shiro 过滤器 对应的key
Filter Name | Class |
---|---|
anon | org.apache.shiro.web.filter.authc.AnonymousFilter |
authc | org.apache.shiro.web.filter.authc.FormAuthenticationFilter |
authcBasic | org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter |
logout | org.apache.shiro.web.filter.authc.LogoutFilter |
noSessionCreation | org.apache.shiro.web.filter.session.NoSessionCreationFilter |
perms | org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter |
port | org.apache.shiro.web.filter.authz.PortFilter |
rest | org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter |
roles | org.apache.shiro.web.filter.authz.RolesAuthorizationFilter |
ssl | org.apache.shiro.web.filter.authz.SslFilter |
user | org.apache.shiro.web.filter.authc.UserFilter |
在springBoot 中使用
shiroConfig
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
logger.info("shiroFilterFactoryBean");
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map<String, Filter> filterChain = new LinkedHashMap<>();
filterChain.put("perms",shiroPermissionsFilter());
//拦截器
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<>();
//配置不拦截路径
filterChainDefinitionMap.put("/css/","anon");
filterChainDefinitionMap.put("/view/**","anon");
filterChainDefinitionMap.put("/sysUser/**","authc");
//登录成功后的跳转地址
shiroFilterFactoryBean.setSuccessUrl("main.html");
shiroFilterFactoryBean.setLoginUrl("/view/login/login.html");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
shiroFilterFactoryBean.setFilters(filterChain);
return shiroFilterFactoryBean;
}
在spring xml 中使用
<!-- 加载配置属性文件 -->
<!-- 定义扩展的filter实例 -->
<bean id="accessDeniedFilter" class="com.light.shiro.ShiroPermissionsFilter" />
<!-- 启用shiro授权注解拦截方式 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 装配securityManager -->
<property name="securityManager" ref="securityManager" />
<!-- 配置自定义的过滤器 -->
<property name="filters">
<map>
<entry key="perms" value-ref="accessDeniedFilter"></entry>
</map>
</property>
<!-- 配置登录页 -->
<property name="loginUrl" value="/login" />
<!-- 配置登录成功的页面 -->
<property name="successUrl" value="/main.html" />
<property name="unauthorizedUrl" value="/pages/error/401.html"></property>
<property name="filterChainDefinitions">
<ref bean="shiroFilterChainDefinitions"/>
</property>
</bean>
这样加上以后,在执行时,会在过滤器链中加入自定义的过滤器
仅供参考,欢迎指正。