Apache Shiro User Manual (5) Shiro Configuration Instructions
Apache Shiro User Manual (5) Shiro Configuration Instructions
Blog Category:
Development
Security Framework Shiro
The configuration of Apache Shiro is mainly divided into It is divided into four parts:
Definition and configuration of objects and attributes
URL filter configuration
Static user configuration
Static role configuration
Among them, because users and roles are generally Dynamic data is operated by the background, so Shiro configuration generally only contains the first two configurations.
Most components of Apache Shiro are based on POJO, so we can use any POJO-compatible configuration mechanism for configuration, such as Java code, Sping XML, YAML, JSON, ini files, etc. Below, we take the Spring XML configuration method as an example, and give some brief explanations of some of the configuration parameters.
Configuration of Shiro objects:
Mainly defines and configures the implementation of each component of Shiro. The main components have been briefly introduced in the previous article and will not be explained one by one here.
<bean id="securityManager" class="org.apache.shiro.mgt.DefaultSecurityManager"> <property name="cacheManager" ref="cacheManager"/> <property name="sessionMode" value="native"/> <!-- Single realm app. If you have multiple realms, use the 'realms' property instead. --> <property name="realm" ref="myRealm"/> <property name="sessionManager" ref="sessionManager"/> </bean>
Shiro filter configuration
Shiro mainly performs security management through URL filtering. The configuration here is to specify the specific authorization rule definition.
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <property name="loginUrl" value="/login.jsp"/> <property name="successUrl" value="/home.jsp"/> <property name="unauthorizedUrl" value="/unauthorized.jsp"/> --> <property name="filterChainDefinitions"> <value> # some example chain definitions: /admin/** = authc, roles[admin] /docs/** = authc, perms[document:read] /** = authc # more URL-to-FilterChain definitions here </value> </property> </bean>
URL filter configuration instructions:
Shiro can implement URL-based authorization verification through configuration files. FilterChain definition format:
URL_Ant_Path_Expression = Path_Specific_Filter_Chain
Each URL configuration indicates that application requests matching the URL will be verified by the corresponding filter.
For example:
[urls] /index.html = anon /user/create = anon /user/** = authc /admin/** = authc, roles[administrator] /rest/** = authc, rest /remoting/rpc/** = authc, perms["remote:invoke"]
URL expression description
1. The URL directory is based on HttpServletRequest.getContextPath(). This directory setting
2. The URL can be used Wildcard, ** represents any subdirectory
3. When Shiro verifies the URL, if the URL matches successfully, it will no longer continue to match and search. So pay attention to the order of URLs in the configuration file, especially when using wildcards.
Filter Chain Definition Description
1. A URL can configure multiple Filters, separated by commas
2. When multiple filters are set, all must be verified to pass. Considered as passed
3. Some filters can specify parameters, such as perms, roles
Shiro’s built-in FilterChain
Filter Name Class
anon org. apache.shiro.web.filter.authc.AnonymousFilter
authc org.apache.shiro.web.filter.authc.FormAuthenticationFilter
authcBasic org.apache.shiro.web.filter.authc. BasicHttpAuthenticationFilter
perms org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
port org.apache.shiro.web.filter.authz.PortFilter
rest org. apache.shiro.web.filter.authz.HttpMethodPermissionFilter
roles org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
ssl org.apache.shiro.web.filter.authz. SslFilter
user org.apache.shiro.web.filter.authc.UserFilter
The above is the content of the Apache Shiro User Manual (5) Shiro Configuration Instructions. For more related content, please pay attention to PHP Chinese Net (www.php.cn)!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to set the cgi directory in apache
Apr 13, 2025 pm 01:18 PM
To set up a CGI directory in Apache, you need to perform the following steps: Create a CGI directory such as "cgi-bin", and grant Apache write permissions. Add the "ScriptAlias" directive block in the Apache configuration file to map the CGI directory to the "/cgi-bin" URL. Restart Apache.
What to do if the apache80 port is occupied
Apr 13, 2025 pm 01:24 PM
When the Apache 80 port is occupied, the solution is as follows: find out the process that occupies the port and close it. Check the firewall settings to make sure Apache is not blocked. If the above method does not work, please reconfigure Apache to use a different port. Restart the Apache service.
How to connect to the database of apache
Apr 13, 2025 pm 01:03 PM
Apache connects to a database requires the following steps: Install the database driver. Configure the web.xml file to create a connection pool. Create a JDBC data source and specify the connection settings. Use the JDBC API to access the database from Java code, including getting connections, creating statements, binding parameters, executing queries or updates, and processing results.
How to view your apache version
Apr 13, 2025 pm 01:15 PM
There are 3 ways to view the version on the Apache server: via the command line (apachectl -v or apache2ctl -v), check the server status page (http://<server IP or domain name>/server-status), or view the Apache configuration file (ServerVersion: Apache/<version number>).
How to view the apache version
Apr 13, 2025 pm 01:00 PM
How to view the Apache version? Start the Apache server: Use sudo service apache2 start to start the server. View version number: Use one of the following methods to view version: Command line: Run the apache2 -v command. Server Status Page: Access the default port of the Apache server (usually 80) in a web browser, and the version information is displayed at the bottom of the page.
How to delete more than server names of apache
Apr 13, 2025 pm 01:09 PM
To delete an extra ServerName directive from Apache, you can take the following steps: Identify and delete the extra ServerName directive. Restart Apache to make the changes take effect. Check the configuration file to verify changes. Test the server to make sure the problem is resolved.
How to solve the problem that apache cannot be started
Apr 13, 2025 pm 01:21 PM
Apache cannot start because the following reasons may be: Configuration file syntax error. Conflict with other application ports. Permissions issue. Out of memory. Process deadlock. Daemon failure. SELinux permissions issues. Firewall problem. Software conflict.
How to start apache
Apr 13, 2025 pm 01:06 PM
The steps to start Apache are as follows: Install Apache (command: sudo apt-get install apache2 or download it from the official website) Start Apache (Linux: sudo systemctl start apache2; Windows: Right-click the "Apache2.4" service and select "Start") Check whether it has been started (Linux: sudo systemctl status apache2; Windows: Check the status of the "Apache2.4" service in the service manager) Enable boot automatically (optional, Linux: sudo systemctl
