【发布时间】:2011-08-18 18:13:03
【问题描述】:
我开始使用 Guice/Shiro 而不是 Spring/Spring Security。我查看了 Shiro 站点的示例,所有配置示例都是作为 INI 文件示例制作的。是否可以在纯 Java 中配置 Shiro,因为 Guice Servlet 是要配置的?
【问题讨论】:
标签: guice shiro guice-servlet
【发布时间】:2011-08-18 18:13:03
【问题描述】:
是的,这是可能的,但如果您希望 Guice 创建您的领域,则需要一些胶水代码。
- 绑定领域实现:
bind(Realm.class).to(MyRealm.class).in(Singleton.class);
- 绑定 WebSecurityManager:
@Provides @Singleton WebSecurityManager securityManager(Realm realm) {
DefaultWebSecurityManager sm = new DefaultWebSecurityManager();
sm.setRealm(realm);
return sm;
}
- 子类化 Shiro 过滤器之一,以便您可以使用 Guice 提供的 WebSecurityManager:
public class SecurityFilter extends IniShiroFilter {
static class SecurityManagerFactory extends WebIniSecurityManagerFactory {
private final WebSecurityManager securityManager;
public SecurityManagerFactory(WebSecurityManager securityManager) {
this.securityManager = securityManager;
}
public SecurityManagerFactory(WebSecurityManager securityManager, Ini ini) {
super(ini);
this.securityManager = securityManager;
}
@Override
protected SecurityManager createDefaultInstance() {
return securityManager;
}
}
private final Provider<WebSecurityManager> securityManager;
@Inject
SecurityFilter(Provider<WebSecurityManager> securityManager) {
super();
this.securityManager = securityManager;
}
protected Map<String, ?> applySecurityManager(Ini ini) {
SecurityManagerFactory factory;
if (ini == null || ini.isEmpty()) {
factory = new SecurityManagerFactory(securityManager.get());
} else {
factory = new SecurityManagerFactory(securityManager.get(), ini);
}
setSecurityManager((WebSecurityManager) factory.getInstance());
return factory.getBeans();
}
}
- 配置您的过滤器:
Joiner lines = Joiner.on("\n");
Map<String, String> config = ImmutableMap.of("config", lines.join(
"; here you can provide additional ini",
"[roles]",
"admin = *",
"[urls]",
"/secure/** = authcBasic"
));
filter("/*").through(SecurityFilter.class, config);
【讨论】:
-
感谢完整代码的回答!那么最终配置必须是 ini 格式吗?
-
Ini 是可选的,你可以在provider方法中手动配置WebSecuirtyManager。