Nutz
  1. 主页/
  2. 问答
NutzCN Logo
问答 spring结构改造成nutz
发布于 2248天前 作者 qq_4a89c7c9 2078 次浏览 复制 上一个帖子 下一个帖子
标签:

对接oauth,需要再现在shiro.ini里,将下面的形式改造,怎么改造,迷茫了。。。求教

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">

    <bean id="oauth2Settings" class="cn.lamppa.pcloud.auth.client.shiro.oauth2.OAuth2Settings">
        <property name="currentApplicationUrl" value="${oauth.current-application.url}"/>
        <property name="authzEndpoint" value="${oauth.authz-endpoint}"/>
        <property name="tokenEndpoint" value="${oauth.token-endpoint}"/>
        <property name="logoutEndpoint" value="${oauth.logout-endpoint}"/>
        <property name="clientId" value="${oauth.client-id}"/>
        <property name="clientSecret" value="${oauth.client-secret}"/>
        <property name="redirectUri" value="${oauth.redirect-uri}"/>
        <property name="userInfoUrl" value="${oauth.user-info-url}"/>
        <property name="scope" value="${oauth.scope}"/>
        <property name="applicationResourcesUrl" value="${oauth.resources-application-url}"/>
        <property name="userResourcesUrl" value="${oauth.resources-user-url}"/>
    </bean>

    <bean id="customSettingsApi20" class="cn.lamppa.pcloud.auth.client.shiro.oauth2.CustomSettingsApi20">
        <constructor-arg ref="oauth2Settings"/>
    </bean>

    <bean id="oauth20Service" class="cn.lamppa.pcloud.auth.client.shiro.oauth2.CustomOAuth20Service">
        <constructor-arg ref="customSettingsApi20"/>
    </bean>

    <!-- 继承自AuthorizingRealm的自定义Realm -->
    <bean id="oauth2Realm" class="cn.lamppa.pcloud.auth.client.shiro.oauth2.OAuth2Realm">
        <constructor-arg ref="oauth20Service"/>
    </bean>

    <!-- 定义缓存管理器 -->
    <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager"/>

    <!-- 会话管理器 -->
    <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.ServletContainerSessionManager"/>

    <!-- 安全管理器 -->
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="realm" ref="oauth2Realm"/>
        <property name="sessionManager" ref="sessionManager"/>
        <property name="cacheManager" ref="cacheManager"/>
    </bean>

    <!--Shiro可控制的Web请求必须经过Shiro主过滤器的拦截-->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <!-- Shiro的核心安全接口,这个属性是必须的 -->
        <property name="securityManager" ref="securityManager"/>
        <!-- 要求登录时的链接(可根据项目的URL进行替换)-->
        <property name="loginUrl" value="/login"/>
        <!-- 登录成功后要跳转的连接 -->
        <property name="successUrl" value="/index.jhtml"/>
        <!-- 用户访问未对其授权的资源时页面 -->
        <property name="unauthorizedUrl" value="/unauthorized.html"/>
        <!-- 自定义shiro 的 Filter -->
        <property name="filters">
            <map>
                <entry key="oauth">
                    <bean class="cn.lamppa.pcloud.auth.client.shiro.oauth2.OAuth2AuthenticationFilter">
                        <constructor-arg ref="cacheManager"/>
                    </bean>
                </entry>
                <entry key="logout">
                    <bean class="cn.lamppa.pcloud.auth.client.shiro.oauth2.EnhancedLogoutFilter">
                        <constructor-arg index="0" ref="oauth2Settings"/>
                        <constructor-arg index="1" ref="cacheManager"/>
                    </bean>
                </entry>
                <entry key="resource">
                    <bean class="cn.lamppa.pcloud.auth.client.shiro.oauth2.ResourceFilter"/>
                </entry>
            </map>
        </property>
        <!-- Shiro连接约束配置(即过滤链定义) -->
        <property name="filterChainDefinitions">
            <value>
                /login = authc
                /oauth = oauth
                /logout = logout
                /** = user,resource
            </value>
        </property>
    </bean>

    <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>

</beans>
4 回复

是nutz还是nutzboot呢? 都可以写到shiro.ini, 后者可以写到application.properties

是nutwk里

改造成shiro.ini方式,结果在启动时,就报了如下错误
org.apache.shiro.config.ConfigurationException: Unable to instantiate class [cn.pc.auth.client.shiro.oauth2.OAuth2Realm] for object named 'oauth2Realm'. Please ensure you've specified the fully qualified class name correctly.

[main]
#oauth
oauth2Settings = cn.pc.auth.client.shiro.oauth2.OAuth2Settings
oauth2Settings.currentApplicationUrl =http://1.1.1.1:9090/pc-diagnosis-front/
oauth2Settings.authzEndpoint = http://1.1.1.1:9090/oauth/authorize
oauth2Settings.tokenEndpoint = http://1.1.1.1:9090/oauth/token
oauth2Settings.logoutEndpoint = http://1.1.1.1:9090/logout
oauth2Settings.clientId = 123456
oauth2Settings.clientSecret = 123456
oauth2Settings.redirectUri = http://1.1.1.1:9090/pc-diagnosis-front/oauth
oauth2Settings.userInfoUrl = http://1.1.1.1:9090/user/info
oauth2Settings.scope = ability_read cognize_read class_read grade_read knowledge_read ordinary_read parent_read
oauth2Settings.applicationResourcesUrl = http://1.1.1.1:9090/resource/application
oauth2Settings.userResourcesUrl = http://1.1.1.1:9090/resource/user




oauth2Realm = cn.pc.auth.client.shiro.oauth2.OAuth2Realm
oauth2Realm.customOAuth20Service=$oauth20Service

oauth20Service=cn.pc.auth.client.shiro.oauth2.CustomOAuth20Service
oauth20Service.customSettingsApi20=$customSettingsApi20


customSettingsApi20=cn.pc.auth.client.shiro.oauth2.CustomSettingsApi20
customSettingsApi20.oauth2Settings=$oauth2Settings



# cacheManager
cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
cacheManager.cacheManagerConfigFile=classpath:ehcache.xml

# Session
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager

# Session Cache
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.cacheManager=$cacheManager
sessionDAO.activeSessionsCacheName=shiro-activeSessionCache
sessionManager.sessionDAO = $sessionDAO
securityManager.sessionManager = $sessionManager

# Cookie
sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=sid

sessionIdCookie.maxAge=-1
sessionIdCookie.httpOnly=true
sessionManager.sessionIdCookie=$sessionIdCookie
sessionManager.sessionIdCookieEnabled=true
sessionManager.globalSessionTimeout=3600000


rememberMeCookie = org.apache.shiro.web.servlet.SimpleCookie
rememberMeCookie.name=remember
#rememberMeCookie.maxAge = 604800
rememberMeCookie.maxAge = -1
rememberMeCookie.httpOnly = true
rememberMeManager = org.apache.shiro.web.mgt.CookieRememberMeManager
rememberMeManager.cookie = $rememberMeCookie

sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
sha256Matcher.storedCredentialsHexEncoded = false
sha256Matcher.hashIterations = 1024
sha256Matcher.hashSalted = true



securityManager.realms = $oauth2Realm
authcStrategy = cn.common.shiro.authc.pam.AnySuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy
securityManager.cacheManager = $cacheManager
#securityManager.rememberMeManager = $rememberMeManager

oauthFilter = cn.pc.auth.client.shiro.oauth2.OAuth2AuthenticationFilter
oauthFilter.cacheManager = $cacheManager

authc = cn.common.shiro.filter.SimpleAuthenticationFilter
oauth = $oauthFilter
logout = cn.pc.auth.client.shiro.oauth2.EnhancedLogoutFilter
resource = cn.pc.auth.client.shiro.oauth2.ResourceFilter
authc.loginUrl  = /platform/login
authc.unauthorizedUrl  = /unauthorized.html
logout.redirectUrl= /platform/login

[urls]
/platform/doLogin    = anon
/assets/**          = anon
#/**                 = anon
/login = authc
/** = user,resource
/platform/**         = authc
/oauth 				= oauth

cn.pc.auth.client.shiro.oauth2.OAuth2Realm 这个类是否存在? 构造方法对不对

其实不需要这样集成啦, 走入口方法又快又省事 , 自己维护个 oauth id --> user id的映射表就行

https://gitee.com/wendal/nutz-book-project/blob/v3.x/nutzcn-oauth/src/main/java/net/wendal/nutzbook/oauth/module/OauthModule.java

添加回复
请先登陆
回到顶部