防止 shiro 认证失败后跳转页面,自定义shiro授权过滤器
一、注册自定义授权过滤器
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import quantity.knowledgebase.realm.CustomSessionManager;
import quantity.knowledgebase.realm.MyFormAuthenticationFilter;
import quantity.knowledgebase.realm.MyRealm;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.concurrent.ConcurrentHashMap;
@Configuration
public class ShiroFilterConf {
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager) {
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
LinkedHashMap<String, Filter> linkedHashMap = new LinkedHashMap<>();
linkedHashMap.put("authc", new MyFormAuthenticationFilter());
bean.setFilters(linkedHashMap);
bean.setSecurityManager(defaultWebSecurityManager);
ConcurrentHashMap<String, String> map = new ConcurrentHashMap<>();
map.put("/personnel_gm/**", "authc");
map.put("/product/**", "authc");
map.put("/statistics_offer/**", "authc");
bean.setFilterChainDefinitionMap(map);
//其他资源都需要认证 authc 表示需要认证才能进行访问 user表示配置记住我或认证通过可以访问的地址
return bean;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") MyRealm userRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm);
securityManager.setSessionManager(sessionManager());
securityManager.setCacheManager(cacheManager());
return securityManager;
}
@Bean
public MyRealm userRealm() {
MyRealm userRealm = new MyRealm();
return userRealm;
}
@Bean
public DefaultWebSessionManager sessionManager() {
CustomSessionManager sessionManager = new CustomSessionManager();
sessionManager.setSessionDAO(redisSessionDAO());
Cookie sessionIdCookie = sessionManager.getSessionIdCookie();
sessionIdCookie.setPath("/");
sessionManager.setSessionIdCookie(sessionIdCookie);
return sessionManager;
}
public RedisManager getRedisManager() {
RedisManager redisManager = new RedisManager();
redisManager.setHost("192.168.0.1:6379");
redisManager.setPassword("123456");
return redisManager;
}
public RedisCacheManager cacheManager() {
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(getRedisManager());
redisCacheManager.setExpire(60*60*24*360*5);
redisCacheManager.setKeyPrefix("ihrm:shiro:cache:");
return redisCacheManager;
}
public RedisSessionDAO redisSessionDAO() {
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(getRedisManager());
redisSessionDAO.setExpire(60*60*24*360*5);
redisSessionDAO.setKeyPrefix("ihrm:shiro:session:");
return redisSessionDAO;
}
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new
AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new
DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setUsePrefix(true);
return defaultAdvisorAutoProxyCreator;
}
}
一、创建自定义授权过滤器
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.json.JSONObject;
import quantity.knowledgebase.util.HttpGetIpUtil;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
public class MyFormAuthenticationFilter extends FormAuthenticationFilter {
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
System.out.println("验证失败");
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setStatus(200);
httpServletResponse.setContentType("application/json;charset=utf-8");
PrintWriter out = httpServletResponse.getWriter();
JSONObject json = new JSONObject();
json.put("code", -1);
json.put("msg", "登录已失效,请重新登录!");
out.println(json);
out.flush();
out.close();
return false;
}
}