@Bean public SecurityManager securityManager(){ DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager(); //设置realm. // securityManager.setAuthenticator(modularRealmAuthenticator()); securityManager.setAuthenticator(customizedModularRealmAuthenticator()); List<Realm> realms=new ArrayList<>(); realms.add(myShiroRealm()); realms.add(myShiroRealm2()); securityManager.setRealms(realms); return securityManager; }
@Bean public SecurityManager securityManager(RealmManager realmManager) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setAuthenticator(new AModularRealmAuthenticator()); securityManager.setRealms(realmManager.initGetRealm()); // 无状态subjectFactory设置 DefaultSessionStorageEvaluator evaluator = (DefaultSessionStorageEvaluator)((DefaultSubjectDAO) securityManager.getSubjectDAO()).getSessionStorageEvaluator(); evaluator.setSessionStorageEnabled(Boolean.FALSE); StatelessWebSubjectFactory subjectFactory = new StatelessWebSubjectFactory(); securityManager.setSubjectFactory(subjectFactory); SecurityUtils.setSecurityManager(securityManager); return securityManager; }
if (realms.size() > 0) modularRealmAuthenticator.setRealms(realms); webSecurityManager.setAuthenticator(modularRealmAuthenticator);
@Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); //设置authenticator ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); authenticator.setAuthenticationStrategy(new AllSuccessfulStrategy()); securityManager.setAuthenticator(authenticator); //设置realm List<Realm> realms = Lists.newArrayList(myRealm()); securityManager.setRealms(realms); //设置sessionManager MySessionManager sessionManager = new MySessionManager(); sessionManager.setSessionValidationSchedulerEnabled(false); sessionManager.setSessionDAO(myRedisSessionDao()); sessionManager.setSessionIdCookie(new SimpleCookie("shiroCookie")); sessionManager.setSessionIdUrlRewritingEnabled(false); securityManager.setSessionManager(sessionManager); //设置rememberMeManager CookieRememberMeManager rememberMeManager = new CookieRememberMeManager(); SimpleCookie remeberMeCookie = new SimpleCookie("rememberMe"); remeberMeCookie.setMaxAge(86400); remeberMeCookie.setHttpOnly(true); rememberMeManager.setCookie(remeberMeCookie); securityManager.setRememberMeManager(rememberMeManager); //设置缓存,默认缓存用户授权信息,认证信息不缓存 securityManager.setCacheManager(new MemoryConstrainedCacheManager()); return securityManager; }