SpringBoot2.0 整合 Shiro 框架，实现用户权限管理

README.md

@@ -27,9 +27,12 @@
 <a href="https://mp.weixin.qq.com/s?__biz=MzU4Njg0MzYwNw==&mid=2247483909&idx=1&sn=e7a63b160abfd623222a2eb089c3bbce&chksm=fdf456bdca83dfab1feea56ba01a956eee764fd84ae6a198b805458adbb94e5abe5488704186&token=838095302&lang=zh_CN#rd">
 09、SpringBoot2.0 整合 JWT 框架,解决Token跨域验证问题</a><br/>
 
-<a href="">
+<a href="https://mp.weixin.qq.com/s?__biz=MzU4Njg0MzYwNw==&mid=2247483918&idx=1&sn=189b6f4360c46ca816de85a3205a9fb3&chksm=fdf456b6ca83dfa0f5b0f9c441a8ece1b158792a03e3483ddc702576e9e77f963690c0716e9f&token=1681245262&lang=zh_CN#rd">
 10、SpringBoot2.0 整合 FastDFS 中间件，实现文件分布管理</a><br/>
 
+<a href="">
+11、SpringBoot2.0 整合 Shiro 框架，实现用户权限管理</a><br/>
+
 持续更新中...
 
 ## 项目简介

pom.xml

@@ -37,6 +37,8 @@
         <module>ware-jwt-token</module>
         <!-- FastDFS文件管理 -->
         <module>ware-fast-dfs</module>
+        <!-- Shiro 权限管理 -->
+        <module>ware-shiro-auth</module>
     </modules>
 
     <!-- 依赖版本管理 -->

ware-shiro-auth/pom.xml

@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starters</artifactId>
+        <version>2.1.3.RELEASE</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.shiro.auth</groupId>
+    <artifactId>ware-shiro-auth</artifactId>
+    <packaging>jar</packaging>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-aop</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+        </dependency>
+        <!-- shiro 依赖 -->
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>1.4.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-spring</artifactId>
+            <version>1.4.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.mybatis.spring.boot</groupId>
+            <artifactId>mybatis-spring-boot-starter</artifactId>
+            <version>1.3.2</version>
+        </dependency>
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus</artifactId>
+            <version>2.1.9</version>
+        </dependency>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <version>5.1.38</version>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>druid-spring-boot-starter</artifactId>
+            <version>1.1.13</version>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>druid</artifactId>
+            <version>1.1.10</version>
+        </dependency>
+    </dependencies>
+    <!-- 项目构建 -->
+    <build>
+        <finalName>${project.artifactId}</finalName>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>true</filtering>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>2.3.2</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>

ware-shiro-auth/src/main/java/com/boot/shiro/ShiroApplication.java

@@ -0,0 +1,11 @@
+package com.boot.shiro;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class ShiroApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(ShiroApplication.class,args) ;
+    }
+}

ware-shiro-auth/src/main/java/com/boot/shiro/config/DruidConfig.java

@@ -0,0 +1,136 @@
+package com.boot.shiro.config;
+
+import com.alibaba.druid.pool.DruidDataSource;
+import com.alibaba.druid.support.http.StatViewServlet;
+import com.alibaba.druid.support.http.WebStatFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.boot.web.servlet.ServletRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import javax.sql.DataSource;
+
+/**
+ * Druid数据库连接池配置文件
+ */
+@Configuration
+public class DruidConfig {
+    private static final Logger logger = LoggerFactory.getLogger(DruidConfig.class);
+
+    @Value("${spring.datasource.druid.url}")
+    private String dbUrl;
+
+    @Value("${spring.datasource.druid.username}")
+    private String username;
+
+    @Value("${spring.datasource.druid.password}")
+    private String password;
+
+    @Value("${spring.datasource.druid.driverClassName}")
+    private String driverClassName;
+
+    @Value("${spring.datasource.druid.initial-size}")
+    private int initialSize;
+
+    @Value("${spring.datasource.druid.max-active}")
+    private int maxActive;
+
+    @Value("${spring.datasource.druid.min-idle}")
+    private int minIdle;
+
+    @Value("${spring.datasource.druid.max-wait}")
+    private int maxWait;
+
+    @Value("${spring.datasource.druid.pool-prepared-statements}")
+    private boolean poolPreparedStatements;
+
+    @Value("${spring.datasource.druid.max-pool-prepared-statement-per-connection-size}")
+    private int maxPoolPreparedStatementPerConnectionSize;
+
+    @Value("${spring.datasource.druid.time-between-eviction-runs-millis}")
+    private int timeBetweenEvictionRunsMillis;
+
+    @Value("${spring.datasource.druid.min-evictable-idle-time-millis}")
+    private int minEvictableIdleTimeMillis;
+
+    @Value("${spring.datasource.druid.max-evictable-idle-time-millis}")
+    private int maxEvictableIdleTimeMillis;
+
+    @Value("${spring.datasource.druid.validation-query}")
+    private String validationQuery;
+
+    @Value("${spring.datasource.druid.test-while-idle}")
+    private boolean testWhileIdle;
+
+    @Value("${spring.datasource.druid.test-on-borrow}")
+    private boolean testOnBorrow;
+
+    @Value("${spring.datasource.druid.test-on-return}")
+    private boolean testOnReturn;
+
+    @Value("${spring.datasource.druid.filters}")
+    private String filters;
+
+    @Value("{spring.datasource.druid.connection-properties}")
+    private String connectionProperties;
+
+    @Bean     //声明其为Bean实例
+    @Primary  //在同样的DataSource中，首先使用被标注的DataSource
+    public DataSource dataSource() {
+        DruidDataSource datasource = new DruidDataSource();
+        datasource.setUrl(dbUrl);
+        datasource.setUsername(username);
+        datasource.setPassword(password);
+        datasource.setDriverClassName(driverClassName);
+        datasource.setInitialSize(initialSize);
+        datasource.setMinIdle(minIdle);
+        datasource.setMaxActive(maxActive);
+        datasource.setMaxWait(maxWait);
+        datasource.setTimeBetweenEvictionRunsMillis(timeBetweenEvictionRunsMillis);
+        datasource.setMinEvictableIdleTimeMillis(minEvictableIdleTimeMillis);
+        datasource.setMaxEvictableIdleTimeMillis(minEvictableIdleTimeMillis);
+        datasource.setValidationQuery(validationQuery);
+        datasource.setTestWhileIdle(testWhileIdle);
+        datasource.setTestOnBorrow(testOnBorrow);
+        datasource.setTestOnReturn(testOnReturn);
+        datasource.setPoolPreparedStatements(poolPreparedStatements);
+        datasource.setMaxPoolPreparedStatementPerConnectionSize(maxPoolPreparedStatementPerConnectionSize);
+        try {
+            datasource.setFilters(filters);
+        } catch (Exception e) {
+            logger.error("druid configuration initialization filter", e);
+        }
+        datasource.setConnectionProperties(connectionProperties);
+        return datasource;
+    }
+    @Bean
+    public ServletRegistrationBean statViewServlet(){
+        ServletRegistrationBean srb =
+                new ServletRegistrationBean(new StatViewServlet(),"/druid/*");
+        // 设置ip白名单
+        // srb.addInitParameter("allow","127.0.0.1");
+        // 设置ip黑名单，优先级高于白名单
+        // srb.addInitParameter("deny","192.168.0.19");
+        //设置控制台管理用户
+        srb.addInitParameter("loginUsername","root");
+        srb.addInitParameter("loginPassword","root");
+        //是否可以重置数据
+        srb.addInitParameter("resetEnable","false");
+        return srb;
+    }
+    @Bean
+    public FilterRegistrationBean statFilter(){
+        //创建过滤器
+        FilterRegistrationBean frb =
+                new FilterRegistrationBean(new WebStatFilter());
+        //设置过滤器过滤路径
+        frb.addUrlPatterns("/*");
+        //忽略过滤的形式
+        frb.addInitParameter("exclusions",
+                "*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*");
+        return frb;
+    }
+}

ware-shiro-auth/src/main/java/com/boot/shiro/config/ShiroConfig.java

@@ -0,0 +1,87 @@
+package com.boot.shiro.config;
+
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.mgt.SessionManager;
+import org.apache.shiro.spring.LifecycleBeanPostProcessor;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+/**
+ * Shiro 配置文件
+ */
+@Configuration
+public class ShiroConfig {
+    /**
+     * Session Manager：会话管理
+     * 即用户登录后就是一次会话，在没有退出之前，它的所有信息都在会话中；
+     * 会话可以是普通JavaSE环境的，也可以是如Web环境的；
+     */
+    @Bean("sessionManager")
+    public SessionManager sessionManager(){
+        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
+        //设置session过期时间
+        sessionManager.setGlobalSessionTimeout(60 * 60 * 1000);
+        sessionManager.setSessionValidationSchedulerEnabled(true);
+        // 去掉shiro登录时url里的JSESSIONID
+        sessionManager.setSessionIdUrlRewritingEnabled(false);
+        return sessionManager;
+    }
+
+    /**
+     * SecurityManager：安全管理器
+     */
+    @Bean("securityManager")
+    public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
+        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
+        securityManager.setSessionManager(sessionManager);
+        securityManager.setRealm(userRealm);
+        return securityManager;
+    }
+    /**
+     * ShiroFilter是整个Shiro的入口点，用于拦截需要安全控制的请求进行处理
+     */
+    @Bean("shiroFilter")
+    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
+        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
+        shiroFilter.setSecurityManager(securityManager);
+        shiroFilter.setLoginUrl("/userLogin");
+        shiroFilter.setUnauthorizedUrl("/");
+        Map<String, String> filterMap = new LinkedHashMap<>();
+        filterMap.put("/userLogin", "anon");
+        shiroFilter.setFilterChainDefinitionMap(filterMap);
+        return shiroFilter;
+    }
+    /**
+     * 管理Shiro中一些bean的生命周期
+     */
+    @Bean("lifecycleBeanPostProcessor")
+    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
+        return new LifecycleBeanPostProcessor();
+    }
+    /**
+     * 扫描上下文，寻找所有的Advistor(通知器）
+     * 将这些Advisor应用到所有符合切入点的Bean中。
+     */
+    @Bean
+    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
+        proxyCreator.setProxyTargetClass(true);
+        return proxyCreator;
+    }
+    /**
+     * 匹配所有加了 Shiro 认证注解的方法
+     */
+    @Bean
+    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
+        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
+        advisor.setSecurityManager(securityManager);
+        return advisor;
+    }
+}

ware-shiro-auth/src/main/java/com/boot/shiro/config/ShiroException.java

@@ -0,0 +1,20 @@
+package com.boot.shiro.config;
+
+import org.apache.shiro.authz.AuthorizationException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+@RestControllerAdvice
+public class ShiroException {
+
+    @ExceptionHandler(AuthorizationException.class)
+    public String authorizationException (){
+        return "抱歉您没有权限访问该内容!";
+    }
+
+    @ExceptionHandler(Exception.class)
+    public String handleException(Exception e){
+        return "系统异常!";
+    }
+
+}