在 Spring Boot 中与 Shiro 一起使用多个 FilterFactoryBean、SecurityManager 和 Realm

问题描述 投票:0回答:0

我有两个 Reams 设置,名称分别为 

"Reaml1"
"Realm2"
。这两个领域用于不同类型的实体认证。

@Configuration
public class ShiroConfig {

    @Bean(name = "realm1")
    public Realm realm1() {
        Realm1 realm = new Realm1();
        return realm;
    }

    @Bean(name = "realm2")
    public Realm realm2() {
        Realm2 realm = new Realm2();
        return realm;
    }


    @Bean(name = "securityManager1")
    public DefaultSecurityManager securityManager1(@Qualifier("realm1") Realm realm) {
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        securityManager.setRealm(realm);
        return securityManager;
    }

    @Bean(name = "securityManager2")
    public DefaultSecurityManager securityManager2(@Qualifier("realm2") Realm realm) {
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        securityManager.setRealm(realm);
        return securityManager;
    }

    @Bean(name = "shiroFilter1")
    public ShiroFilterFactoryBean shiroFilter1(@Qualifier("securityManager1") SecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        factoryBean.setLoginUrl("/login1");
        factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap());
        return factoryBean;
    }

    @Bean(name = "shiroFilter2")
    public ShiroFilterFactoryBean shiroFilter2(@Qualifier("securityManager2") SecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        factoryBean.setLoginUrl("/login2");
        factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap());
        return factoryBean;
    }

    private Map<String, String> filterChainDefinitionMap() {
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        return filterChainDefinitionMap;
    }
}

我有两个不同的登录端点:

/login1
/login2
在我的控制器类中,例如:

@PostMapping("/login1")
@ResponseBody
public String Login1(HttpServletRequest request) {
        Subject subject = SecurityUtils.getSubject();

        /* Some processing to get username and password */

        UsernamePasswordToken token = new UsernamePasswordToken(username, password);

        String msg = "";
        try {
            subject.login(token);
            msg =  "Successfully logged in.";
        } catch (Exception e) {
            /* Exception handling */
        }

        if (! subject.isAuthenticated()) token.clear();
        return msg;
    }

然而,

/login1
一直在使用
Realm2
进行认证。我的问题是如何配置 Shiro 在使用不同的登录端点时使用不同的 
Reaml
SecurityManager
ShiroFilterFactoryBean

我尝试在 

SecurityUtils.setSecurityManager({corresponding security manager})
方法中添加 
login
但它没有用。

我被困在这里一整天,找不到出路。请帮忙,谢谢!

java spring spring-boot shiro
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.