2018-08-22

/**

  • Shiro的配置文件
    */
    @Configuration
    public class ShiroConfig {

    /**

    • 开启cookie
    • @param cookieTimeout
    • @return
      */
      @Bean("simpleCookie")
      public SimpleCookie simpleCookie(@Value("${shiro.cookie.timeout:-1}") Integer cookieTimeout) {
      SimpleCookie simpleCookie = new SimpleCookie("sid");
      simpleCookie.setHttpOnly(true);
      simpleCookie.setPath("/");
      simpleCookie.setMaxAge(cookieTimeout);
      return simpleCookie;
      }

    /**

    • session管理器

    • @param globalSessionTimeout

    • @param redisShiroSessionDAO // * @param validationScheduler

    • @param simpleCookie

    • @return
      */
      @Bean("sessionManager")
      public SessionManager sessionManager(@Value("${shiro.login.session.timeout}") Long globalSessionTimeout,
      RedisShiroSessionDAO redisShiroSessionDAO,
      // ExecutorServiceSessionValidationScheduler validationScheduler,
      SimpleCookie simpleCookie) {
      DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
      //设置session过期时间为1小时(单位:毫秒),默认为30分钟
      sessionManager.setGlobalSessionTimeout(globalSessionTimeout);
      sessionManager.setSessionValidationSchedulerEnabled(true);
      sessionManager.setSessionIdUrlRewritingEnabled(false);
      sessionManager.setSessionDAO(redisShiroSessionDAO);

      //开启cookie 不然一直登录不上,remember不起作用
      sessionManager.setSessionIdCookieEnabled(true);
      sessionManager.setSessionIdCookie(simpleCookie);
      return sessionManager;
      }

    //配置自定义的密码比较器
    @Bean(name="credentialsMatcher")
    public CredentialsMatcher credentialsMatcher() {
    return new CredentialsMatcher();
    }

@Bean("userRealm")
public UserRealm setUserRealm(@Value("${user.login.cacheName:webLoginCache}") String authenticationCacheName,@Qualifier("credentialsMatcher") CredentialsMatcher matcher) {
    UserRealm userRealm = new UserRealm();
    userRealm.setCredentialsMatcher(matcher);
    userRealm.setAuthenticationCacheName(authenticationCacheName);
    return userRealm;
}


/**
 * 认证管理
 *
 * @param userRealm
 * @param sessionManager
 * @return
 */
@Bean("securityManager")
public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(userRealm);
    securityManager.setSessionManager(sessionManager);

    return securityManager;
}


/**
 * 过滤
 *
 * @param securityManager
 * @param userFilter
 * @param kickoutFilter
 * @return
 */
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager,
                                          UserSessionFilter userFilter,
                                          KickoutSessionControlFilter kickoutFilter) {
    ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
    shiroFilter.setSecurityManager(securityManager);
    shiroFilter.setLoginUrl("/login");
    shiroFilter.setUnauthorizedUrl("/");
    Map<String, Filter> filters = Maps.newHashMap();
    filters.put("userFilter", userFilter);
    filters.put("kickoutFilter", kickoutFilter);
    shiroFilter.setFilters(filters);
    shiroFilter.setFilterChainDefinitions("/** = kickoutFilter,userFilter");
    return shiroFilter;
}

@Bean("userFilter")
public UserSessionFilter userSessionFilter(@Value("${shiro.login.ignoreUrls}") String ignoreUrls){
    UserSessionFilter userSessionFilter = new UserSessionFilter();
    userSessionFilter.setIgnoreUrls(ignoreUrls);
    return userSessionFilter;
}

@Bean("kickoutFilter")
public KickoutSessionControlFilter kickoutSessionControlFilter(@Value("${shiro.login.maxSession:1}") Integer maxSession, SessionManager sessionManager, CacheManager cacheManager){
    KickoutSessionControlFilter kickoutSessionControlFilter = new KickoutSessionControlFilter();
    kickoutSessionControlFilter.setSessionManager(sessionManager);
    kickoutSessionControlFilter.setCacheManager(cacheManager);
    kickoutSessionControlFilter.setMaxSession(maxSession);
    return kickoutSessionControlFilter;
}

@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
    return new LifecycleBeanPostProcessor();
}

@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
    DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
    proxyCreator.setProxyTargetClass(true);
    return proxyCreator;
}

@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
    AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
    advisor.setSecurityManager(securityManager);
    return advisor;
}

@Bean
public MethodInvokingFactoryBean invoke(SecurityManager securityManager) {
    MethodInvokingFactoryBean invokingFactoryBean = new MethodInvokingFactoryBean();
    invokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
    invokingFactoryBean.setArguments(securityManager);
    return invokingFactoryBean;
}

}

©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

相关阅读更多精彩内容

  • Spring Cloud
    Spring Cloud为开发人员提供了快速构建分布式系统中一些常见模式的工具(例如配置管理,服务发现,断路器,智...
    卡卡罗2017阅读 136,084评论 19 139
  • 2018-08-22总线I2C的驱动FM24CL64,亲测好用
    //#include "../user/main.h" include "stm32f4xx.h" include...
    fee87be72e84阅读 6,266评论 0 0
  • Java初级面试题
    1. Java基础部分 基础部分的顺序:基本语法,类相关的语法,内部类的语法,继承相关的语法,异常的语法,线程的语...
    子非鱼_t_阅读 33,173评论 18 399
  • 颖宝
    小时公子阅读 4,748评论 30 13
  • 感冒
    依旧感冒,没有精神,有了空就是睡还是睡。 不想吃药,什么时候可以熬过去。 喉咙更痛了,小班小朋友实在不听话,忧郁。...
    陈白胖阅读 1,585评论 0 0

友情链接更多精彩内容