bug fixed

75216294 · liqin · c8b6d05c · 75216294 · 75216294 · 75216294
Commit 75216294 authored Mar 12, 2021 by liqin 💬
Showing with 44 additions and 15 deletions

pom.xml pom.xml +6 -0

MyShiroRealm.java ...cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java +0 -2

ShiroConfig.java ...n/java/cn/wisenergy/chnmuseum/party/conf/ShiroConfig.java +38 -13

No files found.
--- a/pom.xml
+++ b/pom.xml
@@ -173,6 +173,12 @@
            <groupId>org.crazycake</groupId>
            <artifactId>shiro-redis</artifactId>
            <version>3.3.1</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.apache.shiro</groupId>
+                    <artifactId>shiro-core</artifactId>
+                </exclusion>
+            </exclusions>
        </dependency>
        <!--<dependency>
            <groupId>redis.clients</groupId>

--- a/src/main/java/cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java
@@ -70,8 +70,6 @@ public class MyShiroRealm extends AuthorizingRealm {
     * 认证信息.(身份验证) : Authentication 是用来验证用户身份
     *
     * @param auth
-     * @return
-     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {

--- a/src/main/java/cn/wisenergy/chnmuseum/party/conf/ShiroConfig.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/conf/ShiroConfig.java
@@ -7,7 +7,6 @@ import cn.wisenergy.chnmuseum.party.service.PermissionInitService;
 import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
 import org.apache.shiro.mgt.DefaultSubjectDAO;
 import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.mgt.SessionsSecurityManager;
 import org.apache.shiro.spring.LifecycleBeanPostProcessor;
 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
@@ -22,6 +21,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.core.annotation.Order;
+import redis.clients.jedis.JedisPoolConfig;

 import javax.annotation.Resource;
 import javax.servlet.Filter;
@@ -34,21 +34,25 @@ import java.util.Map;
 public class ShiroConfig {

    private static final Logger logger = LoggerFactory.getLogger(ShiroConfig.class);
+    private static final String CACHE_KEY = "shiro:cache:";

    @Resource
    private PermissionInitService permissionInitService;

    @Value("${spring.redis.host}")
    private String host;
-
    @Value("${spring.redis.port}")
    private int port;
-
    @Value("${spring.redis.timeout}")
    private int timeout;
-
    @Value("${spring.redis.password}")
    private String password;
+    @Value("${spring.redis.jedis.pool.min-idle}")
+    private int minIdle;
+    @Value("${spring.redis.jedis.pool.max-idle}")
+    private int maxIdle;
+    @Value("${spring.redis.jedis.pool.max-active}")
+    private int maxActive;

    /**
     * ShiroFilterFactoryBean 处理拦截资源文件问题。
@@ -95,13 +99,13 @@ public class ShiroConfig {
    }

    @Bean
-    public SessionsSecurityManager securityManager() {
+    public DefaultWebSecurityManager securityManager() {
        logger.info("ShiroConfiguration.securityManager()");
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 设置realm
        securityManager.setRealm(myShiroRealm());
        // 自定义缓存实现 使用redis
-        securityManager.setCacheManager(redisCacheManager());
+        securityManager.setCacheManager(cacheManager());

        // 关闭shiro自带的session
        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
@@ -117,6 +121,20 @@ public class ShiroConfig {
     */
    @Bean
    public MyShiroRealm myShiroRealm() {
+        MyShiroRealm myShiroRealm = myShiroRealm();
+        //开启全局缓存配置
+        myShiroRealm.setCachingEnabled(true);
+        //启用身份验证缓存，即缓存AuthenticationInfo信息，默认false
+        myShiroRealm.setAuthenticationCachingEnabled(true);
+        //启用授权缓存，即缓存AuthorizationInfo信息，默认false
+        myShiroRealm.setAuthorizationCachingEnabled(true);
+
+        //为了方便操作，我们给缓存起个名字
+        myShiroRealm.setAuthenticationCacheName("authcCache");
+        myShiroRealm.setAuthorizationCacheName("authzCache");
+
+        //注入缓存实现
+        myShiroRealm.setCacheManager(cacheManager());
        return new MyShiroRealm();
    }

@@ -158,28 +176,35 @@ public class ShiroConfig {
    }

    /**
-     * 配置shiro redisManager
-     * <p>
-     * 使用的是shiro-redis开源插件
-     *
+     * 配置Redis管理器
+     * @Attention 使用的是shiro-redis开源插件
     * @return
     */
+    @Bean
    public RedisManager redisManager() {
        RedisManager redisManager = new RedisManager();
        redisManager.setHost(host);
        redisManager.setTimeout(timeout);
        redisManager.setPassword(password);
+        JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();
+        jedisPoolConfig.setMaxTotal(maxIdle + maxActive);
+        jedisPoolConfig.setMaxIdle(maxIdle);
+        jedisPoolConfig.setMinIdle(minIdle);
+        redisManager.setJedisPoolConfig(jedisPoolConfig);
        return redisManager;
    }

    /**
     * 用户授权信息Cache, 采用Redis
-     *
-     * @return
     */
-    public RedisCacheManager redisCacheManager() {
+    @Bean
+    public RedisCacheManager cacheManager() {
        RedisCacheManager redisCacheManager = new RedisCacheManager();
        redisCacheManager.setRedisManager(redisManager());
+        redisCacheManager.setKeyPrefix(CACHE_KEY);
+        // shiro-redis要求放在session里面的实体类必须有个id标识
+        //这是组成redis中所存储数据的key的一部分
+        redisCacheManager.setPrincipalIdFieldName("id");
        return redisCacheManager;
    }