<!-- Shiro的Web过滤器 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <!-- <property name="loginUrl" value="${client.remote.loginUrl}client_id=${client.clientId}&response_type=code&redirect_uri=${client.redirectUrl}"/> --> <property name="loginUrl" value=""/> <property name="successUrl" value="${client.successUrl}"/> <property name="filters"> <util:map> <entry key="oauth2Authc" value-ref="oAuth2AuthenticationFilter"/> <entry key="sysUser" value-ref="sysUserFilter"/> </util:map> </property> <!-- 请求项目时会直接跳到权限系统,但部分需求不需要跳转直接请求的配置在下面,如check.do服务200的正常检查接品 --> <property name="filterChainDefinitions"> <value> /check.do = anon /charisma/** = anon /resources/** = anon /oauth2-login = oauth2Authc /logout = logout /** = sysUser </value> </property> </bean>
<!-- Shiro生命周期处理器--> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>