2020-10-19 17:44:19 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
package net.shapelight.common.config;
|
|
|
|
|
|
|
|
|
|
|
|
import net.shapelight.modules.sys.oauth2.OAuth2Filter;
|
|
|
|
|
|
import net.shapelight.modules.sys.oauth2.OAuth2Realm;
|
2023-09-20 14:35:52 +08:00
|
|
|
|
import org.apache.shiro.cache.ehcache.EhCacheManager;
|
2020-10-19 17:44:19 +08:00
|
|
|
|
import org.apache.shiro.mgt.SecurityManager;
|
|
|
|
|
|
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
|
|
|
|
|
|
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
|
|
|
|
|
|
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
|
|
|
|
|
|
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
|
|
|
|
|
|
import org.springframework.context.ApplicationContext;
|
|
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
|
|
|
import org.springframework.context.event.ContextRefreshedEvent;
|
|
|
|
|
|
import org.springframework.context.event.EventListener;
|
|
|
|
|
|
|
|
|
|
|
|
import javax.servlet.Filter;
|
|
|
|
|
|
import java.util.HashMap;
|
|
|
|
|
|
import java.util.LinkedHashMap;
|
|
|
|
|
|
import java.util.Map;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Shiro的配置文件
|
|
|
|
|
|
*
|
|
|
|
|
|
*
|
|
|
|
|
|
*/
|
|
|
|
|
|
@Configuration
|
|
|
|
|
|
public class ShiroConfig {
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 单机环境,session交给shiro管理
|
|
|
|
|
|
*/
|
|
|
|
|
|
/*
|
|
|
|
|
|
@Bean
|
|
|
|
|
|
@ConditionalOnProperty(prefix = "shapelight", name = "cluster", havingValue = "false")
|
|
|
|
|
|
public DefaultWebSessionManager sessionManager(@Value("${shapelight.globalSessionTimeout:3600}") long globalSessionTimeout){
|
|
|
|
|
|
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
|
|
|
|
|
|
sessionManager.setSessionValidationSchedulerEnabled(true);
|
|
|
|
|
|
sessionManager.setSessionIdUrlRewritingEnabled(false);
|
|
|
|
|
|
sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
|
|
|
|
|
|
sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);
|
|
|
|
|
|
|
|
|
|
|
|
return sessionManager;
|
|
|
|
|
|
}
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 集群环境,session交给spring-session管理
|
|
|
|
|
|
*/
|
|
|
|
|
|
/*@Bean
|
|
|
|
|
|
@ConditionalOnProperty(prefix = "shapelight", name = "cluster", havingValue = "true")
|
|
|
|
|
|
public ServletContainerSessionManager servletContainerSessionManager() {
|
|
|
|
|
|
return new ServletContainerSessionManager();
|
|
|
|
|
|
}*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
|
|
|
|
|
|
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
|
|
|
|
|
|
securityManager.setRealm(userRealm);
|
|
|
|
|
|
securityManager.setSessionManager(sessionManager);
|
|
|
|
|
|
securityManager.setRememberMeManager(null);
|
|
|
|
|
|
|
|
|
|
|
|
return securityManager;
|
|
|
|
|
|
}*/
|
|
|
|
|
|
@Bean("securityManager")
|
|
|
|
|
|
public SecurityManager securityManager(OAuth2Realm oAuth2Realm) {
|
|
|
|
|
|
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
|
2023-09-20 14:35:52 +08:00
|
|
|
|
securityManager.setCacheManager(new EhCacheManager());
|
2020-10-19 17:44:19 +08:00
|
|
|
|
securityManager.setRealm(oAuth2Realm);
|
|
|
|
|
|
securityManager.setRememberMeManager(null);
|
|
|
|
|
|
return securityManager;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
|
|
|
|
|
|
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
|
|
|
|
|
|
shiroFilter.setSecurityManager(securityManager);
|
|
|
|
|
|
shiroFilter.setLoginUrl("/login.html");
|
|
|
|
|
|
shiroFilter.setUnauthorizedUrl("/");
|
|
|
|
|
|
|
|
|
|
|
|
Map<String, String> filterMap = new LinkedHashMap<>();
|
|
|
|
|
|
filterMap.put("/swagger/**", "anon");
|
|
|
|
|
|
filterMap.put("/v2/api-docs", "anon");
|
|
|
|
|
|
filterMap.put("/swagger-ui.html", "anon");
|
|
|
|
|
|
filterMap.put("/webjars/**", "anon");
|
|
|
|
|
|
filterMap.put("/swagger-resources/**", "anon");
|
|
|
|
|
|
|
|
|
|
|
|
filterMap.put("/statics/**", "anon");
|
|
|
|
|
|
filterMap.put("/login.html", "anon");
|
|
|
|
|
|
filterMap.put("/sys/login", "anon");
|
|
|
|
|
|
filterMap.put("/favicon.ico", "anon");
|
|
|
|
|
|
filterMap.put("/captcha.jpg", "anon");
|
|
|
|
|
|
filterMap.put("/**", "authc");
|
|
|
|
|
|
shiroFilter.setFilterChainDefinitionMap(filterMap);
|
|
|
|
|
|
|
|
|
|
|
|
return shiroFilter;
|
|
|
|
|
|
}*/
|
|
|
|
|
|
@Bean("shiroFilter")
|
|
|
|
|
|
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
|
|
|
|
|
|
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
|
|
|
|
|
|
shiroFilter.setSecurityManager(securityManager);
|
|
|
|
|
|
|
|
|
|
|
|
//oauth过滤
|
|
|
|
|
|
Map<String, Filter> filters = new HashMap<>();
|
|
|
|
|
|
filters.put("oauth2", new OAuth2Filter());
|
|
|
|
|
|
shiroFilter.setFilters(filters);
|
|
|
|
|
|
|
|
|
|
|
|
Map<String, String> filterMap = new LinkedHashMap<>();
|
|
|
|
|
|
// filterMap.put("/ten/member/uploadExcel", "anon");
|
|
|
|
|
|
// filterMap.put("/ten/member/uploadImage", "anon");
|
|
|
|
|
|
// filterMap.put("/ten/member/uploadImageBatch", "anon");
|
|
|
|
|
|
// filterMap.put("/ten/member/uploadZip", "anon");
|
|
|
|
|
|
filterMap.put("/webjars/**", "anon");
|
|
|
|
|
|
filterMap.put("/druid/**", "anon");
|
|
|
|
|
|
filterMap.put("/app/**", "anon");
|
2024-11-11 16:56:43 +08:00
|
|
|
|
filterMap.put("/parent/app/**", "anon");
|
2020-10-19 17:44:19 +08:00
|
|
|
|
filterMap.put("/api/**", "anon");
|
|
|
|
|
|
filterMap.put("/images/**", "anon");//网站上传的图片files
|
|
|
|
|
|
filterMap.put("/files/**", "anon");//网站上传的图片files
|
|
|
|
|
|
filterMap.put("/sys/login", "anon");
|
|
|
|
|
|
filterMap.put("/sys/config/listapp", "anon");
|
|
|
|
|
|
filterMap.put("/sys/appversion/listapp", "anon");
|
|
|
|
|
|
filterMap.put("/swagger/**", "anon");
|
|
|
|
|
|
filterMap.put("/v2/api-docs", "anon");
|
|
|
|
|
|
filterMap.put("/swagger-ui.html", "anon");
|
|
|
|
|
|
filterMap.put("/swagger-resources/**", "anon");
|
|
|
|
|
|
filterMap.put("/captcha.jpg", "anon");
|
|
|
|
|
|
// filterMap.put("/aaa.txt", "anon");
|
|
|
|
|
|
filterMap.put("/**", "oauth2");
|
|
|
|
|
|
|
|
|
|
|
|
shiroFilter.setFilterChainDefinitionMap(filterMap);
|
|
|
|
|
|
|
|
|
|
|
|
return shiroFilter;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Bean("lifecycleBeanPostProcessor")
|
|
|
|
|
|
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
|
|
|
|
|
|
return new LifecycleBeanPostProcessor();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
|
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
|
|
|
|
|
|
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
|
|
|
|
|
|
advisor.setSecurityManager(securityManager);
|
|
|
|
|
|
return advisor;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
