我有两个 Reams 设置,名称分别为
"Reaml1"
和 "Realm2"
。这两个领域用于不同类型的实体认证。
@Configuration
public class ShiroConfig {
@Bean(name = "realm1")
public Realm realm1() {
Realm1 realm = new Realm1();
return realm;
}
@Bean(name = "realm2")
public Realm realm2() {
Realm2 realm = new Realm2();
return realm;
}
@Bean(name = "securityManager1")
public DefaultSecurityManager securityManager1(@Qualifier("realm1") Realm realm) {
DefaultSecurityManager securityManager = new DefaultSecurityManager();
securityManager.setRealm(realm);
return securityManager;
}
@Bean(name = "securityManager2")
public DefaultSecurityManager securityManager2(@Qualifier("realm2") Realm realm) {
DefaultSecurityManager securityManager = new DefaultSecurityManager();
securityManager.setRealm(realm);
return securityManager;
}
@Bean(name = "shiroFilter1")
public ShiroFilterFactoryBean shiroFilter1(@Qualifier("securityManager1") SecurityManager securityManager) {
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager);
factoryBean.setLoginUrl("/login1");
factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap());
return factoryBean;
}
@Bean(name = "shiroFilter2")
public ShiroFilterFactoryBean shiroFilter2(@Qualifier("securityManager2") SecurityManager securityManager) {
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager);
factoryBean.setLoginUrl("/login2");
factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap());
return factoryBean;
}
private Map<String, String> filterChainDefinitionMap() {
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
return filterChainDefinitionMap;
}
}
我有两个不同的登录端点:
/login1
和 /login2
在我的控制器类中,例如:
@PostMapping("/login1")
@ResponseBody
public String Login1(HttpServletRequest request) {
Subject subject = SecurityUtils.getSubject();
/* Some processing to get username and password */
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
String msg = "";
try {
subject.login(token);
msg = "Successfully logged in.";
} catch (Exception e) {
/* Exception handling */
}
if (! subject.isAuthenticated()) token.clear();
return msg;
}
然而,
/login1
一直在使用Realm2
进行认证。我的问题是如何配置 Shiro 在使用不同的登录端点时使用不同的 Reaml
、SecurityManager
和 ShiroFilterFactoryBean
?
我尝试在
SecurityUtils.setSecurityManager({corresponding security manager})
方法中添加 login
但它没有用。
我被困在这里一整天,找不到出路。请帮忙,谢谢!