shiroConfig配置-CFANZ编程社区

安全管理器设置

/**
 * shiro 安全管理器设置
 * @return SecurityManager
 */
@Bean
public SecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        List<Realm> realms = new ArrayList<>(  );
        realms.add( wxRealm() );
        realms.add( userRealm() );
        //设置securityManager 的 realm组.
        securityManager.setRealms( realms );
        //设置session管理器
        securityManager.setSessionManager(sessionManager());
        //自定义的模块化领域认证(cs)
        ModularRealmAuthenticator authenticator = new WxModularRealmAuthenticator();
        /*
         * 设置 authenticator中的 realm 组
         * 注意,这的设置 realm 和前面 securityManager 设置realm没有关系
         * 两边都需要进行设置,这边的用于登录的校验, securityManager 中的暂时不确定
         */
        authenticator.setRealms( realms );
        securityManager.setAuthenticator( authenticator );
        return securityManager;

session管理器

/**
 * shiro session管理器
 * 自定义了获取session的方式
 */
@Bean
public DefaultWebSessionManager sessionManager() {
    //使用自定义的session管理器
    DefaultWebSessionManager sessionManager = new WxSessionManager();
    sessionManager.setGlobalSessionTimeout(tomcatTimeout * 1000);
    sessionManager.setSessionDAO(sessionDAO());
    Collection<SessionListener> listeners = new ArrayList<SessionListener>();
    listeners.add(new BDSessionListener());
    sessionManager.setSessionListeners(listeners);
    return sessionManager;
}

shiro拦截器

/**
 * shiro拦截器, 设置拦截规则
 * @param securityManager  安全管理器
 * @return shiroFilterFactoryBean
 */
@Bean
ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
    ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
    shiroFilterFactoryBean.setSecurityManager(securityManager);
    shiroFilterFactoryBean.setLoginUrl("/login");
    shiroFilterFactoryBean.setSuccessUrl("/index");
    shiroFilterFactoryBean.setUnauthorizedUrl("/403");
    LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
    filterChainDefinitionMap.put("/home/**", "anon");
    filterChainDefinitionMap.put("/login","anon");
    filterChainDefinitionMap.put("/wxLogin","anon");
    filterChainDefinitionMap.put("/css/**", "anon");
    filterChainDefinitionMap.put("/js/**", "anon");
    filterChainDefinitionMap.put("/fonts/**", "anon");
    filterChainDefinitionMap.put("/img/**", "anon");
    filterChainDefinitionMap.put("/docs/**", "anon");
    filterChainDefinitionMap.put("/druid/**", "anon");
    filterChainDefinitionMap.put("/upload/**", "anon");
    filterChainDefinitionMap.put("/files/**", "anon");
    filterChainDefinitionMap.put("/logout", "logout");
    filterChainDefinitionMap.put("/", "anon");
    filterChainDefinitionMap.put("/blog", "anon");
    filterChainDefinitionMap.put("/blog/open/**", "anon");
    filterChainDefinitionMap.put("/**", "authc");
    shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
    return shiroFilterFactoryBean;
}

开启shiro aop注解支持

/**
 * 开启shiro aop注解支持。
 * 进行注解权限校验时需要使用代理方式;
 * 所以需要开启代码支持;
 *
 * @param securityManager  shiro 安全管理器
 * @return AuthorizationAttributeSourceAdvisor
 */
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
}

转载于:https://my.oschina.net/u/2555967/blog/2961836