SpringCloud+ sso+shiro+redis+cookie尝试单点登录shiro权限控制-白红宇

SpringCloud+ sso+shiro+redis+cookie尝试单点登录shiro权限控制

阅读量：4128 次

发布时间：2019-05-25

本文共 7309 字，大约阅读时间需要 24 分钟。

最近在试着学习sso整合shiro , 可是一直解决不了一次性登录，所有服务都可以完成shiro的那种页面标签控制，最近想到了一个笨办法，试着用了下，结果成功了

办法：使用单点登录，每个服务需要进入时跳转到sso完成登录，在zuul反向代理回需要进入的服务，用户数据保留进redis ,cookie保留redis的key , 回到服务里面再进行shiro的认证(每个服务都已经单独部署了shiro) ,当需要授权的时候可以完成授权了，

很麻烦，希望有大佬帮我简化一下，留下你们的思路，以下是实现代码

在这里插入图片描述

每个服务都有个shiro 已经搞定,下面是自定义域

package com.xykj.shiro.realm;import javax.annotation.Resource;import org.apache.shiro.subject.Subject;import com.xykj.service.StuService;import eureka_entity.Stu;import org.apache.shiro.SecurityUtils;/** * 自定义域 */import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationInfo;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.SimpleAuthenticationInfo;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.authz.SimpleAuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.subject.PrincipalCollection;public class MyShiroRealm extends AuthorizingRealm {	@Resource	public StuService peopleServiceM;	/**	 * 执行授权逻辑	 */	@Override	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {		// TODO Auto-generated method stub		System.out.println("授权逻辑");		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();		Subject subject = SecurityUtils.getSubject();		Stu peoples = (Stu)subject.getPrincipal();		Stu peoples2 = new Stu();		try {			 peoples2 = peopleServiceM.selectById(peoples.getStuid());			 System.out.println("++++++++++++++++++++++++++++:"+peoples2.getStuid());		} catch (Exception e) {			// TODO Auto-generated catch block			e.printStackTrace();		}		//添加资源的授权字符串		info.addStringPermission(peoples2.getStupwd()+"");		info.addRole(peoples2.getStupwd()+"");		return info;	}	/**	 * 执行认证逻辑	 */	@Override	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {		// TODO Auto-generated method stub		UsernamePasswordToken token = (UsernamePasswordToken)arg0;		String pwd="";		Stu peoples = new Stu();		System.out.println("认证逻辑：名字"+token.getUsername()+"认证逻辑：密码"+String.valueOf(token.getPassword()));		try {			 peoples = peopleServiceM.selectById(Long.parseLong(token.getUsername()));			 System.out.println("shiro取得的对象："+peoples);		} catch (Exception e) {			// TODO Auto-generated catch block			e.printStackTrace();		}		if(peoples==null){			System.out.println("用户名不存在");			//用户名不存在			return  new SimpleAuthenticationInfo(token,pwd,getName());		}else {			System.out.println(peoples.getStuid()+"密码"+peoples.getStupassword()+"权限"+peoples.getStupwd());			 pwd= peoples.getStupassword()+"";		}		//2.判断密码		return new SimpleAuthenticationInfo(peoples,pwd,getName());	}}

下面是config

package com.consumer.shiro.configuration;        import java.util.LinkedHashMap;    import java.util.Map;    import org.apache.shiro.mgt.SecurityManager;    import org.apache.shiro.spring.web.ShiroFilterFactoryBean;    import org.apache.shiro.web.mgt.DefaultWebSecurityManager;    import org.springframework.beans.factory.annotation.Qualifier;    import org.springframework.context.annotation.Bean;    import org.springframework.context.annotation.Configuration;        import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;    import lombok.extern.log4j.Log4j2;        import com.consumer.shiro.realm.MyShiroRealm;        @Log4j2    @Configuration    public class ShiroConfiguration {    	@Bean    	public ShiroFilterFactoryBean shirFilter(@Qualifier("SecurityManager") SecurityManager securityManager) {    		log.error("============ShiroConfiguration.java进入==============");     		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();    		shiroFilterFactoryBean.setSecurityManager((org.apache.shiro.mgt.SecurityManager) securityManager);    		// 拦截器.    		Map
   
     filterChainDefinitionMap = new LinkedHashMap
    
     ();    		filterChainDefinitionMap.put("/static/**", "anon");    		filterChainDefinitionMap.put("/logout", "logout");    		filterChainDefinitionMap.put("/SpringCloudLogin/list", "authc");    		filterChainDefinitionMap.put("/SpringCloudLogin/list", "perms[1]");    		shiroFilterFactoryBean.setLoginUrl("/SpringCloudLogin/getlogin");    		// 登录成功后要跳转的链接    		shiroFilterFactoryBean.setSuccessUrl("/SpringCloudLogin/list");    		// 未授权界面;    		shiroFilterFactoryBean.setUnauthorizedUrl("/Mygod");    		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);    		return shiroFilterFactoryBean;    	}        	@Bean("SecurityManager")    	public SecurityManager securityManager(@Qualifier("MyShiroRealm") MyShiroRealm myShiroRealm) {    		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();    		securityManager.setRealm(myShiroRealm());    		return securityManager;    	}        	// 自定义域    	@Bean("MyShiroRealm")    	public MyShiroRealm myShiroRealm() {    		MyShiroRealm myShiroRealm = new MyShiroRealm();    		return myShiroRealm;    	}    	}

再来就是sso的controller代码

@Autowiredpublic StuService stuservices;@Resource@Qualifier("redis-cache") // 跟着名字调用到对应的方法public IRedisService
   
     redis;@Value("${server.port}")public String dkh;String cookieCode = UUID.randomUUID().toString();String getloginurl = null;// 登录业务@RequestMapping("/login")public String logout(@RequestParam(required = true) String stuid, @RequestParam(required = true) String stupwd,		HttpServletRequest request, HttpServletResponse response, Model model) throws IOException {	UsernamePasswordToken token = new UsernamePasswordToken(stuid, stupwd);	try {		SecurityUtils.getSubject().login(token);		System.out.println("shiroLogin后" + getloginurl);		redis.put(cookieCode, stuid, 60 * 60);		System.out.println("cookieCode:" + cookieCode);		CookieUtils.setCookie(request, response, "cookieCode", cookieCode, 60 * 60);		System.out.println("cookie值:" + CookieUtils.getCookieValue(request, "cookieCode"));		model.addAttribute("entity", stuid);		if (!StringUtils.isEmpty(getloginurl)) {			System.out.println("进入URI判断");			return "redirect:" + getloginurl;		}		return "list";	} catch (IncorrectCredentialsException ex) {		System.out.println(ex);		model.addAttribute("entity", "登录失败,账号密码错误！！");	}	return "login";}// 跳转登录业务@RequestMapping("/getlogin")public String getlogin(HttpServletRequest request, HttpServletResponse response,		@RequestParam(required = false) String url, Model model) throws IOException {	log.info("传递到的URL：" + url);	getloginurl = url;	String token = CookieUtils.getCookieValue(request, "cookieCode");	log.info("传递到的cookie：" + token);	if (!StringUtils.isEmpty(token)) {		String loginCode = redis.get(token);		if (!StringUtils.isEmpty(loginCode)) {			Stu stu = stuservices.selectById(Long.parseLong(loginCode));			if (stu != null) {				if (!StringUtils.isEmpty(url)) {					model.addAttribute("stu", stu);					log.info("成功获取到stu:" + stu);					return "redirect:" + url;				}				return "list";			}else {				return "Mygod";			}		}	}	Subject subject = SecurityUtils.getSubject();	if (subject != null) {		try {			subject.logout();// 关闭		} catch (Exception ex) {			ex.printStackTrace();		}	}	return "login";}

页面发一下吧，虽然很垃圾哈哈哈

权限测试

欢迎来到我们的测试权限主页！！

售货单管理

宗教情怀与国家情怀——在福建佛学院新学期开学式上的开示

标签https://www.cnblogs.com/qlqwjy/p/7257616.html https://www.cnblogs.com/jifeng/p/4500410.html可以去看看

完成页面

可以实现页面的控制显示隐藏

有术无道，望大佬多批评

你可能感兴趣的文章

欢迎 来到我们的测试权限主页！！

欢迎来到我们的测试权限主页！！