Search in sources :

Example 1 with PermissionFilter

use of com.cdeledu.core.shiro.filter.PermissionFilter in project wechat by dllwh.

the class ShiroConfig method shiroFilter.

/**
 * ----------------------------------------------------- Fields end
 */
/**
 * @方法描述 :
 *
 *       <pre>
 *  Shiro主过滤器本身功能十分强大,其强大之处就在于它支持任何基于URL路径表达式的、自定义的过滤器的执行
 *  Web应用中,Shiro可控制的Web请求必须经过Shiro主过滤器的拦截,Shiro对基于Spring的Web应用提供了完美的支持
 *       </pre>
 *
 * @return
 */
// @Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter() {
    ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
    // Shiro的核心安全接口,这个属性是必须的
    shiroFilterFactory.setSecurityManager(securityManager());
    // 要求登录时的链接(可根据项目的URL进行替换),非必须的属性,如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
    shiroFilterFactory.setLoginUrl(FilterHelper.LOGIN_ACTION);
    // 登录成功后要跳转的链接
    shiroFilterFactory.setSuccessUrl(FilterHelper.LOGIN_ACTION);
    // 用户访问未对其授权的资源时,所显示的连接;
    shiroFilterFactory.setUnauthorizedUrl(FilterHelper.UNAUTHORIZED);
    /**
     * 自定义拦截器
     */
    Map<String, Filter> filtersMap = new LinkedHashMap<String, Filter>();
    // 登录校验
    filtersMap.put("loginFilter", new LoginFilter());
    // 角色判断校验
    filtersMap.put("roleFilter", new RoleFilter());
    // 权限校验
    filtersMap.put("permissionFilter", new PermissionFilter());
    filtersMap.put("kickoutFilter", kickoutSessionFilter());
    // 用户session
    filtersMap.put("userSessionFilter", new UserSessionFilter());
    shiroFilterFactory.setFilters(filtersMap);
    /**
     * Shiro连接约束配置,即权限控制map.
     * 第一个'/'代表的路径是相对于HttpServletRequest.getContextPath()的值来的
     */
    Map<String, String> filterMap = new LinkedHashMap<String, String>();
    filterMap.put("/loginController**", "anon");
    filterMap.put("/sysPage/**", "anon,kickoutFilter");
    filterMap.put("/homeController/**", "loginFilter");
    filterMap.put("/dataSourceController**", "authc,roleFilter[administrator]");
    filterMap.put("/**", "authc,loginFilter,permissionFilter,kickoutFilter");
    shiroFilterFactory.setFilterChainDefinitionMap(filterMap);
    return shiroFilterFactory;
}
Also used : ShiroFilterFactoryBean(org.apache.shiro.spring.web.ShiroFilterFactoryBean) RoleFilter(com.cdeledu.core.shiro.filter.RoleFilter) UserSessionFilter(com.cdeledu.core.shiro.filter.UserSessionFilter) LoginFilter(com.cdeledu.core.shiro.filter.LoginFilter) PermissionFilter(com.cdeledu.core.shiro.filter.PermissionFilter) KickoutSessionFilter(com.cdeledu.core.shiro.filter.KickoutSessionFilter) Filter(javax.servlet.Filter) RoleFilter(com.cdeledu.core.shiro.filter.RoleFilter) LoginFilter(com.cdeledu.core.shiro.filter.LoginFilter) PermissionFilter(com.cdeledu.core.shiro.filter.PermissionFilter) LinkedHashMap(java.util.LinkedHashMap) UserSessionFilter(com.cdeledu.core.shiro.filter.UserSessionFilter)

Aggregations

KickoutSessionFilter (com.cdeledu.core.shiro.filter.KickoutSessionFilter)1 LoginFilter (com.cdeledu.core.shiro.filter.LoginFilter)1 PermissionFilter (com.cdeledu.core.shiro.filter.PermissionFilter)1 RoleFilter (com.cdeledu.core.shiro.filter.RoleFilter)1 UserSessionFilter (com.cdeledu.core.shiro.filter.UserSessionFilter)1 LinkedHashMap (java.util.LinkedHashMap)1 Filter (javax.servlet.Filter)1 ShiroFilterFactoryBean (org.apache.shiro.spring.web.ShiroFilterFactoryBean)1