蓄电池机器人智能系统
blame | 历史 | 原始文档
whyclxw
2024-07-01 db23586fd744582cd8ee237c34ff29d9277009ee 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

package com.whyc.config;


 


import com.whyc.constant.YamlProperties;


import com.whyc.filter.RolesOrAuthorizationFilter;


import com.whyc.properties.PropertiesUtil;


import com.whyc.realm.CustomRealm;


import org.apache.shiro.session.mgt.SessionManager;


import org.apache.shiro.spring.LifecycleBeanPostProcessor;


import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;


import org.apache.shiro.spring.web.ShiroFilterFactoryBean;


import org.apache.shiro.web.mgt.DefaultWebSecurityManager;


import org.apache.shiro.web.servlet.Cookie;


import org.apache.shiro.web.servlet.ShiroHttpSession;


import org.apache.shiro.web.servlet.SimpleCookie;


import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;


import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.context.annotation.DependsOn;


 


import javax.servlet.Filter;


import java.util.HashMap;


import java.util.LinkedHashMap;


import java.util.List;


import java.util.Map;


 


/**


 * 暂时提供权限管理,会话管理后续更新 TODO


 */


@Configuration


//@Log4j2


@DependsOn("yamlProperties")


public class ShiroConfig {


 


    @Autowired


    CustomRealm customRealm;


 


    public SessionManager sessionManager() {


        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();


        Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);


        cookie.setHttpOnly(false);


        cookie.setSameSite(Cookie.SameSiteOptions.NONE);


        cookie.setSecure(true);


        cookie.setName("MSManager");


        sessionManager.setSessionIdCookie(cookie);


        sessionManager.setSessionIdCookieEnabled(true);


        sessionManager.setSessionIdUrlRewritingEnabled(true);


 


        return sessionManager;


    }


 


 


    /**权限管理器*/


    @Bean(name = "securityManager")


    public DefaultWebSecurityManager defaultWebSecurityManager(){


        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();


        securityManager.setRealm(customRealm);


        if(YamlProperties.runModel == 1){


            securityManager.setSessionManager(sessionManager());


        }


        return securityManager;


    }


 


    /**


     * 保证实现Shiro内部lifecycle函数的bean执行


     */


    @Bean(name = "lifecycleBeanPostProcessor")


    public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor(){


        return new  LifecycleBeanPostProcessor();


    }


 


    /**AOP式方法级权限检验*/


    @Bean


    @DependsOn("lifecycleBeanPostProcessor")


    public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator(){


        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();


        advisorAutoProxyCreator.setProxyTargetClass(true);


        return advisorAutoProxyCreator;


    }


 


    /**配合DefaultAdvisorAutoProxyCreator 注解权限校验*/


    @Bean


    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){


        AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();


        aasa.setSecurityManager(defaultWebSecurityManager());


        return aasa;


    }


 


    /**过滤器链*/


    private Map<String, String> filterChainDefinition(){


        List<Object> list  = PropertiesUtil.propertiesShiro.getKeyList();


        Map<String, String> map = new LinkedHashMap<>();


        for (Object object : list) {


            String key = object.toString();


            String value = PropertiesUtil.getShiroValue(key);


            //log.info("读取防止盗链控制:---key{},---value:{}",key,value);


            map.put(key, value);


        }


        return map;


    }


 


    /**自定义过滤器*/


    private Map<String, Filter> filters(){


        HashMap<String, Filter> map = new HashMap<>();


        map.put("rolesOr",new RolesOrAuthorizationFilter());


        return map;


    }


 


    /**过滤器*/


//    @Bean("shiroFilter")


    @Bean


    public ShiroFilterFactoryBean shiroFilterFactoryBean(){


        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();


        //注入新定义的过滤器


        shiroFilter.setFilters(filters());


        shiroFilter.setSecurityManager(defaultWebSecurityManager());


        shiroFilter.setFilterChainDefinitionMap(filterChainDefinition());


        shiroFilter.setLoginUrl("/login.html");


        //shiroFilter.setLoginUrl("/index.html#login");


        shiroFilter.setUnauthorizedUrl("/login/unauthorized");


        return shiroFilter;


    }


}