这篇文章给大家分享的是shiro实现动态刷新权限的详细介绍,相信大部分人都还没学会这个技能,为了让大家学会,给大家总结了以下内容,话不多说,一起往下看吧。
计算
安全
数据库
网络和加速
企业服务
import java.util.LinkedHashMap;import java.util.Map;import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.mgt.DefaultFilterChainManager;
import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
import org.apache.shiro.web.servlet.AbstractShiroFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.qfx.demo.cache.MenuRoleCache;
import com.qfx.demo.cache.MenuRoleCache2;
import com.qfx.demo.vo.SysMenuRole;
@Component
public class ShiroPermissionSer {
@Autowired
ShiroFilterFactoryBean shiroFilterFactoryBean;
private int count = 1;
/**
* <h6>功能:动态更新shiro权限(无需重启)</h6>
*
* @return
*/
public boolean updatePermission() {
boolean flag = false;
synchronized (shiroFilterFactoryBean) {
AbstractShiroFilter shiroFilter = null;
try {
shiroFilter = (AbstractShiroFilter) shiroFilterFactoryBean.getObject();
PathMatchingFilterChainResolver filterChainResolver = (PathMatchingFilterChainResolver) shiroFilter.getFilterChainResolver();
DefaultFilterChainManager manager = (DefaultFilterChainManager) filterChainResolver.getFilterChainManager();
// 1. 清空老的权限控制
manager.getFilterChains().clear();
shiroFilterFactoryBean.getFilterChainDefinitionMap().clear();
// ========== 2. 动态加载权限核心部分开始 ==========
// 后面这个可以直接从数据库里面获取
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
// 对静态资源设置匿名访问,从resoutces/static后面开始写
filterChainDefinitionMap.put("/css/**", "anon");
// 可匿名访问的地址
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/index.jsp", "anon");
filterChainDefinitionMap.put("/login/loginPage", "anon");
filterChainDefinitionMap.put("/login/register", "anon");
filterChainDefinitionMap.put("/login/login", "anon");
// 请求 logout.do地址,shiro去清除session
filterChainDefinitionMap.put("/logout", "logout");
//循环url,逐个添加到section中。section就是filterChainDefinitionMap,
//里面的键就是链接URL,值就是存在什么条件才能访问该链接(正式环境从数据库获取,这里模拟数据权限切换)
if (count == 1) {
Map<String, SysMenuRole> menuRoleMap = MenuRoleCache2.menuRoleCacheMap;
for (String key : menuRoleMap.keySet()) {
filterChainDefinitionMap.put(key, "roles["+menuRoleMap.get(key).getRoleNames()+"]");
}
count = 0;
} else {
Map<String, SysMenuRole> menuRoleMap = MenuRoleCache.menuRoleCacheMap;
for (String key : menuRoleMap.keySet()) {
filterChainDefinitionMap.put(key, "roles["+menuRoleMap.get(key).getRoleNames()+"]");
}
count = 1;
}
//所有url都必须认证通过才可以访问,必须放在最后
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
// ========== 2. 动态加载权限核心部分结束 ==========
// 3. 重新构建生成
Map<String, String> chains = shiroFilterFactoryBean.getFilterChainDefinitionMap();
for (Map.Entry<String, String> entry : chains.entrySet()) {
String url = entry.getKey();
String chainDefinition = entry.getValue().trim().replace(" ", "");
manager.createChain(url, chainDefinition);
}
flag = true;
System.out.println("更新权限成功");
} catch (Exception e) {
throw new RuntimeException("更新shiro权限出现错误!");
}
}
return flag;
}
}
这篇文章主要为大家详细介绍了shiro实现动态刷新权限,文中示例代码介绍的非常详细,零基础也能参考此文章,感兴趣的小伙伴们可以参考一下。
亿速云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
