17. 扩展：JavaConfig配置Bean

自定义一个Realm类并继承AuthorizingRealm，重写两个方法：

AuthorizationInfo：授权
AuthenticationInfo：认证

public class UserRealm extends AuthorizingRealm {}

配置Bean：

@Configuration
public class ShiroConfig {

        // ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean shiroFilter(@Autowired DefaultWebSecurityManager securityManager) {
        // 设置安全管理器
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);
        // 设置Shiro过滤器策略
        Map<String,String> filterMap = new LinkedHashMap<>();
        filterMap.put("/menus/**","authc");
        bean.setFilterChainDefinitionMap(filterMap);
        bean.setLoginUrl("/login");
        return bean;
    }

        // DefaultWebSecurityManager
    @Bean
    public DefaultWebSecurityManager securityManager(@Autowired UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 关联UserRealm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

        
    // UserRealm 自定义的Realm类
    @Bean
    public UserRealm userRealm() {
        return new UserRealm();
    }
}

配置Bean：​

配置Bean：