fg重构项目
blame | 历史 | 原始文档
whycxzp
2022-05-20 1687d498f6db27f15dfc04986e1fea2a286246cb 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

package com.whyc.config;


 


import com.whyc.constant.YamlProperties;


import com.whyc.filter.KickedOutFilter;


import com.whyc.filter.RolesOrAuthorizationFilter;


import com.whyc.properties.PropertiesUtil;


import com.whyc.realm.CustomRealm;


import lombok.extern.log4j.Log4j;


import lombok.extern.log4j.Log4j2;


import org.apache.shiro.session.mgt.SessionManager;


import org.apache.shiro.spring.LifecycleBeanPostProcessor;


import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;


import org.apache.shiro.spring.web.ShiroFilterFactoryBean;


import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;


import org.apache.shiro.web.mgt.DefaultWebSecurityManager;


import org.apache.shiro.web.servlet.Cookie;


import org.apache.shiro.web.servlet.ShiroHttpSession;


import org.apache.shiro.web.servlet.SimpleCookie;


import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;


import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;


import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.context.annotation.DependsOn;


 


import javax.servlet.Filter;


import java.util.HashMap;


import java.util.LinkedHashMap;


import java.util.List;


import java.util.Map;


 


/**


 * 暂时提供权限管理,会话管理后续更新 TODO


 */


@Configuration


//@Log4j2


@DependsOn("yamlProperties")


public class ShiroConfig {


 


    @Autowired


    CustomRealm customRealm;


 


    public SessionManager sessionManager() {


        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();


        Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);


        cookie.setHttpOnly(false);


        cookie.setSameSite(Cookie.SameSiteOptions.NONE);


        cookie.setSecure(true);


        cookie.setName("fg_v2");


        sessionManager.setSessionIdCookie(cookie);


        sessionManager.setSessionIdCookieEnabled(true);


        sessionManager.setSessionIdUrlRewritingEnabled(true);


 


        return sessionManager;


    }


 


 


    /**权限管理器*/


    @Bean(name = "securityManager")


    public DefaultWebSecurityManager defaultWebSecurityManager(){


        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();


        securityManager.setRealm(customRealm);


        if(YamlProperties.runModel == 1){


            securityManager.setSessionManager(sessionManager());


        }


        return securityManager;


    }


 


    /**


     * 保证实现Shiro内部lifecycle函数的bean执行


     */


    @Bean(name = "lifecycleBeanPostProcessor")


    public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor(){


        return new  LifecycleBeanPostProcessor();


    }


 


    /**AOP式方法级权限检验*/


    @Bean


    @DependsOn("lifecycleBeanPostProcessor")


    public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator(){


        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();


        advisorAutoProxyCreator.setProxyTargetClass(true);


        return advisorAutoProxyCreator;


    }


 


    /**配合DefaultAdvisorAutoProxyCreator 注解权限校验*/


    @Bean


    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){


        AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();


        aasa.setSecurityManager(defaultWebSecurityManager());


        return aasa;


    }


 


    /**过滤器链*/


    private Map<String, String> filterChainDefinition(){


        List<Object> list  = PropertiesUtil.propertiesShiro.getKeyList();


        Map<String, String> map = new LinkedHashMap<>();


        for (Object object : list) {


            String key = object.toString();


            String value = PropertiesUtil.getShiroValue(key);


            //log.info("读取防止盗链控制:---key{},---value:{}",key,value);


            map.put(key, value);


        }


        return map;


    }


 


    /**自定义过滤器*/


    private Map<String, Filter> filters(){


        HashMap<String, Filter> map = new HashMap<>();


        map.put("rolesOr",new RolesOrAuthorizationFilter());


        return map;


    }


 


    /**过滤器*/


//    @Bean("shiroFilter")


    @Bean


    public ShiroFilterFactoryBean shiroFilterFactoryBean(){


        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();


        //注入新定义的过滤器


        shiroFilter.setFilters(filters());


        shiroFilter.setSecurityManager(defaultWebSecurityManager());


        shiroFilter.setFilterChainDefinitionMap(filterChainDefinition());


        shiroFilter.setLoginUrl("/login.html");


        //shiroFilter.setLoginUrl("/index.html#login");


        shiroFilter.setUnauthorizedUrl("/login/unauthorized");


        return shiroFilter;


    }


}