Конфигурация Широ

Я пытаюсь создать учебник о том, как создать логин только для администратора, использующего shiro. Я запутался, выполняя конфигурации широ. У меня есть только две страницы: страница администратора и главная страница входа для администратора.

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns="http://java.sun.com/xml/ns/j2ee"
             xmlns:web="http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
             xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
             version="2.4">
        <display-name>LoginTutorial</display-name>
        <filter>
            <filter-name>shiroFilter</filter-name>
            <filter-class>org.apache.shiro.web.servlet.iniShiroFilter</filter-class>
            <init-param>
                <param-name>config</param-name>
                <param-value>
                    [main]
                    realm = 
                    securityManager.realm = $realm
                    authc.loginUrl = /loginpage.jsp 

                    [user]
                    Admin = password,ROLE_ADMIN

                    [roles]
                    ROLE_ADMIN = *

                    [url]
                    <!--/account/** =authc-->
                    /adminpage = roles[ROLE_ADMIN]
                </param-value>
            </init-param>
        </filter>

        <filter-mapping>
            <filter-name>ShiroFilter</filter-name>
            <url-pattern>/</url-pattern>
        </filter-mapping>
        ...
</web-app>

spring-mvc spring-data-jpa shiro
person Samuel Anertey    schedule 13.07.2013    source источник
comment
Какой у Вас вопрос?   -  person Wand Maker    schedule 13.07.2013
comment
извините .. просто хочу знать, на правильном ли я пути ... как если бы это было правильно   -  person Samuel Anertey    schedule 13.07.2013

Ответы (1)


arrow_upward
4
arrow_downward

Вы используете фреймворк Spring? Обычно вы должны определить фильтр Shiro в Web.xml и инициализировать компоненты Shiro в applicationContext.xml (как bean-компоненты).

Вы можете сделать, например, следующее:

Web.xml

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns="http://java.sun.com/xml/ns/j2ee"
             xmlns:web="http://java.sun.com/xml/ns/j2ee/web-app
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:couchdb="http://www.ektorp.org/schema/couchdb"
       xsi:schemaLocation="
            http://www.springframework.org/schema/beans
            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/context
            http://www.springframework.org/schema/context/spring-context-3.0.xsd
                        http://www.ektorp.org/schema/couchdb
                        http://www.ektorp.org/schema/couchdb/couchdb.xsd
                        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">

  <!-- Scans within the base package of the application for @Components to configure as beans -->
  <!-- Apache Shiro customized classes are defined in the package com.6.0.shiro -->

    <context:component-scan base-package="com.6.0.shiro" />
...

  <!-- Shiro filter -->
    <bean id="ShiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="filters">
            <util:map>
                <entry key="myAuthcBasic">
                    <bean class="org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter"/>
                </entry>
            </util:map>
        </property>
        <property name="filterChainDefinitions">
            <value> 
                  /safe/** = myAuthcBasic
            </value>
        </property>
    </bean>
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <!-- Single realm app.  If you have multiple realms, use the 'realms' property instead. -->
        <property name="realm" ref="StaticRealm"/>
        <property name="cacheManager" ref="cacheManager"/>
        <!-- By default the servlet container sessions will be used.  Uncomment this line
        to use shiro's native sessions (see the JavaDoc for more): -->
        <!-- <property name="sessionMode" value="native"/> -->
    </bean>
    <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager">
    <!--property name="cacheManager" ref="ehCacheManager" /-->
    </bean>
    <!-- Define the Shiro Realm implementation you want to use to connect to your back-end -->
    <!-- StaticRealm: -->
    <bean id="StaticRealm" class="com.6.0.shiro.StaticRealm">
        <property name="credentialsMatcher" ref="credMatcher">
        </property>
    </bean>
    <bean id="credMatcher" class="com.example.shiro.ReverseCredentialsMatcher"/>
    ...

4.xsd"
             xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:couchdb="http://www.ektorp.org/schema/couchdb"
       xsi:schemaLocation="
            http://www.springframework.org/schema/beans
            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/context
            http://www.springframework.org/schema/context/spring-context-3.0.xsd
                        http://www.ektorp.org/schema/couchdb
                        http://www.ektorp.org/schema/couchdb/couchdb.xsd
                        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">

  <!-- Scans within the base package of the application for @Components to configure as beans -->
  <!-- Apache Shiro customized classes are defined in the package com.6.0.shiro -->

    <context:component-scan base-package="com.6.0.shiro" />
...

  <!-- Shiro filter -->
    <bean id="ShiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="filters">
            <util:map>
                <entry key="myAuthcBasic">
                    <bean class="org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter"/>
                </entry>
            </util:map>
        </property>
        <property name="filterChainDefinitions">
            <value> 
                  /safe/** = myAuthcBasic
            </value>
        </property>
    </bean>
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <!-- Single realm app.  If you have multiple realms, use the 'realms' property instead. -->
        <property name="realm" ref="StaticRealm"/>
        <property name="cacheManager" ref="cacheManager"/>
        <!-- By default the servlet container sessions will be used.  Uncomment this line
        to use shiro's native sessions (see the JavaDoc for more): -->
        <!-- <property name="sessionMode" value="native"/> -->
    </bean>
    <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager">
    <!--property name="cacheManager" ref="ehCacheManager" /-->
    </bean>
    <!-- Define the Shiro Realm implementation you want to use to connect to your back-end -->
    <!-- StaticRealm: -->
    <bean id="StaticRealm" class="com.6.0.shiro.StaticRealm">
        <property name="credentialsMatcher" ref="credMatcher">
        </property>
    </bean>
    <bean id="credMatcher" class="com.example.shiro.ReverseCredentialsMatcher"/>
    ...

4.xsd"
             version="2.4">
   <display-name>LoginTutorial</display-name>
<!-- Shiro filter-->
    <filter>
        <filter-name>ShiroFilter</filter-name>

        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
        <init-param>
            <param-name>targetFilterLifecycle</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>ShiroFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
...

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:couchdb="http://www.ektorp.org/schema/couchdb"
       xsi:schemaLocation="
            http://www.springframework.org/schema/beans
            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/context
            http://www.springframework.org/schema/context/spring-context-3.0.xsd
                        http://www.ektorp.org/schema/couchdb
                        http://www.ektorp.org/schema/couchdb/couchdb.xsd
                        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">

  <!-- Scans within the base package of the application for @Components to configure as beans -->
  <!-- Apache Shiro customized classes are defined in the package com.6.0.shiro -->

    <context:component-scan base-package="com.6.0.shiro" />
...

  <!-- Shiro filter -->
    <bean id="ShiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        <property name="filters">
            <util:map>
                <entry key="myAuthcBasic">
                    <bean class="org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter"/>
                </entry>
            </util:map>
        </property>
        <property name="filterChainDefinitions">
            <value> 
                  /safe/** = myAuthcBasic
            </value>
        </property>
    </bean>
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <!-- Single realm app.  If you have multiple realms, use the 'realms' property instead. -->
        <property name="realm" ref="StaticRealm"/>
        <property name="cacheManager" ref="cacheManager"/>
        <!-- By default the servlet container sessions will be used.  Uncomment this line
        to use shiro's native sessions (see the JavaDoc for more): -->
        <!-- <property name="sessionMode" value="native"/> -->
    </bean>
    <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager">
    <!--property name="cacheManager" ref="ehCacheManager" /-->
    </bean>
    <!-- Define the Shiro Realm implementation you want to use to connect to your back-end -->
    <!-- StaticRealm: -->
    <bean id="StaticRealm" class="com.6.0.shiro.StaticRealm">
        <property name="credentialsMatcher" ref="credMatcher">
        </property>
    </bean>
    <bean id="credMatcher" class="com.example.shiro.ReverseCredentialsMatcher"/>
    ...
person borigue    schedule 01.08.2013
comment
привет @bourigue .. спасибо .. но у меня это уже работает .. я сделал то же самое, что и у тебя. - person Samuel Anertey; 01.08.2013
comment
Хорошо Самуэль! Я надеюсь, что это может помочь кому-то еще. Хорошего дня! - person borigue; 01.08.2013
comment
@SamuelAnertey, пожалуйста, примите этот ответ, чтобы закрыть дело, так как это решение вашего вопроса. - person DanielK; 24.02.2016