| | |
|---|
| | | package com.whyc.config; |
|---|
| | | |
|---|
| | | import com.whyc.filter.KickedOutFilter; |
|---|
| | | import com.whyc.constant.YamlProperties; |
|---|
| | | import com.whyc.filter.RolesOrAuthorizationFilter; |
|---|
| | | import com.whyc.properties.PropertiesUtil; |
|---|
| | | import com.whyc.realm.CustomRealm; |
|---|
| | | import lombok.extern.log4j.Log4j; |
|---|
| | | import lombok.extern.log4j.Log4j2; |
|---|
| | | import org.apache.shiro.session.mgt.SessionManager; |
|---|
| | | import org.apache.shiro.spring.LifecycleBeanPostProcessor; |
|---|
| | | import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; |
|---|
| | | import org.apache.shiro.spring.web.ShiroFilterFactoryBean; |
|---|
| | | import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter; |
|---|
| | | import org.apache.shiro.web.mgt.DefaultWebSecurityManager; |
|---|
| | | import org.apache.shiro.web.servlet.Cookie; |
|---|
| | | import org.apache.shiro.web.servlet.ShiroHttpSession; |
|---|
| | | import org.apache.shiro.web.servlet.SimpleCookie; |
|---|
| | | import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; |
|---|
| | | import org.apache.shiro.web.session.mgt.ServletContainerSessionManager; |
|---|
| | | import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | |
|---|
| | | */ |
|---|
| | | @Configuration |
|---|
| | | //@Log4j2 |
|---|
| | | @DependsOn("yamlProperties") |
|---|
| | | public class ShiroConfig { |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | CustomRealm customRealm; |
|---|
| | | |
|---|
| | | public SessionManager sessionManager() { |
|---|
| | | DefaultWebSessionManager sessionManager = new DefaultWebSessionManager(); |
|---|
| | | Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME); |
|---|
| | | cookie.setHttpOnly(false); |
|---|
| | | cookie.setSameSite(Cookie.SameSiteOptions.NONE); |
|---|
| | | cookie.setSecure(true); |
|---|
| | | cookie.setName("fg_v2"); |
|---|
| | | sessionManager.setGlobalSessionTimeout(-1); |
|---|
| | | sessionManager.setSessionIdCookie(cookie); |
|---|
| | | sessionManager.setSessionIdCookieEnabled(true); |
|---|
| | | sessionManager.setSessionIdUrlRewritingEnabled(true); |
|---|
| | | |
|---|
| | | return sessionManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /**权限管理器*/ |
|---|
| | | @Bean(name = "securityManager") |
|---|
| | | public DefaultWebSecurityManager defaultWebSecurityManager(){ |
|---|
| | | DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); |
|---|
| | | securityManager.setRealm(customRealm); |
|---|
| | | if(YamlProperties.runModel == 1){ |
|---|
| | | securityManager.setSessionManager(sessionManager()); |
|---|
| | | } |
|---|
| | | return securityManager; |
|---|
| | | } |
|---|
| | | |
|---|
