你可能必须建立Shrio的
org.apache.shiro.web.filter.authc.AuthenticatingFilter
微创的自定义实现,你将不得不通过扩展,并添加逻辑跳过BasicHttpAuthenticationFilter如果请求是从白名单中的IP地址来定制BasicHttpAuthenticationFilter 。
package com.acme.web.filter.authc;
import java.io.IOException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class WhitelistedBasicHttpAuthenticationFilter extends BasicHttpAuthenticationFilter {
private Set whitelist = Collections.emptySet();
public void setWhitelist(String list) {
whitelist = new HashSet();
Collections.addAll(whitelist, list.split(",")); //make sure there are no spaces in the string!!!!
}
@Override
protected boolean isEnabled (ServletRequest request, ServletResponse response) throws ServletException, IOException
{
if (whitelist.contains(request.getRemoteAddr())) {
return false;
}
return super.isEnabled(request, response);
}
}
你在 'shiro.ini'
authc=com.acme.web.filter.authc.WhitelistedBasicHttpAuthenticationFilter
authc.whitelist=192.168.1.1,192.168.1.2,192.168.2.3