设置接口拦截
package com.example.demo.shiro;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
// shiroFilterFactoryBean
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
// Shiro内置过滤器
Map<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/api/getsth", "anon");
filterMap.put("/api/*", "authc");
// filterMap.put("/api/getsth", "anon");
//修改跳转页面
shiroFilterFactoryBean.setLoginUrl("/api/login");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactoryBean;
}
// DefaultWebSecurityManager
@Bean(name="securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm);
return securityManager;
}
// 创建Reaml
@Bean(name="userRealm")
public UserRealm getRealm() {
return new UserRealm();
}
}
注:
filter顺序相关,anon 放在上面才是有效的,下面那个注释掉的是无效的