init

jinlin

2024-02-26 6f0714843341b168573ad0272069f7af2d3d2b87

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
/**
 * Copyright (c) 2018 人人开源 All rights reserved.
 *
 * https://www.renren.io
 *
 * 版权所有，侵权必究！
 */
 
package com.zt.core.config.shiro;
 
import com.zt.core.shiro.Oauth2Filter;
import com.zt.core.shiro.Oauth2Realm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
 
import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
 
/**
 * Shiro的配置文件
 *
 * @author Mark sunlightcs@gmail.com
 */
@Configuration("shiroConfig")
public class ShiroConfig {
 
    @Value("${data.sessionTimeout}")
    private Long sessionTimeout;
    @Bean
    public DefaultWebSessionManager sessionManager(){
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setSessionValidationSchedulerEnabled(false);
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        sessionManager.setGlobalSessionTimeout(sessionTimeout*60*1000);
        return sessionManager;
 
    }
 
    @Bean("securityManager")
    public SecurityManager securityManager(Oauth2Realm oAuth2Realm, SessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(oAuth2Realm);
        securityManager.setSessionManager(sessionManager);
        securityManager.setRememberMeManager(null);
        return securityManager;
    }
 
    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setLoginUrl("/single");
        shiroFilter.setSecurityManager(securityManager);
 
        //oauth过滤
        Map<String, Filter> filters = new HashMap<>();
        filters.put("oauth2", new Oauth2Filter());
        shiroFilter.setFilters(filters);
 
        Map<String, String> filterMap = new LinkedHashMap<>();
        // 前端页面
        filterMap.put("/index.html", "anon");
        filterMap.put("/dist/**", "anon");
        filterMap.put("/element-theme/**", "anon");
        filterMap.put("/favicon.ico", "anon");
        filterMap.put("/public/**", "anon");
        // 接口文档
        filterMap.put("/swagger/**", "anon");
        filterMap.put("/v2/api-docs", "anon");
        filterMap.put("/doc.html", "anon");
        filterMap.put("/swagger-resources/**", "anon");
        // 工作流、表单
        filterMap.put("/activiti-explorer/**", "anon");
        filterMap.put("/form-generator/**", "anon");
        // websocket
        filterMap.put("/websocket","anon");
        filterMap.put("/websocket/**","anon");
 
        filterMap.put("/webjars/**", "anon");
        filterMap.put("/druid/**", "anon");
 
        filterMap.put("/login", "anon");
        filterMap.put("/singlelogin", "anon");
        filterMap.put("/loginOut", "anon");
        filterMap.put("/logOut", "anon");
        filterMap.put("/system/user/getLoginUserOfToken","anon");
        filterMap.put("/system/user/verifyOFToken","anon");
 
        filterMap.put("/sys/oss/content2","anon");
 
        filterMap.put("/sys/dict/type/all", "anon");
        filterMap.put("/sys/keyword/replacement", "anon");
        filterMap.put("/sys/dict/type/getDictMap", "anon");
 
        filterMap.put("/captcha", "anon");
        filterMap.put("/sys/config","anon");
        filterMap.put("/sys/oss/content","anon");
 
        filterMap.put("/sys/dept/treeRegister","anon");
        filterMap.put("/sys/post/list","anon");
        filterMap.put("/sys/job/tree","anon");
        filterMap.put("/sys/userReg/**","anon");
        filterMap.put("/sys/userChangePassword", "anon");
        filterMap.put("/sys/userRegister", "anon");
        filterMap.put("/ztProduct/getShipList", "anon");
 
        filterMap.put("/product/getShipList","anon");
        filterMap.put("/teamGroup/class/tree","anon");
 
 
 
        filterMap.put("/**", "oauth2");
        shiroFilter.setFilterChainDefinitionMap(filterMap);
 
        return shiroFilter;
    }
 
    @Bean("lifecycleBeanPostProcessor")
    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }
 
    @Bean("authorizationAttributeSourceAdvisor")
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }
}