|
@@ -10,6 +10,8 @@ import org.apache.shiro.session.mgt.SessionManager;
|
|
|
import org.apache.shiro.session.mgt.eis.SessionDAO;
|
|
|
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
|
|
|
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
|
|
|
+import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
|
|
|
+import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
|
|
|
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
|
|
|
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
|
|
|
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
|
|
@@ -32,22 +34,26 @@ public class ShiroConfig {
|
|
|
public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") SecurityManager securityManager) {
|
|
|
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
|
|
|
shiroFilterFactoryBean.setSecurityManager(securityManager);
|
|
|
- shiroFilterFactoryBean.setLoginUrl("/page/toLogin");
|
|
|
-
|
|
|
+ //登录
|
|
|
+ shiroFilterFactoryBean.setLoginUrl("/sys/login");
|
|
|
//控制 访问xx资源 需要xx权限
|
|
|
- Map filterChainMap = new LinkedHashMap<String,String>();
|
|
|
- filterChainMap.put("/sys/login","anon"); //访问登录页面 直接放行
|
|
|
- filterChainMap.put("/","anon"); //访问登录页面 直接放行
|
|
|
- filterChainMap.put("/user/all","perms[user:select]"); //查询所有用户 需要认证(登录)
|
|
|
-
|
|
|
- //当用户查看仓库列表时,需要有仓库权限
|
|
|
- filterChainMap.put("/storage/all","perms[storage:select]");
|
|
|
- //当用户删除用户时,需要有超级管理员角色
|
|
|
-// filterChainMap.put("/user/del/*","roles[role_superman]");
|
|
|
-
|
|
|
- filterChainMap.put("/backend/logout","logout");
|
|
|
-
|
|
|
+ Map<String, String> filterChainMap = new LinkedHashMap<>();
|
|
|
+
|
|
|
+ //swagger接口权限 开放
|
|
|
+ filterChainMap.put("/doc.html", "anon");
|
|
|
+ filterChainMap.put("/webjars/**/**","anon");
|
|
|
+ filterChainMap.put("/swagger-ui.html", "anon");
|
|
|
+ filterChainMap.put("/webjars/**", "anon");
|
|
|
+ filterChainMap.put("/v2/**", "anon");
|
|
|
+ filterChainMap.put("/swagger-resources/**", "anon");
|
|
|
+ //退出
|
|
|
+ filterChainMap.put("/logout", "logout");
|
|
|
+ filterChainMap.put("/static/**", "anon");
|
|
|
+ filterChainMap.put("/templates/**", "anon");
|
|
|
+ //swagger接口权限 开放
|
|
|
+ filterChainMap.put("/**", "authc");
|
|
|
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);
|
|
|
+
|
|
|
return shiroFilterFactoryBean;
|
|
|
}
|
|
|
|
|
@@ -72,9 +78,8 @@ public class ShiroConfig {
|
|
|
// return defaultWebSecurityManager;
|
|
|
// }
|
|
|
|
|
|
- //realm
|
|
|
@Bean
|
|
|
- public Realm myRealm(){
|
|
|
+ public Realm myRealm() {
|
|
|
MyRealm myRealm = new MyRealm();
|
|
|
//告诉realm密码匹配方式
|
|
|
myRealm.setCredentialsMatcher(credentialsMatcher());
|
|
@@ -88,13 +93,13 @@ public class ShiroConfig {
|
|
|
|
|
|
//缓存管理
|
|
|
@Bean
|
|
|
- public CacheManager MycacheManager(){
|
|
|
+ public CacheManager MycacheManager() {
|
|
|
MyRedisCacheManager cacheManager = new MyRedisCacheManager();
|
|
|
return cacheManager;
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
- public CredentialsMatcher credentialsMatcher(){
|
|
|
+ public CredentialsMatcher credentialsMatcher() {
|
|
|
HashedCredentialsMatcher hashedMatcher = new HashedCredentialsMatcher();
|
|
|
hashedMatcher.setHashAlgorithmName("md5");
|
|
|
// hashedMatcher.setHashIterations(1);
|
|
@@ -120,12 +125,13 @@ public class ShiroConfig {
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
- public ShiroDialect shiroDialect(){
|
|
|
+ public ShiroDialect shiroDialect() {
|
|
|
return new ShiroDialect();
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
* 会话管理器
|
|
|
+ *
|
|
|
* @return
|
|
|
*/
|
|
|
@Bean
|
|
@@ -134,7 +140,7 @@ public class ShiroConfig {
|
|
|
sessionManager.setSessionDAO(redisSessionDAO());
|
|
|
|
|
|
//设置会话过期时间
|
|
|
- sessionManager.setGlobalSessionTimeout(3*60*1000); //默认半小时
|
|
|
+ sessionManager.setGlobalSessionTimeout(3 * 60 * 1000); //默认半小时
|
|
|
sessionManager.setDeleteInvalidSessions(true); //默认自定调用SessionDAO的delete方法删除会话
|
|
|
//设置会话定时检查
|
|
|
// sessionManager.setSessionValidationInterval(180000); //默认一小时
|
|
@@ -143,7 +149,7 @@ public class ShiroConfig {
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
- public SessionDAO redisSessionDAO(){
|
|
|
+ public SessionDAO redisSessionDAO() {
|
|
|
ShiroRedisSessionDao redisDAO = new ShiroRedisSessionDao();
|
|
|
return redisDAO;
|
|
|
}
|