| | |
|---|
| | | package com.whyc.config; |
|---|
| | | |
|---|
| | | import com.whyc.filter.JwtAuthcFilter; |
|---|
| | | import com.whyc.filter.KickedOutFilter; |
|---|
| | | import com.whyc.filter.RolesOrAuthorizationFilter; |
|---|
| | | import com.whyc.manager.JWTManager; |
|---|
| | | import com.whyc.manager.ShiroSessionManager; |
|---|
| | | import com.whyc.properties.PropertiesUtil; |
|---|
| | | import com.whyc.realm.CustomRealm; |
|---|
| | | import lombok.extern.log4j.Log4j; |
|---|
| | |
|---|
| | | import org.apache.shiro.spring.LifecycleBeanPostProcessor; |
|---|
| | | import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; |
|---|
| | | import org.apache.shiro.spring.web.ShiroFilterFactoryBean; |
|---|
| | | import org.apache.shiro.util.ThreadContext; |
|---|
| | | import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter; |
|---|
| | | import org.apache.shiro.web.mgt.DefaultWebSecurityManager; |
|---|
| | | import org.apache.shiro.web.servlet.SimpleCookie; |
|---|
| | | import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | |
|---|
| | | @Autowired |
|---|
| | | CustomRealm customRealm; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | JWTManager jwtManager; |
|---|
| | | |
|---|
| | | /**权限管理器*/ |
|---|
| | | @Bean(name = "securityManager") |
|---|
| | | public DefaultWebSecurityManager defaultWebSecurityManager(){ |
|---|
| | | DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); |
|---|
| | | securityManager.setRealm(customRealm); |
|---|
| | | securityManager.setSessionManager(shiroSessionManager()); |
|---|
| | | return securityManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Bean(name = "sessionManager") |
|---|
| | | public ShiroSessionManager shiroSessionManager(){ |
|---|
| | | ShiroSessionManager shiroSessionManager = new ShiroSessionManager(); |
|---|
| | | shiroSessionManager.setSessionIdCookie(simpleCookie()); |
|---|
| | | return shiroSessionManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /**Cookie指定Session名称*/ |
|---|
| | | @Bean(name = "sessionIdCookie") |
|---|
| | | public SimpleCookie simpleCookie(){ |
|---|
| | | SimpleCookie simpleCookie = new SimpleCookie(); |
|---|
| | | simpleCookie.setName("shiroSession"); |
|---|
| | | return simpleCookie; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | private Map<String, Filter> filters(){ |
|---|
| | | HashMap<String, Filter> map = new HashMap<>(); |
|---|
| | | map.put("rolesOr",new RolesOrAuthorizationFilter()); |
|---|
| | | map.put("authc-jwt",new JwtAuthcFilter(jwtManager)); |
|---|
| | | return map; |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | public ShiroFilterFactoryBean shiroFilterFactoryBean(){ |
|---|
| | | ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean(); |
|---|
| | | //注入新定义的过滤器 |
|---|
| | | shiroFilter.setFilters(filters()); |
|---|
| | | shiroFilter.setSecurityManager(defaultWebSecurityManager()); |
|---|
| | | shiroFilter.setFilters(filters()); |
|---|
| | | shiroFilter.setFilterChainDefinitionMap(filterChainDefinition()); |
|---|
| | | shiroFilter.setLoginUrl("/login.html"); |
|---|
| | | //shiroFilter.setLoginUrl("/index.html#login"); |
|---|
