the securityManager factory, if it works properly, you can directly obtain the subject in the code and then perform login. factory is required before integrating with spring. xx <! -- SecurityManager --> <bean class = "org. springframework. beans. factory. config. methodInvokingFactoryBean "> <property name =" staticMethod "value =" org. apache. shiro. securityUtils. setSecurityManager "/> <property name =" arguments "ref =" securityManager "/> </bean> at this point, the content to be configured has been completed.