溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章給大家分享的是shiro實現動態刷新權限的詳細介紹,相信大部分人都還沒學會這個技能,為了讓大家學會,給大家總結了以下內容,話不多說,一起往下看吧。
import java.util.LinkedHashMap;
import java.util.Map;import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.filter.mgt.DefaultFilterChainManager; import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver; import org.apache.shiro.web.servlet.AbstractShiroFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.qfx.demo.cache.MenuRoleCache; import com.qfx.demo.cache.MenuRoleCache2; import com.qfx.demo.vo.SysMenuRole; @Component public class ShiroPermissionSer { @Autowired ShiroFilterFactoryBean shiroFilterFactoryBean; private int count = 1; /** * <h6>功能:動態更新shiro權限(無需重啟)</h6> * * @return */ public boolean updatePermission() { boolean flag = false; synchronized (shiroFilterFactoryBean) { AbstractShiroFilter shiroFilter = null; try { shiroFilter = (AbstractShiroFilter) shiroFilterFactoryBean.getObject(); PathMatchingFilterChainResolver filterChainResolver = (PathMatchingFilterChainResolver) shiroFilter.getFilterChainResolver(); DefaultFilterChainManager manager = (DefaultFilterChainManager) filterChainResolver.getFilterChainManager(); // 1. 清空老的權限控制 manager.getFilterChains().clear(); shiroFilterFactoryBean.getFilterChainDefinitionMap().clear(); // ========== 2. 動態加載權限核心部分開始 ========== // 后面這個可以直接從數據庫里面獲取 Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>(); // 對靜態資源設置匿名訪問,從resoutces/static后面開始寫 filterChainDefinitionMap.put("/css/**", "anon"); // 可匿名訪問的地址 filterChainDefinitionMap.put("/", "anon"); filterChainDefinitionMap.put("/index.jsp", "anon"); filterChainDefinitionMap.put("/login/loginPage", "anon"); filterChainDefinitionMap.put("/login/register", "anon"); filterChainDefinitionMap.put("/login/login", "anon"); // 請求 logout.do地址,shiro去清除session filterChainDefinitionMap.put("/logout", "logout"); //循環url,逐個添加到section中。section就是filterChainDefinitionMap, //里面的鍵就是鏈接URL,值就是存在什么條件才能訪問該鏈接(正式環境從數據庫獲取,這里模擬數據權限切換) if (count == 1) { Map<String, SysMenuRole> menuRoleMap = MenuRoleCache2.menuRoleCacheMap; for (String key : menuRoleMap.keySet()) { filterChainDefinitionMap.put(key, "roles["+menuRoleMap.get(key).getRoleNames()+"]"); } count = 0; } else { Map<String, SysMenuRole> menuRoleMap = MenuRoleCache.menuRoleCacheMap; for (String key : menuRoleMap.keySet()) { filterChainDefinitionMap.put(key, "roles["+menuRoleMap.get(key).getRoleNames()+"]"); } count = 1; } //所有url都必須認證通過才可以訪問,必須放在最后 filterChainDefinitionMap.put("/**", "authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); // ========== 2. 動態加載權限核心部分結束 ========== // 3. 重新構建生成 Map<String, String> chains = shiroFilterFactoryBean.getFilterChainDefinitionMap(); for (Map.Entry<String, String> entry : chains.entrySet()) { String url = entry.getKey(); String chainDefinition = entry.getValue().trim().replace(" ", ""); manager.createChain(url, chainDefinition); } flag = true; System.out.println("更新權限成功"); } catch (Exception e) { throw new RuntimeException("更新shiro權限出現錯誤!"); } } return flag; } }
這篇文章主要為大家詳細介紹了shiro實現動態刷新權限,文中示例代碼介紹的非常詳細,零基礎也能參考此文章,感興趣的小伙伴們可以參考一下。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
