package com.test.yuhua.dashboard.config; import com.test.yuhua.dashboard.shiro.MyShiroRealm; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.cas.CasSubjectFactory; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.EnvironmentAware; import org.springframework.context.annotation.Bean; import org.springframework.core.env.Environment; public class ShiroCasConfiguration implements EnvironmentAware { //casServerUrlPrefix private String casServerUrlPrefix = null; //cas登录页面地址 private String casLoginUrl = null; //cas登出页面地址 private String casLogoutUrl = null; //当前工程对外提供服务地址 private String shiroServerUrlPrefix = null; //casFilter UrlPattern private String casFilterUrlPattern = null; //登录地址 private String loginUrl = null; @Override public void setEnvironment(Environment environment) { this.casServerUrlPrefix = environment.getProperty("cas.server.url.prefix",String.class,"https://sso.pplive.cn/cas"); this.shiroServerUrlPrefix = environment.getProperty("shiro.server.url.prefix",String.class,"http://your.server.host:port"); this.casFilterUrlPattern = environment.getProperty("cas.filter.url.pattern",String.class,"/shiro-cas"); this.casLoginUrl = this.casServerUrlPrefix + "/login"; this.casLoginUrl = casServerUrlPrefix = "/logout?service=" + shiroServerUrlPrefix; this.loginUrl = this.casLoginUrl + "?service=" + this.shiroServerUrlPrefix + this.casFilterUrlPattern; } @Bean(name = "shiroFilter") public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); return shiroFilterFactoryBean; }
}
导致问题:
/** * Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.apache.shiro.web.mgt.DefaultWebSecurityManager' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {} * at org.springframework.beans.factory.support.DefaultListableBeanFactory.raiseNoMatchingBeanFound(DefaultListableBeanFactory.java:1486) * at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1104) * at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066) * at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:835) * at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:741) * ... 65 more */
package com.test.yuhua.dashboard.config; import com.test.yuhua.dashboard.shiro.MyShiroRealm; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.cas.CasSubjectFactory; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.EnvironmentAware; import org.springframework.context.annotation.Bean; import org.springframework.core.env.Environment; public class ShiroCasConfiguration implements EnvironmentAware { //casServerUrlPrefix private String casServerUrlPrefix = null; //cas登录页面地址 private String casLoginUrl = null; //cas登出页面地址 private String casLogoutUrl = null; //当前工程对外提供服务地址 private String shiroServerUrlPrefix = null; //casFilter UrlPattern private String casFilterUrlPattern = null; //登录地址 private String loginUrl = null; @Override public void setEnvironment(Environment environment) { this.casServerUrlPrefix = environment.getProperty("cas.server.url.prefix",String.class,"https://sso.pplive.cn/cas"); this.shiroServerUrlPrefix = environment.getProperty("shiro.server.url.prefix",String.class,"http://your.server.host:port"); this.casFilterUrlPattern = environment.getProperty("cas.filter.url.pattern",String.class,"/shiro-cas"); this.casLoginUrl = this.casServerUrlPrefix + "/login"; this.casLoginUrl = casServerUrlPrefix = "/logout?service=" + shiroServerUrlPrefix; this.loginUrl = this.casLoginUrl + "?service=" + this.shiroServerUrlPrefix + this.casFilterUrlPattern; } @Bean(name = "shiroFilter") public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); return shiroFilterFactoryBean; }
@Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(EhCacheManager cacheManager){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(myShiroRealm()); securityManager.setCacheManager(cacheManager); securityManager.setSubjectFactory(new CasSubjectFactory()); return securityManager; } @Bean(name = "myShiroRealm") public MyShiroRealm myShiroRealm(){ return new MyShiroRealm(shiroServerUrlPrefix,casServerUrlPrefix,casFilterUrlPattern); } }
/** * Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.apache.shiro.cache.ehcache.EhCacheManager' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {} * at org.springframework.beans.factory.support.DefaultListableBeanFactory.raiseNoMatchingBeanFound(DefaultListableBeanFactory.java:1486) * at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1104) * at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066) * at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:835) * at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:741) * ... 79 more */
package com.test.yuhua.dashboard.config; import com.test.yuhua.dashboard.shiro.MyShiroRealm; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.cas.CasSubjectFactory; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.EnvironmentAware; import org.springframework.context.annotation.Bean; import org.springframework.core.env.Environment; public class ShiroCasConfiguration implements EnvironmentAware { //casServerUrlPrefix private String casServerUrlPrefix = null; //cas登录页面地址 private String casLoginUrl = null; //cas登出页面地址 private String casLogoutUrl = null; //当前工程对外提供服务地址 private String shiroServerUrlPrefix = null; //casFilter UrlPattern private String casFilterUrlPattern = null; //登录地址 private String loginUrl = null; @Override public void setEnvironment(Environment environment) { this.casServerUrlPrefix = environment.getProperty("cas.server.url.prefix",String.class,"https://sso.pplive.cn/cas"); this.shiroServerUrlPrefix = environment.getProperty("shiro.server.url.prefix",String.class,"http://your.server.host:port"); this.casFilterUrlPattern = environment.getProperty("cas.filter.url.pattern",String.class,"/shiro-cas"); this.casLoginUrl = this.casServerUrlPrefix + "/login"; this.casLoginUrl = casServerUrlPrefix = "/logout?service=" + shiroServerUrlPrefix; this.loginUrl = this.casLoginUrl + "?service=" + this.shiroServerUrlPrefix + this.casFilterUrlPattern; } @Bean(name = "shiroFilter") public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); return shiroFilterFactoryBean; } @Bean(name = "securityManager") public DefaultWebSecurityManager getDefaultWebSecurityManager(EhCacheManager cacheManager){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(myShiroRealm()); securityManager.setCacheManager(cacheManager); securityManager.setSubjectFactory(new CasSubjectFactory()); return securityManager; } @Bean(name = "myShiroRealm") public MyShiroRealm myShiroRealm(){ return new MyShiroRealm(shiroServerUrlPrefix,casServerUrlPrefix,casFilterUrlPattern); } @Bean public EhCacheManager getEhCacheManager() { EhCacheManager em = new EhCacheManager(); em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml"); return em; } }☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
package com.test.yuhua.service.dao.entity.common;
import lombok.Data;
@Data
public class SysPermissionInit {
private String url;
private String permissionInit;
}
package com.test.yuhua.service.common.dao;
import com.test.yuhua.service.dao.entity.common.SysPermissionInit;
import org.apache.ibatis.annotations.Result;
import org.apache.ibatis.annotations.Results;
import org.apache.ibatis.annotations.Select;
import org.apache.ibatis.type.JdbcType;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface SysPermissionInitDao {
@Select({"select", "*", "from `sys_permission_init` ORDER BY `sort` "})
@Results({@Result(column = "url", property = "url", jdbcType = JdbcType.VARCHAR),
@Result(column = "permission_init", property = "permissionInit", jdbcType = JdbcType.VARCHAR)})
List<SysPermissionInit> getAll();
}
package com.test.yuhua.service.common.service;
import com.test.yuhua.service.dao.entity.common.SysPermissionInit;
import java.util.List;
public interface SysPermissionInitService {
List<SysPermissionInit> selectAll();
}
package com.test.yuhua.service.common.service.impl;
import com.test.yuhua.service.common.dao.SysPermissionInitDao;
import com.test.yuhua.service.common.service.SysPermissionInitService;
import com.test.yuhua.service.dao.entity.common.SysPermissionInit;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
public class SysPermissionInitServiceImpl implements SysPermissionInitService {
@Autowired
private SysPermissionInitDao sysPermissionInitDao;
@Override
public List<SysPermissionInit> selectAll() {
return sysPermissionInitDao.getAll();
}
}
----------------------------------------------------------------------------------------------------------------------------------------
package com.test.yuhua.service.dao.entity.common;
import com.test.yuhua.service.dao.entity.BaseEntity;
import lombok.Data;
import lombok.EqualsAndHashCode;
@Data
@EqualsAndHashCode(callSuper = true)
public class User extends BaseEntity {
private String name;
private Long roleId;
}
package com.test.yuhua.service.common.dao;
import com.test.yuhua.service.dao.entity.common.User;
import org.apache.ibatis.annotations.Result;
import org.apache.ibatis.annotations.ResultMap;
import org.apache.ibatis.annotations.Results;
import org.apache.ibatis.annotations.Select;
import org.apache.ibatis.type.JdbcType;
import org.springframework.stereotype.Repository;
@Repository
public interface UserDao {
@Select({"select", "*", "from `user`", "where `id` = #{id}"})
@Results(id = "fullResultMap", value = {@Result(column = "id", property = "id", jdbcType = JdbcType.BIGINT, id = true),
@Result(column = "name", property = "name", jdbcType = JdbcType.VARCHAR),
@Result(column = "role_id", property = "roleId", jdbcType = JdbcType.VARCHAR),
@Result(column = "created_time", property = "createdTime", jdbcType = JdbcType.TIMESTAMP),
@Result(column = "last_modified_time", property = "lastModifiedTime", jdbcType = JdbcType.TIMESTAMP)})
User getById(long id);
@Select({"select", "*", "from `user`", "where `name` = #{name}"})
@ResultMap(value = "fullResultMap")
User getByName(String name);
}
package com.test.yuhua.service.dao.entity.common;
import com.test.yuhua.service.dao.entity.BaseEntity;
import lombok.Data;
import lombok.EqualsAndHashCode;
@Data
@EqualsAndHashCode(callSuper = true)
public class Role extends BaseEntity {
private String roleName;
private String description;
}
package com.test.yuhua.service.common.dao;
import com.test.yuhua.service.dao.entity.common.Role;
import org.apache.ibatis.annotations.Result;
import org.apache.ibatis.annotations.ResultMap;
import org.apache.ibatis.annotations.Results;
import org.apache.ibatis.annotations.Select;
import org.apache.ibatis.type.JdbcType;
import org.springframework.stereotype.Repository;
@Repository
public interface RoleDao {
@Select({"select", "*", "from `role`", "where `role_name` = #{roleName}"})
@Results(id = "fullResultMap", value = {@Result(column = "id", property = "id", jdbcType = JdbcType.BIGINT, id = true),
@Result(column = "role_name", property = "roleName", jdbcType = JdbcType.VARCHAR),
@Result(column = "description", property = "description", jdbcType = JdbcType.VARCHAR),
@Result(column = "created_time", property = "createdTime", jdbcType = JdbcType.TIMESTAMP),
@Result(column = "last_modified_time", property = "lastModifiedTime", jdbcType = JdbcType.TIMESTAMP)})
Role getByName(String roleName);
@Select({"select", "*", "from `role`", "where `id` = #{id}"})
@ResultMap(value = "fullResultMap")
Role getById(long id);
}
package com.test.yuhua.common.constant;
public class Constant {
public static final String USER_SESSIONID_FULL = "user_session_full";
}
package com.test.yuhua.dashboard.api.dto;
import com.test.yuhua.service.dao.entity.common.Role;
import com.test.yuhua.service.dao.entity.common.User;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@NoArgsConstructor
public class UserSecurityDto {
private String name;
private long roleId;
private String roleName;
private String roleDesc;
public UserSecurityDto(User user, Role role) {
this.name = user.getName();
this.roleId = user.getRoleId();
this.roleName = role.getRoleName();
this.roleDesc = role.getDescription();
}
}
package com.test.yuhua.dashboard.shiro;
import com.test.yuhua.common.constant.Constant;
import com.test.yuhua.dashboard.api.dto.UserSecurityDto;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
@NoArgsConstructor(access = AccessLevel.PRIVATE)
public class CurrentUserContext {
public static void setCurrentUser(UserSecurityDto user, Subject currentUser){
if (null != currentUser){
Session session = currentUser.getSession();
if (null != session){
session.setAttribute(Constant.USER_SESSIONID_FULL,user);
}
}
}
}
package com.test.yuhua.dashboard.init.filter;
import com.test.yuhua.dashboard.api.dto.UserSecurityDto;
import com.test.yuhua.dashboard.shiro.CurrentUserContext;
import com.test.yuhua.service.common.dao.RoleDao;
import com.test.yuhua.service.common.dao.UserDao;
import com.test.yuhua.service.dao.entity.common.Role;
import com.test.yuhua.service.dao.entity.common.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class CasFilter extends org.apache.shiro.cas.CasFilter {
@Autowired
private UserDao userDao = null;
@Autowired
private RoleDao roleDao = null;
@Override
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
super.onLoginSuccess(token, subject, request, response);
Subject currentUser = SecurityUtils.getSubject();// 认证完成后将完整用户信息放到session
String userName = currentUser.getPrincipal().toString();
User user = userDao.getByName(userName);
Role role = null;
if (null != user){
role = roleDao.getById(user.getRoleId());
}
if (null != user && null != role){
CurrentUserContext.setCurrentUser(new UserSecurityDto(user,role),currentUser);
}
return false;
}
}
package com.test.yuhua.dashboard.init.filter;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.io.IOException;
public class MyRolesAuthorizationFilter extends RolesAuthorizationFilter {
@Override
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {
Subject subject = getSubject(request,response);
String[] rolesArray = (String[]) mappedValue;
if (rolesArray == null || rolesArray.length == 0) {// no roles specified, so nothing to check - allow access.
return true;
}
for (String role : rolesArray) {
if (subject.hasRole(role)) {
return true;
}
}
return false;
}
}
package com.test.yuhua.dashboard.config;
import javax.servlet.Filter;
import com.test.yuhua.dashboard.init.filter.CasFilter;
import com.test.yuhua.dashboard.init.filter.MyRolesAuthorizationFilter;
import com.test.yuhua.dashboard.shiro.MyShiroRealm;
import com.test.yuhua.service.common.service.SysPermissionInitService;
import com.test.yuhua.service.common.service.impl.SysPermissionInitServiceImpl;
import com.test.yuhua.service.dao.entity.common.SysPermissionInit;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.cas.CasSubjectFactory;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@Configuration
public class ShiroCasConfiguration implements EnvironmentAware {
//casServerUrlPrefix
private String casServerUrlPrefix = null;
//cas登录页面地址
private String casLoginUrl = null;
//cas登出页面地址
private String casLogoutUrl = null;
//当前工程对外提供服务地址
private String shiroServerUrlPrefix = null;
//casFilter UrlPattern
private String casFilterUrlPattern = null;
//登录地址
private String loginUrl = null;
@Override
public void setEnvironment(Environment environment) {
this.casServerUrlPrefix = environment.getProperty("cas.server.url.prefix",String.class,"https://sso.pplive.cn/cas");
this.shiroServerUrlPrefix = environment.getProperty("shiro.server.url.prefix",String.class,"http://your.server.host:port");
this.casFilterUrlPattern = environment.getProperty("cas.filter.url.pattern",String.class,"/shiro-cas");
this.casLoginUrl = this.casServerUrlPrefix + "/login";
this.casLoginUrl = casServerUrlPrefix = "/logout?service=" + shiroServerUrlPrefix;
this.loginUrl = this.casLoginUrl + "?service=" + this.shiroServerUrlPrefix + this.casFilterUrlPattern;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,CasFilter casFilter,MyRolesAuthorizationFilter myRolesAuthorizationFilter){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl(loginUrl);
shiroFilterFactoryBean.setSuccessUrl("/redirect.html");
shiroFilterFactoryBean.setUnauthorizedUrl("/403.html");
Map<String,Filter> filters = new HashMap<>();
filters.put("roles", myRolesAuthorizationFilter);
filters.put("casFilter", casFilter);
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setRedirectUrl(this.casLogoutUrl);
filters.put("logout", logoutFilter);
shiroFilterFactoryBean.setFilters(filters);
loadShiroFilterChain(shiroFilterFactoryBean);
return shiroFilterFactoryBean;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(EhCacheManager cacheManager){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
securityManager.setCacheManager(cacheManager);
securityManager.setSubjectFactory(new CasSubjectFactory());
return securityManager;
}
@Bean(name = "myShiroRealm")
public MyShiroRealm myShiroRealm(){
return new MyShiroRealm(shiroServerUrlPrefix,casServerUrlPrefix,casFilterUrlPattern);
}
@Bean
public EhCacheManager getEhCacheManager() {
EhCacheManager em = new EhCacheManager();
em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
return em;
}
@Bean(name = "casFilter")
public CasFilter getCasFilter(){
CasFilter casFilter = new CasFilter();
casFilter.setName("casFilter");;
casFilter.setEnabled(true);
casFilter.setFailureUrl(loginUrl);
return casFilter;
}
@Bean(name = "rolesAuthorizationFilter")
public MyRolesAuthorizationFilter myRolesAuthorizationFilter() {
return new MyRolesAuthorizationFilter();
}
private void loadShiroFilterChain(ShiroFilterFactoryBean shiroFilterFactoryBean){
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put(casFilterUrlPattern,"casFilter");//shiro集成cas后,首先添加该规则
filterChainDefinitionMap.put("/logout","logout");
List<SysPermissionInit> list = sysPermissionInitService().selectAll();
for (SysPermissionInit sysPermissionInit : list){
filterChainDefinitionMap.put(sysPermissionInit.getUrl(), sysPermissionInit.getPermissionInit());
}
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
}
@Bean(name = "sysPermissionInitService")
public SysPermissionInitService sysPermissionInitService(){
//这边一定要加@Configuration注解 不然无效
return new SysPermissionInitServiceImpl();
}
}
package com.test.yuhua.dashboard.shiro;
import com.test.yuhua.service.common.dao.UserDao;
import com.test.yuhua.service.dao.entity.common.User;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
public class MyShiroRealm extends CasRealm {
@Autowired
private UserDao userDao = null;
public MyShiroRealm(String shiroServerUrlPrefix,String casServerUrlPrefix,String casFilterUrlPattern){
setCasServerUrlPrefix(casServerUrlPrefix);
//客户端回调地址
setCasService(shiroServerUrlPrefix + casFilterUrlPattern);
}
/**
* 权限认证,为当前登录的Subject授予角色和权限
* @see :该方法的调用时机为需授权资源被访问时并且每次访问需授权资源时都会执行该方法中的逻辑,表明默认并未启用AuthorizationCache,如果连续访问同一个URL(比如刷新),
* 该方法不会被重复调用,Shiro有一个时间间隔(也就是cache时间,在ehcache-shiro.xml中配置),超过这个时间间隔再刷新页面,该方法会被执行
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// 获取当前登录输入的用户名,等价于(String)
String loginName = (String) super.getAvailablePrincipal(principals);
// 到数据库查是否有此对象
User user = userDao.getByName(loginName);// 可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法
if (null != user){
// 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
// 用户的角色集合
simpleAuthorizationInfo.addRole(userDao.getRoleByUserName(loginName).getRoleName());
return simpleAuthorizationInfo;
}
// 返回null的话,就会导致任何用户访问被拦截的请求时,都会自动跳转到unauthorizedUrl指定的地址
return null;
}
}
最终:
package com.test.yuhua.dashboard.config;
import javax.servlet.Filter;
import com.test.yuhua.dashboard.init.filter.CasFilter;
import com.test.yuhua.dashboard.init.filter.MyRolesAuthorizationFilter;
import com.test.yuhua.dashboard.shiro.MyShiroRealm;
import com.test.yuhua.service.common.service.SysPermissionInitService;
import com.test.yuhua.service.common.service.impl.SysPermissionInitServiceImpl;
import com.test.yuhua.service.dao.entity.common.SysPermissionInit;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.cas.CasSubjectFactory;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.web.filter.DelegatingFilterProxy;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@Configuration
public class ShiroCasConfiguration implements EnvironmentAware {
//casServerUrlPrefix
private String casServerUrlPrefix = null;
//cas登录页面地址
private String casLoginUrl = null;
//cas登出页面地址
private String casLogoutUrl = null;
//当前工程对外提供服务地址
private String shiroServerUrlPrefix = null;
//casFilter UrlPattern
private String casFilterUrlPattern = null;
//登录地址
private String loginUrl = null;
@Override
public void setEnvironment(Environment environment) {
this.casServerUrlPrefix = environment.getProperty("cas.server.url.prefix",String.class,"https://sso.pplive.cn/cas");
this.shiroServerUrlPrefix = environment.getProperty("shiro.server.url.prefix",String.class,"http://your.server.host:port");
this.casFilterUrlPattern = environment.getProperty("cas.filter.url.pattern",String.class,"/shiro-cas");
this.casLoginUrl = this.casServerUrlPrefix + "/login";
this.casLoginUrl = casServerUrlPrefix = "/logout?service=" + shiroServerUrlPrefix;
this.loginUrl = this.casLoginUrl + "?service=" + this.shiroServerUrlPrefix + this.casFilterUrlPattern;
}
/**
* 参考: https://www.cnblogs.com/ginponson/p/6217057.html
*/
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
filterRegistration.addInitParameter("targetFilterLifecycle", "true");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
return filterRegistration;
}
/**
* 保证实现了Shiro内部lifecycle函数的bean执行
*/
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,CasFilter casFilter,MyRolesAuthorizationFilter myRolesAuthorizationFilter){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl(loginUrl);
shiroFilterFactoryBean.setSuccessUrl("/redirect.html");
shiroFilterFactoryBean.setUnauthorizedUrl("/403.html");
Map<String,Filter> filters = new HashMap<>();
filters.put("roles", myRolesAuthorizationFilter);
filters.put("casFilter", casFilter);
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setRedirectUrl(this.casLogoutUrl);
filters.put("logout", logoutFilter);
shiroFilterFactoryBean.setFilters(filters);
loadShiroFilterChain(shiroFilterFactoryBean);
return shiroFilterFactoryBean;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(EhCacheManager cacheManager){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
securityManager.setCacheManager(cacheManager);
securityManager.setSubjectFactory(new CasSubjectFactory());
return securityManager;
}
@Bean(name = "myShiroRealm")
public MyShiroRealm myShiroRealm(){
return new MyShiroRealm(shiroServerUrlPrefix,casServerUrlPrefix,casFilterUrlPattern);
}
@Bean
public EhCacheManager getEhCacheManager() {
EhCacheManager em = new EhCacheManager();
em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
return em;
}
@Bean(name = "casFilter")
public CasFilter getCasFilter(){
CasFilter casFilter = new CasFilter();
casFilter.setName("casFilter");;
casFilter.setEnabled(true);
casFilter.setFailureUrl(loginUrl);
return casFilter;
}
@Bean(name = "rolesAuthorizationFilter")
public MyRolesAuthorizationFilter myRolesAuthorizationFilter() {
return new MyRolesAuthorizationFilter();
}
private void loadShiroFilterChain(ShiroFilterFactoryBean shiroFilterFactoryBean){
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put(casFilterUrlPattern,"casFilter");//shiro集成cas后,首先添加该规则
filterChainDefinitionMap.put("/logout","logout");
List<SysPermissionInit> list = sysPermissionInitService().selectAll();
for (SysPermissionInit sysPermissionInit : list){
filterChainDefinitionMap.put(sysPermissionInit.getUrl(), sysPermissionInit.getPermissionInit());
}
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
}
@Bean(name = "sysPermissionInitService")
public SysPermissionInitService sysPermissionInitService(){
//这边一定要加@Configuration注解 不然无效
return new SysPermissionInitServiceImpl();
}
}