2018-08-22

/**

  • Shiro的配置文件
    */
    @Configuration
    public class ShiroConfig {

    /**

    • 開啟cookie
    • @param cookieTimeout
    • @return
      */
      @Bean("simpleCookie")
      public SimpleCookie simpleCookie(@Value("${shiro.cookie.timeout:-1}") Integer cookieTimeout) {
      SimpleCookie simpleCookie = new SimpleCookie("sid");
      simpleCookie.setHttpOnly(true);
      simpleCookie.setPath("/");
      simpleCookie.setMaxAge(cookieTimeout);
      return simpleCookie;
      }

    /**

    • session管理器

    • @param globalSessionTimeout

    • @param redisShiroSessionDAO // * @param validationScheduler

    • @param simpleCookie

    • @return
      */
      @Bean("sessionManager")
      public SessionManager sessionManager(@Value("${shiro.login.session.timeout}") Long globalSessionTimeout,
      RedisShiroSessionDAO redisShiroSessionDAO,
      // ExecutorServiceSessionValidationScheduler validationScheduler,
      SimpleCookie simpleCookie) {
      DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
      //設置session過期時間為1小時(單位:毫秒),默認為30分鐘
      sessionManager.setGlobalSessionTimeout(globalSessionTimeout);
      sessionManager.setSessionValidationSchedulerEnabled(true);
      sessionManager.setSessionIdUrlRewritingEnabled(false);
      sessionManager.setSessionDAO(redisShiroSessionDAO);

      //開啟cookie 不然一直登錄不上,remember不起作用
      sessionManager.setSessionIdCookieEnabled(true);
      sessionManager.setSessionIdCookie(simpleCookie);
      return sessionManager;
      }

    //配置自定義的密碼比較器
    @Bean(name="credentialsMatcher")
    public CredentialsMatcher credentialsMatcher() {
    return new CredentialsMatcher();
    }

@Bean("userRealm")
public UserRealm setUserRealm(@Value("${user.login.cacheName:webLoginCache}") String authenticationCacheName,@Qualifier("credentialsMatcher") CredentialsMatcher matcher) {
    UserRealm userRealm = new UserRealm();
    userRealm.setCredentialsMatcher(matcher);
    userRealm.setAuthenticationCacheName(authenticationCacheName);
    return userRealm;
}


/**
 * 認證管理
 *
 * @param userRealm
 * @param sessionManager
 * @return
 */
@Bean("securityManager")
public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(userRealm);
    securityManager.setSessionManager(sessionManager);

    return securityManager;
}


/**
 * 過濾
 *
 * @param securityManager
 * @param userFilter
 * @param kickoutFilter
 * @return
 */
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager,
                                          UserSessionFilter userFilter,
                                          KickoutSessionControlFilter kickoutFilter) {
    ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
    shiroFilter.setSecurityManager(securityManager);
    shiroFilter.setLoginUrl("/login");
    shiroFilter.setUnauthorizedUrl("/");
    Map<String, Filter> filters = Maps.newHashMap();
    filters.put("userFilter", userFilter);
    filters.put("kickoutFilter", kickoutFilter);
    shiroFilter.setFilters(filters);
    shiroFilter.setFilterChainDefinitions("/** = kickoutFilter,userFilter");
    return shiroFilter;
}

@Bean("userFilter")
public UserSessionFilter userSessionFilter(@Value("${shiro.login.ignoreUrls}") String ignoreUrls){
    UserSessionFilter userSessionFilter = new UserSessionFilter();
    userSessionFilter.setIgnoreUrls(ignoreUrls);
    return userSessionFilter;
}

@Bean("kickoutFilter")
public KickoutSessionControlFilter kickoutSessionControlFilter(@Value("${shiro.login.maxSession:1}") Integer maxSession, SessionManager sessionManager, CacheManager cacheManager){
    KickoutSessionControlFilter kickoutSessionControlFilter = new KickoutSessionControlFilter();
    kickoutSessionControlFilter.setSessionManager(sessionManager);
    kickoutSessionControlFilter.setCacheManager(cacheManager);
    kickoutSessionControlFilter.setMaxSession(maxSession);
    return kickoutSessionControlFilter;
}

@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
    return new LifecycleBeanPostProcessor();
}

@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
    DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
    proxyCreator.setProxyTargetClass(true);
    return proxyCreator;
}

@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
    AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
    advisor.setSecurityManager(securityManager);
    return advisor;
}

@Bean
public MethodInvokingFactoryBean invoke(SecurityManager securityManager) {
    MethodInvokingFactoryBean invokingFactoryBean = new MethodInvokingFactoryBean();
    invokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
    invokingFactoryBean.setArguments(securityManager);
    return invokingFactoryBean;
}

}

?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布,文章內容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內容

  • Spring Cloud為開發(fā)人員提供了快速構建分布式系統(tǒng)中一些常見模式的工具(例如配置管理,服務發(fā)現(xiàn),斷路器,智...
    卡卡羅2017閱讀 136,554評論 19 139
  • //#include "../user/main.h" include "stm32f4xx.h" include...
    fee87be72e84閱讀 2,144評論 0 0
  • 1. Java基礎部分 基礎部分的順序:基本語法,類相關的語法,內部類的語法,繼承相關的語法,異常的語法,線程的語...
    子非魚_t_閱讀 34,692評論 18 399
  • 小時公子閱讀 1,140評論 30 13
  • 依舊感冒,沒有精神,有了空就是睡還是睡。 不想吃藥,什么時候可以熬過去。 喉嚨更痛了,小班小朋友實在不聽話,憂郁。...
    陳白胖閱讀 235評論 0 0

友情鏈接更多精彩內容