templates.shiroConfig.ftl Maven / Gradle / Ivy
package ${cfg.packageConfig};
<#if (enableCache&&cfg.enableRedis)>
import ${cfg.packageShiroRedis}.RedisShiroConfiguration;
import ${cfg.packageShiroRedis}.RedisShiroSessionDAO;
import ${cfg.packageShiroRedis}.RedisShiroCacheManager;
import ${cfg.packageShiro}.ShiroRealm;
import org.apache.shiro.mgt.RememberMeManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.mgt.DefaultWebSubjectFactory;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.ShiroHttpSession;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
<#if (enableCache&&cfg.enableRedis)>
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
<#if (enableCache&&cfg.enableRedis)>
import org.springframework.data.redis.core.RedisTemplate;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
private Logger logger = LoggerFactory.getLogger(this.getClass());
/**
* ShiroFilterFactoryBean 处理拦截资源文件问题。
* 注意:单独一个ShiroFilterFactoryBean配置是或报错的,以为在
* 初始化ShiroFilterFactoryBean的时候需要注入:SecurityManager
*
* Filter Chain定义说明 1、一个URL可以配置多个Filter,使用逗号分隔 2、当设置多个过滤器时,全部验证通过,才视为通过
* 3、部分过滤器可指定参数,如perms,roles
*/
@Bean
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 必须设置 SecurityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl("/login");
shiroFilterFactoryBean.setUnauthorizedUrl("/login");
//TODO 根据项目配置拦截器
Map filterChainDefinitionMap = new LinkedHashMap<>();
//配置记住我或认证通过可以访问的地址(配置不会被拦截的链接 顺序判断)
filterChainDefinitionMap.put("/static/**", "anon");
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/captcha", "anon");
// 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了.退出不用写.直接访问/logout就行
filterChainDefinitionMap.put("/logout", "logout");
//
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
<#if (enableCache&&cfg.enableRedis)>
@Bean
public RedisShiroConfiguration redisShiroConfiguration() {
return new RedisShiroConfiguration();
}
<#if (enableCache&&cfg.enableRedis)>
@Bean
public RedisShiroCacheManager redisShiroCacheManager(RedisShiroConfiguration redisShiroConfiguration, @Qualifier("lettuceRedisTemplate") RedisTemplate