Shiro过滤拦截
大致流程
创建realm
`securityManager.setRealm(Realm);`
创建securityManager `shiroFilter.setSecurityManager(securityManager);`
当请求符合shiroFilter的过滤条件时,会找到securityManager,然后找到Realm,最后调用realm中的验证方法。
创建shiroConfig配置类
@Configuration
public class ShiroConfig {
@Bean("securityManager") //需要一个realm
public SecurityManager securityManager(Oauth2Realm oAuth2Realm, SessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(oAuth2Realm);
return securityManager;
}
@Bean("shiroFilter") //一个拦截过滤器
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setSecurityManager(securityManager);
//oauth过滤
Map<String, Filter> filters = new HashMap<>();
filters.put("oauth2", new Oauth2Filter());//自定义的过滤
shiroFilter.setFilters(filters);
Map<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/websocket/**","anon");
filterMap.put("/**", "oauth2"); //任何请求都会到自定义的过滤器
shiroFilter.setFilterChainDefinitionMap(filterMap);
return shiroFilter;
}
}
创建Realm
@Component
public class Oauth2Realm extends AuthorizingRealm {
/**
* 授权(验证权限时调用)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
return null;
}
/**
* 认证(登录时调用)
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
return null;
}
}
创建过滤器
public class Oauth2Filter extends AuthenticatingFilter {
@Override //
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){
return true;
}
return false;
}
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
return null;
}
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
return null;
}
}