spring.shiro.xml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of wichell-common Show documentation
Show all versions of wichell-common Show documentation
common project com.wichell.wichell jar
The newest version!
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
<!-- 这里主要是设置自定义的单Realm应用,若有多个Realm,可使用'realms'属性代替 -->
<bean id="realm" class="com.wichell.core.shiro.Realm" />
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="realm" />
<property name="cacheManager">
<bean class="com.wichell.core.support.cache.shiro.RedisCacheManager" />
</property>
</bean>
<!-- Web应用中,Shiro可控制的Web请求必须经过Shiro主过滤器的拦截,Shiro对基于Spring的Web应用提供了完美的支持 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- Shiro的核心安全接口,这个属性是必须的 -->
<property name="securityManager" ref="securityManager" />
<!-- 要求登录时的链接 -->
<property name="loginUrl" value="/unauthorized" />
<!-- 用户访问未对其授权的资源时,所显示的连接 -->
<property name="unauthorizedUrl" value="/forbidden" />
<!-- Shiro连接约束配置,即过滤链的定义 -->
<!-- anon:它对应的过滤器里面是空的,什么都没做 -->
<!-- authc:该过滤器下的页面必须验证后才能访问,它是Shiro内置的一个拦截器org.apache.shiro.web.filter.authc.FormAuthenticationFilter -->
<property name="filterChainDefinitions">
<value>
/=anon
/app/**=anon
/index.jsp=anon
/regin=anon
/login=anon
/*.ico=anon
/upload/*=anon
/unauthorized=anon
/forbidden=anon
/sns*=anon
/*/api-docs=anon
/callback*=anon
/swagger*=anon
/configuration/*=anon
/*/configuration/*=anon
/webjars/**=anon
/**=authc,user
</value>
</property>
</bean>
<!-- Shiro生命周期处理器 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
</beans> © 2015 - 2025 Weber Informatics LLC | Privacy Policy