Spring boot integrates Shiro and uses mongodb for session storage

Java

preface

Shiro is a permission framework. You can view its official website for specific use http://shiro.apache.org/ It provides convenient authority authentication and login functions

As an open source framework, springboot must provide the function of integration with Shiro!

Shiro, which has been used for project authentication before, is mostly used in spring MVC and is configured with XML. It is relatively simple and mature to use Shiro for permission control. Moreover, I have always put Shiro's session in mongodb, which is more in line with the original design intention of mongodb, and mongodb is also used as an intermediate layer in distributed projects, It is used to solve the problem of session synchronization in distributed environment

Since the advent of springboot, my projects basically use springboot if they can use springboot. It is also convenient to use Maven for unified and centralized management. Although springboot also provides a set of permission security framework spring security, it is still not easy to use, so it is more convenient to use Shiro. Integrating Shiro with springboot is much simpler than spring MVC, At least there is no XML configuration, which looks more refreshing, so let's start the integration.

The method is as follows:

The first step must be to add Shiro and Mongo dependencies in Maven. The Shiro version I use is

Add dependency:

Then in application Configure mongodb in XML or YML

After the configuration is completed, we begin to formally write Shiro authentication code. First, we customize an authentication realm, which inherits from the authorizing realm

The repository and implementation of storing session into mongodb:

MongoDBSessionRepository. java

ShiroSessionDAO. java

OK! All basic classes have been completed. Finally, write a config to initialize and configure Shiro

It's done. Here's just a simple configuration. The code is also excerpted and modified from the project. As for how to use it in the controller and how to do authentication with different permissions, just implement it in your own code.

summary

The above is the whole content of this article. I hope the content of this article has a certain reference value for your study or work. If you have any questions, you can leave a message. Thank you for your support for programming tips.

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>