spring中shiro的应用
2017-09-10 本文已影响24人
yueyue_projects
应用目标
实现注册登录的权限管理,具体需求描述如下:
流程图
- salt的原理
salt(盐的原理)
- shiro自带记住我的功能
image.png
- 配置相关
<bean name="shiroFilterChainDefinitions" class="java.lang.String">
<constructor-arg>
<value>
/static/** = anon //anon代表任何用户都可以访问
/userfiles/** = anon
${adminPath}/tag/** = anon
${adminPath}/sys/area/** = anon
${adminPath}/factory/factory/getData = anon
${adminPath}/sys/user/infoCareStatus = anon
${adminPath}/sys/user/validateLoginName = anon
${adminPath}/sys/user/validateMobile = anon
${adminPath}/sys/user/validateMobileExist = anon
${adminPath}/sys/user/resetPassword = anon
${adminPath}/sys/register = anon
${adminPath}/sys/register/registerUser = anon
${adminPath}/sys/register/getRegisterCode = anon
${adminPath}/sys/register/validateMobileCode = anon
${adminPath}/soft/sysVersion/getAndroidVer = anon
${adminPath}/soft/sysVersion/getIosVer = anon
${adminPath}/cas = cas
${adminPath}/login = authc //表示认证,必须要经过重新认证
${adminPath}/logout = anon
${adminPath}/** = user //user表示session里存在用户可以访问
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
</value>
</constructor-arg>
</bean>
