我正在尝试使用shiro如何仅为管理员创建登录的教程。在做shiro配置的时候我堆积了。我只有两个页面:管理员页面和管理员的主要登录页面。
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:web="http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>LoginTutorial</display-name>
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.iniShiroFilter</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
[main]
realm =
securityManager.realm = $realm
authc.loginUrl = /loginpage.jsp
[user]
Admin = password,ROLE_ADMIN
[roles]
ROLE_ADMIN = *
[url]
<!--/account/** =authc-->
/adminpage = roles[ROLE_ADMIN]
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
...
</web-app>
答案 0 :(得分:4)
您使用的是Spring框架吗? 通常,您应该在Web.xml中定义Shiro过滤器并在applicationContext.xml中初始化Shiro组件(作为bean)。
您可以执行以下操作:
<强> Web.xml中强>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:web="http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>LoginTutorial</display-name>
<!-- Shiro filter-->
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
...
<强>的applicationContext.xml 强>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:couchdb="http://www.ektorp.org/schema/couchdb"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.ektorp.org/schema/couchdb
http://www.ektorp.org/schema/couchdb/couchdb.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
<!-- Scans within the base package of the application for @Components to configure as beans -->
<!-- Apache Shiro customized classes are defined in the package com.6.0.shiro -->
<context:component-scan base-package="com.6.0.shiro" />
...
<!-- Shiro filter -->
<bean id="ShiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="filters">
<util:map>
<entry key="myAuthcBasic">
<bean class="org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter"/>
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/safe/** = myAuthcBasic
</value>
</property>
</bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- Single realm app. If you have multiple realms, use the 'realms' property instead. -->
<property name="realm" ref="StaticRealm"/>
<property name="cacheManager" ref="cacheManager"/>
<!-- By default the servlet container sessions will be used. Uncomment this line
to use shiro's native sessions (see the JavaDoc for more): -->
<!-- <property name="sessionMode" value="native"/> -->
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager">
<!--property name="cacheManager" ref="ehCacheManager" /-->
</bean>
<!-- Define the Shiro Realm implementation you want to use to connect to your back-end -->
<!-- StaticRealm: -->
<bean id="StaticRealm" class="com.6.0.shiro.StaticRealm">
<property name="credentialsMatcher" ref="credMatcher">
</property>
</bean>
<bean id="credMatcher" class="com.example.shiro.ReverseCredentialsMatcher"/>
...