apache-shiro入门(补足六个汉字).docx

简介：?Shiro 是一个 Apache Incubator 项目，旨在简化身份验证和授权。是一个很不错的安全框架。 下面记录一下shiro和Spring整合的过程的一个小示例： Web.xml配置 context-param param-namecontextConfigLocation/param-name param-valueclasspath:applicationContext.xml,classpath:spring-shiro.xml/param-value /context-param !-- apache shiro权限 -- filter filter-nameshiroFilter/filter-name filter-classorg.springframework.web.filter.DelegatingFilterProxy/filter-class init-param param-nametargetFilterLifecycle/param-name param-valuetrue/param-value /init-param /filter filter-mapping filter-nameshiroFilter/filter-name url-pattern*.do/url-pattern /filter-mapping filter-mapping filter-nameshiroFilter/filter-name url-pattern*.jsp/url-pattern /filter-mapping 第一部分是将shiro的配置文件引入到web.xml中，我这里是spring-shiro.xml； 下面的是一个过滤器，过滤.do,.jsp的请求,引入shiro web.xml就配这么多。 spring-shiro.xml配置文件 ?xml version=1.0 encoding=UTF-8? beans xmlns=/schema/beans xmlns:xsi=/2001/XMLSchema-instance xmlns:util=/schema/util xsi:schemaLocation=/schema/beans /schema/beans/spring-beans-3.0.xsd /schema/util /schema/util/spring-util-3.0.xsd descriptionShiro 配置/description bean id=shiroFilter class=org.apache.shiro.spring.web.ShiroFilterFactoryBean property name=securityManager ref=securityManager / property name=loginUrl value=/login.jsp / property name=successUrl value=/login.jsp / property name=unauthorizedUrl value=/error/noperms.jsp / property name=filterChainDefinitions value /login.jsp* = anon /login.do* = anon /index.jsp*= anon /error/noperms.jsp*= anon /*.jsp* = authc /*.do* = authc /value /property /bean bean id=securityManager class=org.apache.shiro.web.mgt.DefaultWebSecurityManager !--设置自定义realm -- property name=realm ref=monitorRealm / /bean bean id=lifecycleBeanPostProcessor class=org.apache.shiro.spring.LifecycleBeanPostProcessor / !--自定义Realm 继承自AuthorizingR