Home Esplora Aiuto
Registrati Accedi
hx
/
expo
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): a480376dac
Rami (Branch) Tag
expo
/
src
/
main
/
java
/
net
/
mingsoft
/
config
/
ShiroConfiguration.java

ShiroConfiguration.java 2.3 KB
Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. package net.mingsoft.config;
    2. 

  2. 

  3. import java.util.LinkedHashMap;
    4. 

  4. import java.util.Map;
    5. 

  5. 

  6. import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
    7. 

  7. import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
    8. 

  8. import org.springframework.beans.factory.annotation.Value;
    9. 

  9. import org.springframework.context.annotation.Bean;
    10. 

  10. import org.springframework.context.annotation.Configuration;
    11. 

  11. 

  12. import net.mingsoft.basic.security.BaseAuthRealm;
    13. 

  13. 

  14. import org.apache.shiro.mgt.SecurityManager;
    15. 

  15. 

  16. @Configuration
    17. 

  17. public class ShiroConfiguration {
    18. 

  18. 	@Value("${ms.manager.path}")
    19. 

  19. 	private String managerPath;
    20. 

  20. 

  21. 	@Bean
    22. 

  22. 	public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
    23. 

  23. 		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
    24. 

  24. 		// 必须设置 SecurityManager
    25. 

  25. 		shiroFilterFactoryBean.setSecurityManager(securityManager);
    26. 

  26. 		// setLoginUrl 如果不设置值,默认会自动寻找Web工程根目录下的"/login.jsp"页面 或 "/login" 映射
    27. 

  27. 		shiroFilterFactoryBean.setLoginUrl(managerPath+"/login.do");
    28. 

  28. 		// 设置无权限时跳转的 url;
    29. 

  29. 		shiroFilterFactoryBean.setUnauthorizedUrl(managerPath+"/404.do");
    30. 

  30. 

  31. 		// 设置拦截器
    32. 

  32. 		Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
    33. 

  33. 		// 游客,开发权限
    34. 

  34. 		filterChainDefinitionMap.put("/static/**", "anon");
    35. 

  35. 		filterChainDefinitionMap.put("/html/**", "anon");
    36. 

  36. 		// 开放登陆接口
    37. 

  37. 		filterChainDefinitionMap.put(managerPath+"/login.do", "anon");
    38. 

  38. 		filterChainDefinitionMap.put(managerPath+"/checkLogin.do", "anon");
    39. 

  39. 		// 其余接口一律拦截
    40. 

  40. 		// 主要这行代码必须放在所有权限设置的最后,不然会导致所有 url 都被拦截
    41. 

  41. 		filterChainDefinitionMap.put(managerPath+"/**", "authc");
    42. 

  42. 

  43. 		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
    44. 

  44. 		return shiroFilterFactoryBean;
    45. 

  45. 	}
    46. 

  46. 

  47. 	/**
    48. 

  48. 	 * 注入 securityManager
    49. 

  49. 	 */
    50. 

  50. 	@Bean
    51. 

  51. 	public SecurityManager securityManager() {
    52. 

  52. 		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    53. 

  53. 		// 设置realm.
    54. 

  54. 		securityManager.setRealm(customRealm());
    55. 

  55. 		return securityManager;
    56. 

  56. 	}
    57. 

  57. 

  58. 	/**
    59. 

  59. 	 * 自定义身份认证 realm;
    60. 

  60. 	 * <p>
    61. 

  61. 	 * 必须写这个类,并加上 @Bean 注解,目的是注入 CustomRealm, 否则会影响 CustomRealm类 中其他类的依赖注入
    62. 

  62. 	 */
    63. 

  63. 	@Bean
    64. 

  64. 	public BaseAuthRealm customRealm() {
    65. 

  65. 		return new BaseAuthRealm();
    66. 

  66. 	}
    67. 

  67. }
    68.