這篇文章主要介紹了Springboot整合Shiro的代碼實例,文中通過示例代碼介紹的非常詳細，對大家的學習或者工作具有一定的參考學習價值,需要的朋友可以參考下

1、導入依賴

<!--shiro--><dependency>  <groupId>org.apache.shiro</groupId>  <artifactId>shiro-spring</artifactId>  <version>1.4.0</version></dependency>

2、創建ShiroRealm.java文件

（這里按照需求，只做登錄認證這塊）

package com.hyqfx.manager.shiro;import com.baomidou.mybatisplus.mapper.EntityWrapper;import com.hyqfx.manager.entity.po.SystemAdmin;import com.hyqfx.manager.service.ISystemAdminService;import org.apache.shiro.authc.*;import org.apache.shiro.authz.AuthorizationInfo;import org.apache.shiro.realm.AuthorizingRealm;import org.apache.shiro.subject.PrincipalCollection;import org.springframework.beans.factory.annotation.Autowired;public class ShiroRealm extends AuthorizingRealm {  @Autowired  private ISystemAdminService adminService;  //授權  @Override  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {    /*    //獲取登錄用戶名    String name= (String) principalCollection.getPrimaryPrincipal();    //查詢用戶名稱    User user = loginService.findByName(name);    //添加角色和權限    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();    for (Role role:user.getRoles()) {      //添加角色      simpleAuthorizationInfo.addRole(role.getRoleName());      for (Permission permission:role.getPermissions()) {        //添加權限        simpleAuthorizationInfo.addStringPermission(permission.getPermission());      }    }    return simpleAuthorizationInfo;*/    return null;  }  //認證  @Override  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {    //加這一步的目的是在Post請求的時候會先進認證，然后在到請求    if (authenticationToken.getPrincipal() == null) {      return null;    }    //獲取用戶信息    String name = authenticationToken.getPrincipal().toString();     SystemAdmin admin = adminService.selectOne(new EntityWrapper<SystemAdmin>().eq("username",name));    if (admin == null) {      return null;    } else {      //這里驗證authenticationToken和simpleAuthenticationInfo的信息      SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(name, admin.getPassword().toString(), getName());      return simpleAuthenticationInfo;    }  }}

3、創建ShiroConfiguration.java文件

package com.becl.config;import com.becl.shiro.PasswordMatcher;import com.becl.shiro.ShiroRealm;import org.apache.shiro.mgt.SecurityManager;import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;import org.apache.shiro.spring.web.ShiroFilterFactoryBean;import org.apache.shiro.web.mgt.DefaultWebSecurityManager;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import java.util.HashMap;import java.util.Map;@Configurationpublic class ShiroConfiguration {  //將自己的驗證方式加入容器  @Bean  public ShiroRealm myShiroRealm() {    ShiroRealm myShiroRealm = new ShiroRealm();    myShiroRealm.setCredentialsMatcher(passwordMatcher());//裝配自定義的密碼驗證方式    return myShiroRealm;  }  // 配置加密方式  // 配置了一下，這貨就是驗證不過，，改成手動驗證算了，以后換加密方式也方便  @Bean  public PasswordMatcher passwordMatcher() {    return new PasswordMatcher();  }  //權限管理，配置主要是Realm的管理認證  @Bean  public SecurityManager securityManager() {    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();    securityManager.setRealm(myShiroRealm());    return securityManager;  }  //Filter工廠，設置對應的過濾條件和跳轉條件  @Bean  public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {    ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();    shiroFilterFactoryBean.setSecurityManager(securityManager);    Map<String,String> map = new HashMap<String, String>();    //登出    map.put("/logout","logout");    //不需要認證    map.put("/logout","anon");    map.put("/login*","anon");    map.put("/shiroError","anon");    //對所有用戶認證    map.put("/**","authc");    //map.put("/**","anon");    //登錄    shiroFilterFactoryBean.setLoginUrl("/login");    //首頁    shiroFilterFactoryBean.setSuccessUrl("/index");    //錯誤頁面，認證不通過跳轉    shiroFilterFactoryBean.setUnauthorizedUrl("/shiroError");    shiroFilterFactoryBean.setFilterChainDefinitionMap(map);    return shiroFilterFactoryBean;  }  //加入注解的使用，不加入這個注解不生效  @Bean  public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {    AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();    authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);    return authorizationAttributeSourceAdvisor;  }}