shiro加入自定义过滤器
##SpringBoot下Shiro添加过滤器
-
自定义filter继承AdviceFilter
package com.itdage.filter;import org.apache.shiro.web.filter.AccessControlFilter;import org.apache.shiro.web.filter.authz.AuthorizationFilter;import org.apache.shiro.web.servlet.AdviceFilter;import org.springframework.stereotype.Component;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletResponse;@Componentpublic class SimpleCORSFilter extends AdviceFilter {@Overrideprotected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {HttpServletResponse res = (HttpServletResponse) response;res.setHeader("Access-Control-Allow-Origin", "*");res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");res.setHeader("Access-Control-Max-Age", "3600");res.setHeader("Access-Control-Allow-Headers", "Content-Type,XFILENAME,XFILECATEGORY,XFILESIZE");return true;}} -
ShiroFilterFactoryBean中追加自己定义的过滤器
package com.itdage.configuration;import com.itdage.filter.SimpleCORSFilter;import com.itdage.realm.MyShiroRealm;import org.apache.shiro.authc.credential.HashedCredentialsMatcher;import org.apache.shiro.cache.ehcache.EhCacheManager;import org.apache.shiro.spring.LifecycleBeanPostProcessor;import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;import org.apache.shiro.spring.web.ShiroFilterFactoryBean;import org.apache.shiro.web.mgt.DefaultWebSecurityManager;import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;import org.springframework.beans.factory.annotation.Qualifier;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.context.annotation.DependsOn;import javax.servlet.Filter;import java.util.HashMap;import java.util.LinkedHashMap;import java.util.Map;//shiro配置类@Configurationpublic class ShiroConfiguration {// private final Logger logger = Logger.getLogger(ShiroConfiguration.class);// 加上MD5验证@Bean(name = "securityManager")public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("authRealm") MyShiroRealm myShiroRealm){DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();//设置realmsecurityManager.setRealm(myShiroRealm);securityManager.setCacheManager(getEhCacheManager());return securityManager;}@Bean(name = "myShiroRealm")public MyShiroRealm myShiroRealm(EhCacheManager ehCacheManager){MyShiroRealm realm = new MyShiroRealm();realm.setCacheManager(ehCacheManager);return realm;}@Bean(name = "lifecycleBeanPostProcessor")public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){return new LifecycleBeanPostProcessor();}@Beanpublic AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();advisor.setSecurityManager(securityManager);return advisor;}@Beanpublic DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();creator.setProxyTargetClass(true);return creator;}@Beanpublic EhCacheManager getEhCacheManager(){EhCacheManager ehcacheManager = new EhCacheManager();ehcacheManager.setCacheManagerConfigFile("classpath:config/ehcache-shiro.xml");return ehcacheManager;}@Beanpublic SimpleCORSFilter simpleCORSFilter(){return new SimpleCORSFilter();}@Bean(name = "shiroFilter")public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();factoryBean.setSecurityManager(securityManager);// 自定义filter 加入shiro过滤器链Map
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!