Skip to content

D
data-server
Switch branch/tag
Find file
Normal viewHistoryPermalink
ShiroConfig.java 5.23 KB
Newer Older
licc's avatar
上传代码
3de62532
 
licc committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 
package cn.wisenergy.web.shiro;

import cn.wisenergy.web.shiro.filter.AuthFilter;
import cn.wisenergy.web.shiro.filter.AuthRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * shiro配置类
licc's avatar
代码优化2
8da9308c
 
licc committed
21 
 * @author 86187
licc's avatar
上传代码
3de62532
 
licc committed
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 
 */
@Configuration
public class ShiroConfig {

    /**
     * 配置拦截器
     * <p>
     * 定义拦截URL权限,优先级从上到下
     * 1). anon  : 匿名访问,无需登录
     * 2). authc : 登录后才能访问
     * 3). logout: 登出
     * 4). frameperms : 自定义的过滤器
     * <p>
     * URL 匹配风格
     * 1). ?:匹配一个字符,如 /admin? 将匹配 /admin1,但不匹配 /admin 或 /admin/;
     * 2). *:匹配零个或多个字符串,如 /admin* 将匹配 /admin 或/admin123,但不匹配 /admin/1;
     * 3). **:匹配路径中的零个或多个路径,如 /admin/** 将匹配 /admin/a 或 /admin/a/b
     * <p>
     * 配置身份验证成功,失败的跳转路径
     */
    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        // 设置securityManager
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        // 自定义的过滤器
        Map<String, Filter> filterMap = new HashMap<>();
        // map里面key值要为过滤器的名称,value为过滤器对象
        filterMap.put("oauth2", new AuthFilter());
        // 将自定义的过滤器加入到过滤器集合中
        shiroFilterFactoryBean.setFilters(filterMap);

        // 设置拦截器集合
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
licc's avatar
接口增加权限token
5926295c
 
licc committed
57 58 59 60 61 62 
        filterChainDefinitionMap.put("/authInformation/save", "anon");//存储设备IMEI号和手机SIM卡ID号
        filterChainDefinitionMap.put("/sys/login", "anon"); // 登录页面-身份认证
        filterChainDefinitionMap.put("/sys/registered", "anon"); // 注册页面
        filterChainDefinitionMap.put("/swagger-ui.html", "anon"); // swagger接口-匿名访问
        filterChainDefinitionMap.put("/swagger/**", "anon");
        filterChainDefinitionMap.put("/user/**", "anon");
m1991's avatar
sms工具类迁移 用户注册功能接口实现
776661a1
 
m1991 committed
63 
        filterChainDefinitionMap.put("/api/user/**", "anon");
licc's avatar
接口增加权限token
5926295c
 
licc committed
64 65 66 
        filterChainDefinitionMap.put("/webjars/springfox-swagger-ui/**", "anon");
        filterChainDefinitionMap.put("/swagger-resources/**", "anon");
        filterChainDefinitionMap.put("/v2/api-docs", "anon");
m1991's avatar
sms工具类变动
f9b84fc5
 
m1991 committed
67 68 
        filterChainDefinitionMap.put("/api/sms/verifyCode", "anon");
        filterChainDefinitionMap.put("/api/sms/**", "anon");
licc's avatar
接口增加权限token
5926295c
 
licc committed
69 70 71 72 
        filterChainDefinitionMap.put("/upload_flowChart/**", "anon");//图片地址
        filterChainDefinitionMap.put("/webSocket/**", "anon");//socket
        filterChainDefinitionMap.put("/message/**", "anon");//消息推送接口
        filterChainDefinitionMap.put("/**", "oauth2");  // 其他路径均需要身份认证,一般位于最下面,优先级最低
licc's avatar
上传代码
3de62532
 
licc committed
73 74 

        // 设置拦截器
m1991's avatar
sms工具类变动
f9b84fc5
 
m1991 committed
75 
       shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
licc's avatar
上传代码
3de62532
 
licc committed
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 
        return shiroFilterFactoryBean;
    }

    /**
     * 配置Shiro生命周期处理器
     */
    @Bean("lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public static DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
        return defaultAdvisorAutoProxyCreator;
    }

    /**
     * 配置加密匹配,使用MD5的方式,进行1024次加密
     */
//    @Bean
//    public HashedCredentialsMatcher hashedCredentialsMatcher() {
//        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
//        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
//        hashedCredentialsMatcher.setHashIterations(1024);
//        return hashedCredentialsMatcher;
//    }
    @Bean("securityManager")
    public SecurityManager securityManager(AuthRealm authRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(authRealm);
        securityManager.setRememberMeManager(null);
        return securityManager;
    }

    /**
     * 开启Shiro的注解
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }

}