/** * 安全管理器 */ @Bean public DefaultWebSecurityManager securityManager(CookieRememberMeManager rememberMeManager, CacheManager cacheShiroManager, SessionManager sessionManager) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(this.shiroDbRealm()); securityManager.setCacheManager(cacheShiroManager); securityManager.setRememberMeManager(rememberMeManager); securityManager.setSessionManager(sessionManager); return securityManager; }
protected SessionsSecurityManager createSecurityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setSubjectDAO(subjectDAO()); securityManager.setSubjectFactory(subjectFactory()); securityManager.setRememberMeManager(rememberMeManager()); return securityManager; }
@Bean public SecurityManager securityManager(){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(myShiroRealm()); return securityManager; }
@Bean public DefaultWebSecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(realm()); securityManager.setSessionManager(sessionManager()); return securityManager; }
@Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(AuthRealm authRealm) { DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); defaultWebSecurityManager.setRealm(authRealm); // <!-- 用户授权/认证信息Cache, 采用EhCache 缓存 --> defaultWebSecurityManager.setCacheManager(getEhCacheManager()); return defaultWebSecurityManager; }
@Bean("securityManager") public DefaultWebSecurityManager getManager(MyRealm realm) { DefaultWebSecurityManager manager = new DefaultWebSecurityManager(); // 使用自己的realm manager.setRealm(realm); /* * 关闭shiro自带的session,详情见文档 * http://shiro.apache.org/session-management.html#SessionManagement-StatelessApplications%28Sessionless%29 */ DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator(); defaultSessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator); manager.setSubjectDAO(subjectDAO); return manager; }
@Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); // 设置realm. securityManager.setRealm(myShiroRealm()); //注入缓存管理器 securityManager.setCacheManager(ehCacheManager()); /* * 关闭shiro自带的session,详情见文档 * http://shiro.apache.org/session-management.html#SessionManagement-StatelessApplications%28Sessionless%29 */ DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator(); defaultSessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator); securityManager.setSubjectDAO(subjectDAO); return securityManager; }
@Bean @ConditionalOnWebApplication @ConditionalOnMissingBean public SessionsSecurityManager webSecurityManager(CacheManager cacheManager, SessionManager sessionManager, List<Realm> realms) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realms); securityManager.setSessionManager(sessionManager); securityManager.setCacheManager(cacheManager); return securityManager; } }
@Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //设置authenticator ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); authenticator.setAuthenticationStrategy(new AllSuccessfulStrategy()); securityManager.setAuthenticator(authenticator); //设置realm List<Realm> realms = Lists.newArrayList(myRealm()); securityManager.setRealms(realms); //设置sessionManager MySessionManager sessionManager = new MySessionManager(); sessionManager.setSessionValidationSchedulerEnabled(false); sessionManager.setSessionDAO(myRedisSessionDao()); sessionManager.setSessionIdCookie(new SimpleCookie("shiroCookie")); sessionManager.setSessionIdUrlRewritingEnabled(false); securityManager.setSessionManager(sessionManager); //设置rememberMeManager CookieRememberMeManager rememberMeManager = new CookieRememberMeManager(); SimpleCookie remeberMeCookie = new SimpleCookie("rememberMe"); remeberMeCookie.setMaxAge(86400); remeberMeCookie.setHttpOnly(true); rememberMeManager.setCookie(remeberMeCookie); securityManager.setRememberMeManager(rememberMeManager); //设置缓存,默认缓存用户授权信息,认证信息不缓存 securityManager.setCacheManager(new MemoryConstrainedCacheManager()); return securityManager; }
@Bean public SecurityManager securityManager(RedisCacheManager RedisCacheManager){ DefaultWebSecurityManager manager = new DefaultWebSecurityManager(); manager.setRealm(myRealm()); manager.setCacheManager(RedisCacheManager); /* * 关闭session存储,禁用Session作为存储策略的实现, * 但它没有完全地禁用Session所以需要配合SubjectFactory中的context.setSessionCreationEnabled(false) */ //manager.setSessionManager(sessionManager()); ((DefaultSessionStorageEvaluator) ((DefaultSubjectDAO)manager.getSubjectDAO()) .getSessionStorageEvaluator()).setSessionStorageEnabled(false); manager.setSubjectFactory(new AgileSubjectFactory()); return manager; }
/** * Simply returns <code>new {@link DefaultWebSecurityManager}();</code> to ensure a web-capable * {@code SecurityManager} is available by default. * * @return a new web-capable {@code SecurityManager} instance. */ @Override protected SecurityManager createDefaultInstance() { return new DefaultWebSecurityManager(); }
@Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); myShiroRealm.setCredentialsMatcher(myCredentialsMatcher()); securityManager.setRealm(myShiroRealm); securityManager.setRememberMeManager(rememberMeManager()); return securityManager; }
@Bean public SecurityManager securityManager(@Autowired JWTRealm realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); DefaultSubjectDAO subjectDAO = (DefaultSubjectDAO) securityManager.getSubjectDAO(); DefaultSessionStorageEvaluator evaluator = (DefaultSessionStorageEvaluator) subjectDAO.getSessionStorageEvaluator(); /* * 关闭shiro自带的session * http://shiro.apache.org/session-management.html#SessionManagement-StatelessApplications%28Sessionless%29 */ evaluator.setSessionStorageEnabled(false); securityManager.setSubjectDAO(subjectDAO); securityManager.setRealm(realm); return securityManager; }
@Singleton @Provides WebSecurityManager provideWebSecurityManager( SessionManager sessionManager, RememberMeManager rememberMeManager, Realms realms, Set<AuthenticationListener> authListeners) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realms.getRealms()); // TODO: from here the code is copied from ShiroModule ... error prone... use factory or something ((AbstractAuthenticator) securityManager.getAuthenticator()).setAuthenticationListeners(authListeners); securityManager.setSessionManager(sessionManager); securityManager.setRememberMeManager(rememberMeManager); return securityManager; }
// Create our shiro environment DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); DefaultWebEnvironment environment = new DefaultWebEnvironment(); DefaultWebSessionManager sessionManager = new ShiroSessionManager(); // Use the new session manager securityManager.setSessionManager(sessionManager); environment.setWebSecurityManager(securityManager); SecurityUtils.setSecurityManager(securityManager);
@Bean public SecurityManager securityManager(RealmManager realmManager) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setAuthenticator(new AModularRealmAuthenticator()); securityManager.setRealms(realmManager.initGetRealm()); // 无状态subjectFactory设置 DefaultSessionStorageEvaluator evaluator = (DefaultSessionStorageEvaluator)((DefaultSubjectDAO) securityManager.getSubjectDAO()).getSessionStorageEvaluator(); evaluator.setSessionStorageEnabled(Boolean.FALSE); StatelessWebSubjectFactory subjectFactory = new StatelessWebSubjectFactory(); securityManager.setSubjectFactory(subjectFactory); SecurityUtils.setSecurityManager(securityManager); return securityManager; }
public DefaultWebSecurityManager() { super(); DefaultWebSessionStorageEvaluator webEvalutator = new DefaultWebSessionStorageEvaluator(); ((DefaultSubjectDAO) this.subjectDAO).setSessionStorageEvaluator(webEvalutator); this.sessionMode = HTTP_SESSION_MODE; setSubjectFactory(new DefaultWebSubjectFactory()); setRememberMeManager(new CookieRememberMeManager()); setSessionManager(new ServletContainerSessionManager()); webEvalutator.setSessionManager(getSessionManager()); }
@Bean public SecurityManager securityManager(){ DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager(); //设置realm. // securityManager.setAuthenticator(modularRealmAuthenticator()); securityManager.setAuthenticator(customizedModularRealmAuthenticator()); List<Realm> realms=new ArrayList<>(); realms.add(myShiroRealm()); realms.add(myShiroRealm2()); securityManager.setRealms(realms); return securityManager; }
@SuppressWarnings({"UnusedDeclaration"}) public DefaultWebSecurityManager(Realm singleRealm) { this(); setRealm(singleRealm); }
webSecurityManager.setSessionManager(ioc.get(WebSessionManager.class, "shiroWebSessionManager")); if (realms.size() > 0) modularRealmAuthenticator.setRealms(realms); webSecurityManager.setAuthenticator(modularRealmAuthenticator); webSecurityManager.setRealms(realms); webSecurityManager.setRememberMeManager(ioc.get(RememberMeManager.class, "shiroRememberMeManager")); return webSecurityManager;