配置内容包含以下:
有问题欢迎指正交流噢
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.session.mgt.eis.SessionIdGenerator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import com.yizhi.tqmis.framework.filter.KickoutSessionControlFilter;
import com.yizhi.tqmis.framework.login.ShiroRealm;
/**
* shiro-springboot 配置
* @author around
* @date 2018-4-12
*/
@Configuration
public class ShiroConfiguration {
private static final Logger log = LoggerFactory.getLogger(ShiroFilterFactoryBean.class);
/**
* 自定义shiro认证容器
* @return ShiroRealm
*/
@Bean(name="shiroRealm")
public ShiroRealm getShiroRealm(@Qualifier("sessionManager")SessionManager sessionManager) {
ShiroRealm realm = new ShiroRealm();
realm.setSessionManager(sessionManager);
return realm;
}
@Bean(name="ehCacheManager")
public EhCacheManager getEhCacheManager() {
EhCacheManager cacheManager = new EhCacheManager();
cacheManager.setCacheManagerConfigFile("classpath:config/ehcache-shiro.xml");
return cacheManager;
}
/**
* 配置自定义sessionID
* @return
*/
//@Bean(name="sessionIdcookies")
public SimpleCookie getSessionIdCookie() {
SimpleCookie sessionIdCookie = new SimpleCookie("com.yizhi.tqmis.session.id");
sessionIdCookie.setHttpOnly(true);
sessionIdCookie.setMaxAge(9000);
return sessionIdCookie;
}
/**
* 自定义RememberMe
* @return
*/
public SimpleCookie getRememberMeCookie() {
log.info("rememberMeCookie init...");
// 这个参数是cookie的名称,对应前端的checkbox 的name = rememberMe
SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
//
simpleCookie.setMaxAge(9000);
return simpleCookie;
}
/**
* 保持会话记录管理器
* @return
*/
@Bean(name="rememberMeManager")
public CookieRememberMeManager rememberMeManager() {
log.info("rememberMeManager init...");
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(getRememberMeCookie());
cookieRememberMeManager.setCipherKey(Base64.decode("9FvVhtFLUs0KnA3Kprsdyg=="));
return cookieRememberMeManager;
}
/**
* shiro-session仓库
* @return
*/
@Bean(name="sessionDao")
public SessionDAO getSessionDAO() {
EnterpriseCacheSessionDAO sessionDao = new EnterpriseCacheSessionDAO();
sessionDao.setActiveSessionsCacheName("shiro-activeSessionCache");
return sessionDao;
}
/**
* 会话session管理
* @return
*/
@Bean(name="sessionManager") //@Qualifier("sessionIdcookies")SimpleCookie cookie
public SessionManager getSessionManager(
@Qualifier("ehCacheManager")EhCacheManager ehCacheManager,
@Qualifier("sessionDao")SessionDAO sessionDao) {
log.info("SessionManager init...");
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
//session失效时间
sessionManager.setGlobalSessionTimeout(900000);
//清理失效会话
sessionManager.setSessionValidationInterval(600000);
sessionManager.setSessionValidationSchedulerEnabled(true);
//自定义cookies 启用
sessionManager.setSessionIdCookie(getSessionIdCookie());
sessionManager.setSessionIdCookieEnabled(true);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationInterval(900000);
sessionManager.setSessionIdUrlRewritingEnabled(false);
sessionManager.setCacheManager(ehCacheManager);
sessionManager.setSessionDAO(sessionDao);
return sessionManager;
}
/**
* 安全管理器,权限管理,配置主要是Realm的管理认证
* @param realm
* @param sessionManager
* @param rememberMeManager
* @return
*/
@Bean(name="securityManager")
public SecurityManager securityManager(@Qualifier("shiroRealm")ShiroRealm realm,
@Qualifier("ehCacheManager")EhCacheManager ehCacheManager,
@Qualifier("sessionManager")SessionManager sessionManager,
@Qualifier("rememberMeManager")CookieRememberMeManager rememberMeManager) {
log.info("securityManager init...");
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(realm);
securityManager.setRememberMeManager(rememberMeManager);
securityManager.setSessionManager(sessionManager);
securityManager.setCacheManager(ehCacheManager);
return securityManager;
}
/**
* 过滤器,Filter工厂,设置对应的过滤条件和跳转条件
* @param securityManager
* @return
*/
@Bean(name="shiroFilterFactoryBean")
public ShiroFilterFactoryBean shiroFilterFactoryBean(
@Qualifier("securityManager")SecurityManager securityManager,
@Qualifier("kickoutSessionControlFilter")KickoutSessionControlFilter kickoutFilter) {
log.info("shiroFilterFactoryBean init...");
ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean();
filter.setSecurityManager(securityManager);
//插入自定义过滤器
Map filterMap = new HashMap();
filterMap.put("kickout", kickoutFilter);
filter.setFilters(filterMap);
//登录
filter.setLoginUrl("/sessionFailure");
//首页
//filter.setSuccessUrl("/index");
//错误页面,认证不通过跳转
//filter.setUnauthorizedUrl("/error");
//设置过滤器
Map map = new HashMap();
//过滤器资源放行内容
map.put("/common/**","anon");
map.put("/user/**","anon");
//过滤器放行策略
map.put("/test/**","anon");
map.put("/getBCryptpass","anon");//权限放行
map.put("/login","anon");
map.put("/tologin","anon");
map.put("/loginout","anon");
map.put("/kickout","anon");
map.put("/checkLogin","anon");
map.put("/sessionFailure","anon");
map.put("/error/**","anon");
map.put("/**","authc");
filter.setFilterChainDefinitionMap(map);
return filter;
}
/**
* 构造踢出用户过滤器
* @return
*/
@Bean(name="kickoutSessionControlFilter")
public KickoutSessionControlFilter getKickoutSessionControlFilter(
@Qualifier("ehCacheManager")EhCacheManager ehCacheManager,
@Qualifier("sessionManager")SessionManager sessionManager) {
KickoutSessionControlFilter filter = new KickoutSessionControlFilter();
filter.setKickoutAfter(false);
filter.setMaxSession(1);
filter.setKickoutUrl("/kickout");
//filter.setKickoutUrl("/tqm/user/login.html?kickout=1");
filter.setCacheManager(ehCacheManager);
filter.setSessionManager(sessionManager);
return filter;
}
@Bean(name="AuthorizationAttributeSourceAdvisor")
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
@Qualifier("securityManager")SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
}