Example 1 with RoleFilter
use of com.cdeledu.core.shiro.filter.RoleFilter in project wechat by dllwh.
the class ShiroConfig method shiroFilter.
/**
* ----------------------------------------------------- Fields end
*/
/**
* @方法描述 :
*
* <pre>
* Shiro主过滤器本身功能十分强大,其强大之处就在于它支持任何基于URL路径表达式的、自定义的过滤器的执行
* Web应用中,Shiro可控制的Web请求必须经过Shiro主过滤器的拦截,Shiro对基于Spring的Web应用提供了完美的支持
* </pre>
*
* @return
*/
// @Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter() {
ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
// Shiro的核心安全接口,这个属性是必须的
shiroFilterFactory.setSecurityManager(securityManager());
// 要求登录时的链接(可根据项目的URL进行替换),非必须的属性,如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
shiroFilterFactory.setLoginUrl(FilterHelper.LOGIN_ACTION);
// 登录成功后要跳转的链接
shiroFilterFactory.setSuccessUrl(FilterHelper.LOGIN_ACTION);
// 用户访问未对其授权的资源时,所显示的连接;
shiroFilterFactory.setUnauthorizedUrl(FilterHelper.UNAUTHORIZED);
/**
* 自定义拦截器
*/
Map<String, Filter> filtersMap = new LinkedHashMap<String, Filter>();
// 登录校验
filtersMap.put("loginFilter", new LoginFilter());
// 角色判断校验
filtersMap.put("roleFilter", new RoleFilter());
// 权限校验
filtersMap.put("permissionFilter", new PermissionFilter());
filtersMap.put("kickoutFilter", kickoutSessionFilter());
// 用户session
filtersMap.put("userSessionFilter", new UserSessionFilter());
shiroFilterFactory.setFilters(filtersMap);
/**
* Shiro连接约束配置,即权限控制map.
* 第一个'/'代表的路径是相对于HttpServletRequest.getContextPath()的值来的
*/
Map<String, String> filterMap = new LinkedHashMap<String, String>();
filterMap.put("/loginController**", "anon");
filterMap.put("/sysPage/**", "anon,kickoutFilter");
filterMap.put("/homeController/**", "loginFilter");
filterMap.put("/dataSourceController**", "authc,roleFilter[administrator]");
filterMap.put("/**", "authc,loginFilter,permissionFilter,kickoutFilter");
shiroFilterFactory.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactory;
}
Also used :
ShiroFilterFactoryBean(org.apache.shiro.spring.web.ShiroFilterFactoryBean)
RoleFilter(com.cdeledu.core.shiro.filter.RoleFilter)
UserSessionFilter(com.cdeledu.core.shiro.filter.UserSessionFilter)
LoginFilter(com.cdeledu.core.shiro.filter.LoginFilter)
PermissionFilter(com.cdeledu.core.shiro.filter.PermissionFilter)
KickoutSessionFilter(com.cdeledu.core.shiro.filter.KickoutSessionFilter)
Filter(javax.servlet.Filter)
RoleFilter(com.cdeledu.core.shiro.filter.RoleFilter)
LoginFilter(com.cdeledu.core.shiro.filter.LoginFilter)
PermissionFilter(com.cdeledu.core.shiro.filter.PermissionFilter)
LinkedHashMap(java.util.LinkedHashMap)
UserSessionFilter(com.cdeledu.core.shiro.filter.UserSessionFilter)
Aggregations
KickoutSessionFilter (com.cdeledu.core.shiro.filter.KickoutSessionFilter)1
LoginFilter (com.cdeledu.core.shiro.filter.LoginFilter)1
PermissionFilter (com.cdeledu.core.shiro.filter.PermissionFilter)1
RoleFilter (com.cdeledu.core.shiro.filter.RoleFilter)1
UserSessionFilter (com.cdeledu.core.shiro.filter.UserSessionFilter)1
LinkedHashMap (java.util.LinkedHashMap)1
Filter (javax.servlet.Filter)1
ShiroFilterFactoryBean (org.apache.shiro.spring.web.ShiroFilterFactoryBean)1
