我正在Spring boot和Mongo DB中开发一个基于Web的应用程序。现在我想使用Apache Shiro进行身份验证和授权。有人可以向我解释程序以及如何建立mongo db领域以及在何处提及权限 - 用户映射?谢谢。
基本上你需要三个组件
@Component
public class YourMongoConfiguration {
@Bean(name = "mongoTemplate")
@DependsOn({ "lifecycleBeanPostProcessor" })
public MongoTemplate mongoTemplate() throws Exception {
MongoTemplate mt = new MongoTemplate(YOUR_CONFIGURATIOP_HERE);
return mt;
}
}
然后是MongoRealm
@Component("mongoRealm")
public class MongoRealm extends AuthorizingRealm {
private final MongoTemplate mongoTemplate;
@Autowired
public MongoRealm(MongoTemplate mongoTemplate) {
this.mongoTemplate = mongoTemplate;
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
credentialsMatcher.setHashAlgorithmName(Sha512Hash.ALGORITHM_NAME);
credentialsMatcher.setHashIterations(53);
setCredentialsMatcher(credentialsMatcher);
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// YOUR IMPLEMENTATION
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
// YOUR IMPLEMENTATION
}
}
最后是一名安全经理
@Component("securityManager")
public class SecurityManager extends DefaultWebSecurityManager {
@Autowired
public SecurityManager(Realm mongoRealm, SessionDAO mongoSessionDAO) {
super(mongoRealm);
setRealm(mongoRealm);
SessionManager sessionManager = new SessionManager();
setSessionManager(sessionManager);
sessionManager.setSessionDAO(mongoSessionDAO);
}
}
从现在开始,Shiro将调用您的MongoRealm来验证登录和权限,您将能够通过类似的课程来收集您的收藏
@Service
public class ONE_OF_YOUR_Services {
@Autowired
private MongoTemplate mongoTemplate;
protected List<T> getDocuments(Class<T> clazz, String collection) {
return mongoTemplate.findAll(clazz, collection);
}
}
我希望它有所帮助。
在GitHub上有一些MongoDB领域。我不想链接到他们,因为没有尝试过,但这将是你最好的开始。