1.redis的配置
相关依赖
<dependency> <groupId>redis.clients</groupId> <artifactId>jedis</artifactId> <version>xxxx</version> </dependency>
jedis的配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
<bean id="jedisPoolConfig" class="redis.clients.jedis.JedisPoolConfig">
<property name="maxIdle" value="${redis.maxIdle}"/>
<property name="minIdle" value="${redis.minIdle}"/>
<property name="maxWaitMillis" value="${redis.maxWaitMillis}"/>
<property name="testOnBorrow" value="${redis.testOnBorrow}"/>
</bean>
<bean id="jedisPool" class="redis.clients.jedis.JedisPool">
<constructor-arg index="0" ref="jedisPoolConfig" />
<constructor-arg index="1" value="${redis.host}" name="host" type="java.lang.String"/>
<constructor-arg index="2" value="${redis.port}" name="port" type="int"/><!-- 端口 -->
<constructor-arg index="3" value="${redis.timeout}" name="timeout" type="int"/><!-- 超时 -->
<!--<constructor-arg index="4" value="" name="password" type="java.lang.String"/> 密码 -->
</bean>
<!-- 自己编写 对redis的操作类 -->
<bean id="jedisManager" class="com.nanc.core.shiro.cache.JedisManager">
<property name="jedisPool" ref="jedisPool"/>
</bean>
</beans>
2.shrio的配置,相关的自定义缓存类,请看上一篇文章
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
<!-- 缓存管理 -->
<bean id="cacheManager" class="com.nanc.core.shiro.cache.JedisCacheManager">
<property name="jedisManager" ref="jedisManager"/>
</bean>
<!-- 凭证匹配器 暂用默认的凭证匹配器-->
<bean id="credentialsMatcher" class="com.nanc.core.shiro.credentials.RetryLimitHashedCredentialsMatcher">
<constructor-arg ref="cacheManager"/>
<property name="hashAlgorithmName" value="${password.algorithmName}"/>
<property name="hashIterations" value="${password.hashIterations}"/>
<property name="storedCredentialsHexEncoded" value="true"/>
</bean>
<!-- realm 实现 -->
<bean id="userRealm" class="com.nanc.core.shiro.realm.MyRealm">
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<property name="cachingEnabled" value="true"/> <!-- 修改用户权限的话,如果有问题,把缓存注了 -->
<property name="authenticationCachingEnabled" value="true"/>
<property name="authenticationCacheName" value="authenticationCache"/>
<property name="authorizationCachingEnabled" value="true"/>
<property name="authorizationCacheName" value="authorizationCache"/>
</bean>
<!-- 会话ID生成器 -->
<bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
<!-- 会话cookie的模板 -->
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="sid_nanc"/>
<property name="httpOnly" value="true"/>
<property name="maxAge" value="-1"/><!-- 表示浏览器关闭时失效此 Cookie -->
</bean>
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="sid_nanc_rbm"/>
<property name="httpOnly" value="true"/>
<property name="maxAge" value="2592000"/><!-- 30天 -->
</bean>
<!-- remeberMe 管理器 -->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)-->
<property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}"/>
<property name="cookie" ref="rememberMeCookie"/>
</bean>
<!-- 操作session 的自定义类 -->
<bean id="shiroSession" class="com.nanc.core.shiro.session.impl.ShiroSessionRepository">
<property name="jedisManager" ref="jedisManager"/>
</bean>
<!-- 会话DAO -->
<bean id="sessionDAO" class="com.nanc.core.shiro.dao.MySessionDAO">
<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
<property name="shiroSession" ref="shiroSession"/>
</bean>
<!-- 会话验证调度器 作用移除已经失效的session-->
<bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
<property name="sessionValidationInterval" value="1800000"/><!--执行定时任务的间隔时间单位毫秒 共30分钟-->
<property name="sessionManager" ref="sessionManager"/>
</bean>
<!-- 会话管理器 -->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="globalSessionTimeout" value="1800000"/><!--全局session过期时间 毫秒 共30分钟-->
<property name="deleteInvalidSessions" value="true"/>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
<property name="sessionDAO" ref="sessionDAO"/>
<property name="sessionIdCookieEnabled" value="true"/>
<property name="sessionIdCookie" ref="sessionIdCookie"/>
</bean>
<!-- 安全管理器 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="userRealm"/> <!-- 配置单个relam -->
<!-- 可以配置多个relam -->
<!--<property name="realms">
<list>
<ref bean="userRealm"/>
</list>
</property>-->
<property name="sessionManager" ref="sessionManager"/>
<property name="cacheManager" ref="cacheManager"/>
<property name="rememberMeManager" ref="rememberMeManager"/>
</bean>
<!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<!-- 基于Form表单的身份验证过滤器 -->
<bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
<property name="usernameParam" value="username"/>
<property name="passwordParam" value="password"/>
<property name="rememberMeParam" value="rememberMe"/>
<property name="loginUrl" value="/login"/>
</bean>
<!-- 作用:把用户放入到request域中,方便在request中获取 -->
<bean id="sysUserFilter" class="com.nanc.core.shiro.filter.SysUserFilter"/>
<!-- ssl 支持 -->
<!--<bean id="sslFilter" class="org.apache.shiro.web.filter.authz.SslFilter">
<property name="port" value="8443"/>
</bean>-->
<!-- ssl 支持结束 -->
<!-- Shiro的Web过滤器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login"/>
<property name="filters">
<map>
<entry key="authc" value-ref="formAuthenticationFilter"/>
<entry key="sysUser" value-ref="sysUserFilter"/>
<!--添加ssl支持-->
<!--<entry key="ssl" value-ref="sslFilter"/>-->
<!-- 结束ssl支持-->
</map>
</property>
<property name="filterChainDefinitions">
<value>
/login=authc
/loginDialog=authc
/logout=logout
/authenticated=authc
/dwz_jui/**=anon
/**=user,sysUser
</value>
</property>
</bean>
<!-- Shiro生命周期处理器-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
</beans>
我的这种配置,当认证信息缓存的时候,相关类的序列化没有问题,但是反序列化的时候会报错,具体方案看下篇博文
浙公网安备 33010602011771号