通用框架平台,每个分支对应子通用框架平台,禁止Merge不同分支!! 分支版本区别见项目内readme.md
blame | 历史 | 原始文档
whycxzp
2021-01-20 129bc8f0c9bce0306aa99fafde97689f645dbbb5 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

package com.whyc.config;


 


import com.whyc.filter.JwtAuthcFilter;


import com.whyc.filter.KickedOutFilter;


import com.whyc.filter.RolesOrAuthorizationFilter;


import com.whyc.manager.JWTManager;


import com.whyc.manager.ShiroSessionManager;


import com.whyc.properties.PropertiesUtil;


import com.whyc.realm.CustomRealm;


import lombok.extern.log4j.Log4j;


import lombok.extern.log4j.Log4j2;


import org.apache.shiro.spring.LifecycleBeanPostProcessor;


import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;


import org.apache.shiro.spring.web.ShiroFilterFactoryBean;


import org.apache.shiro.util.ThreadContext;


import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;


import org.apache.shiro.web.mgt.DefaultWebSecurityManager;


import org.apache.shiro.web.servlet.SimpleCookie;


import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.context.annotation.DependsOn;


 


import javax.servlet.Filter;


import java.util.HashMap;


import java.util.LinkedHashMap;


import java.util.List;


import java.util.Map;


 


/**


 * 暂时提供权限管理,会话管理后续更新 TODO


 */


@Configuration


//@Log4j2


public class ShiroConfig {


 


    @Autowired


    CustomRealm customRealm;


 


    @Autowired


    JWTManager jwtManager;


 


    /**权限管理器*/


    @Bean(name = "securityManager")


    public DefaultWebSecurityManager defaultWebSecurityManager(){


        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();


        securityManager.setRealm(customRealm);


        securityManager.setSessionManager(shiroSessionManager());


        return securityManager;


    }


 


    @Bean(name = "sessionManager")


    public ShiroSessionManager shiroSessionManager(){


        ShiroSessionManager shiroSessionManager = new ShiroSessionManager();


        shiroSessionManager.setSessionIdCookie(simpleCookie());


        return shiroSessionManager;


    }


 


    /**Cookie指定Session名称*/


    @Bean(name = "sessionIdCookie")


    public SimpleCookie simpleCookie(){


        SimpleCookie simpleCookie = new SimpleCookie();


        simpleCookie.setName("shiroSession");


        return simpleCookie;


    }


 


    /**


     * 保证实现Shiro内部lifecycle函数的bean执行


     */


    @Bean(name = "lifecycleBeanPostProcessor")


    public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor(){


        return new  LifecycleBeanPostProcessor();


    }


 


    /**AOP式方法级权限检验*/


    @Bean


    @DependsOn("lifecycleBeanPostProcessor")


    public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator(){


        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();


        advisorAutoProxyCreator.setProxyTargetClass(true);


        return advisorAutoProxyCreator;


    }


 


    /**配合DefaultAdvisorAutoProxyCreator 注解权限校验*/


    @Bean


    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){


        AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();


        aasa.setSecurityManager(defaultWebSecurityManager());


        return aasa;


    }


 


    /**过滤器链*/


    private Map<String, String> filterChainDefinition(){


        List<Object> list  = PropertiesUtil.propertiesShiro.getKeyList();


        Map<String, String> map = new LinkedHashMap<>();


        for (Object object : list) {


            String key = object.toString();


            String value = PropertiesUtil.getShiroValue(key);


            //log.info("读取防止盗链控制:---key{},---value:{}",key,value);


            map.put(key, value);


        }


        return map;


    }


 


    /**自定义过滤器*/


    private Map<String, Filter> filters(){


        HashMap<String, Filter> map = new HashMap<>();


        map.put("rolesOr",new RolesOrAuthorizationFilter());


        map.put("authc-jwt",new JwtAuthcFilter(jwtManager));


        return map;


    }


 


    /**过滤器*/


//    @Bean("shiroFilter")


    @Bean


    public ShiroFilterFactoryBean shiroFilterFactoryBean(){


        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();


        //注入新定义的过滤器


        shiroFilter.setSecurityManager(defaultWebSecurityManager());


        shiroFilter.setFilters(filters());


        shiroFilter.setFilterChainDefinitionMap(filterChainDefinition());


        shiroFilter.setLoginUrl("/login.html");


        //shiroFilter.setLoginUrl("/index.html#login");


        shiroFilter.setUnauthorizedUrl("/login/unauthorized");


        return shiroFilter;


    }


}