|
|
/** * RedisSessionDAO shiro sessionDao层的实现 通过redis
* 使用的是shiro-redis开源插件
*/
public RedisSessionDAO redisSessionDAO() {
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(redisSentinelManager());
return redisSessionDAO;
}
/**
* shiro session的管理
*/
public DefaultWebSessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionDAO(redisSessionDAO());
Cookie cookie = sessionManager.getSessionIdCookie();
cookie.setName("emp_sid");
sessionManager.setSessionIdCookie(cookie);
//shiro session过期监听器
sessionManager.setSessionListeners(Arrays.asList(new ShiroSessionListener()));
sessionManager.setSessionValidationInterval(sessionValidationInterval);
return sessionManager;
}
/**
* 凭证匹配器
*
* @return
*/
public CredentialsMatcher credentialsMatcher() {
RetryLimitHashedCredentialsMatcher credentialsMatcher = new RetryLimitHashedCredentialsMatcher(cacheManager());
credentialsMatcher.setHashAlgorithmName("md5");//加密算法名称
credentialsMatcher.setHashIterations(2);
credentialsMatcher.setStoredCredentialsHexEncoded(true);
return credentialsMatcher;
}
/**
* Realm实现
*
* @return
*/
@Bean
public AuthorizingRealm userRealm() {
EmployeeRealm employeeRealm = new EmployeeRealm();
employeeRealm.setCredentialsMatcher(credentialsMatcher());
//关闭登陆用户信息缓存
employeeRealm.setAuthenticationCachingEnabled(false);
employeeRealm.setAuthorizationCachingEnabled(true);
return employeeRealm;
}
/**
* 安全管理器
*
* @return
*/
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm());
securityManager.setSessionManager(sessionManager());
securityManager.setCacheManager(cacheManager());
ModularRealmAuthorizer authorizer = new ModularRealmAuthorizer();
authorizer.setRealms(securityManager.getRealms());
authorizer.setPermissionResolver(new EmployeePermissionResolver());
authorizer.setRolePermissionResolver(rolePermissionResolver());
securityManager.setAuthorizer(authorizer);
securityManager.setRememberMeManager(rememberMeManager());
return securityManager;
}
@Bean
public RolePermissionResolver rolePermissionResolver() {
return new MyRolePermissionResolver();
}
@Bean
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map filters = shiroFilterFactoryBean.getFilters();
StaticUrlFilter staticUrlFilter = new StaticUrlFilter();
filters.put("staticUrl", staticUrlFilter);
TokenFilter tokenFilter=new TokenFilter();
filters.put("token",tokenFilter);
AuthorityFilter authorityFilter = new AuthorityFilter();
authorityFilter.setActionService(authorityService);
filters.put("auth", authorityFilter);
VersionFilter versionFilter = new VersionFilter();
filters.put("version", versionFilter);
shiroFilterFactoryBean.setFilters(filters);
//拦截器.
Map filterChainDefinitionMap = new LinkedHashMap();
// 配置不会被拦截的链接 顺序判断
//拦截器url配置格式为:/**=user,等号前面为路径,后面为名称,多个拦截器用','分割,多个配置之间用';'分割
if (!StringUtils.isEmpty(filterChainDefinitions)) {
String[] array = StringUtils.delimitedListToStringArray(filterChainDefinitions, ";");
for (String str : array) {
if(StringUtils.isEmpty(str)){
continue;
}
String[] urlArray = str.split("=");
filterChainDefinitionMap.put(urlArray[0].trim(), urlArray[1].trim());
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-11-2 12:44:31
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡