/*
* Copyright (c) 2017 4PX Information Technology Co.,Ltd. All rights reserved.
*/
package com.fpx.order.csm.config;
import java.util.Arrays;
import java.util.EventListener;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import org.apache.catalina.connector.Connector;
import org.apache.shiro.cas.CasFilter;
import org.apache.shiro.cas.CasSubjectFactory;
import org.apache.shiro.session.mgt.eis.MemorySessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.dozer.DozerBeanMapper;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.context.embedded.tomcat.TomcatConnectorCustomizer;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.core.env.Environment;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.filter.CharacterEncodingFilter;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter;
import org.springframework.web.servlet.mvc.support.DefaultHandlerExceptionResolver;
import com.fpx.basic.sdk.rbaccenter.RBACCenterService;
import com.fpx.common.core.tool.GIdUtil;
import com.fpx.order.common.context.PcsHandlerExceptionResolver;
import com.fpx.order.common.context.PcsMappingJackson2HttpMessageConverter;
import com.fpx.order.common.util.JsonObjectMapper;
import com.fpx.order.csm.realm.MyCasRealm;
import com.fpx.order.util.convert.PojoConverter;
/**
*
* @author linzhh
* @date 2017年7月7日
*/
@ComponentScan(basePackages = { "com.fpx.order.common.context" })
@Configuration
public class ApplicationConfig extends WebMvcConfigurerAdapter implements EnvironmentAware {
@Autowired
private Environment env;
@Bean
public PojoConverter pojoConverter() {
List<String> mappingFiles = Arrays.asList("META-INF/dozer/dozer-mapping.xml");
DozerBeanMapper dozerBeanMapper = new DozerBeanMapper();
dozerBeanMapper.setMappingFiles(mappingFiles);
return new PojoConverter(dozerBeanMapper);
}
@Value("${datacenterId}")
private long datacenterId;
@Bean
public GIdUtil gIdUtil() {
return new GIdUtil(datacenterId);
}
@Bean(name = "myCasRealm")
public MyCasRealm myCasRealm() {
MyCasRealm realm = new MyCasRealm();
realm.setCasServerUrlPrefix(env.getProperty("cas.server.url"));
realm.setCasService(env.getProperty("cas.client.url") + "/login");
realm.setAuthorizationCachingEnabled(false);
return realm;
}
@Bean
public FilterRegistrationBean filterRegistrationBean1() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
SingleSignOutFilter ssFilter = new SingleSignOutFilter();
filterRegistration.setFilter(ssFilter);
// filterRegistration.addInitParameter("excludedPages",
// "/customer/package/prealert/**");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
// CharacterEncodingFilter characterEncodingFilter = new
// CharacterEncodingFilter();
// characterEncodingFilter.setForceEncoding(true);
// characterEncodingFilter.setEncoding("UTF-8");
// filterRegistration.setFilter(characterEncodingFilter);
filterRegistration.setOrder(1);
return filterRegistration;
}
@Bean
public FilterRegistrationBean filterRegistrationBean2() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setForceEncoding(true);
characterEncodingFilter.setEncoding("UTF-8");
filterRegistration.setFilter(characterEncodingFilter);
filterRegistration.setOrder(2);
return filterRegistration;
}
@Bean
public FilterRegistrationBean filterRegistrationBean3() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
// 该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
filterRegistration.addInitParameter("targetFilterLifecycle", "true");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(3);
return filterRegistration;
}
// @Bean
// public FilterRegistrationBean filterRegistrationBean3() {
// FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
// filterRegistration.setOrder(3);
// filterRegistration.setFilter(new SessionFilter());
// filterRegistration.setEnabled(true);
// filterRegistration.addUrlPatterns("/*");
// return filterRegistration;
// }
@Bean
public ServletListenerRegistrationBean<EventListener> getListener() {
ServletListenerRegistrationBean<EventListener> registrationBean = new ServletListenerRegistrationBean<>();
registrationBean.setListener(new SingleSignOutHttpSessionListener());
return registrationBean;
}
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator daap = new DefaultAdvisorAutoProxyCreator();
daap.setProxyTargetClass(true);
return daap;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(MyCasRealm myCasRealm) {
DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager();
dwsm.setSessionManager(getDefaultWebSessionManager());
dwsm.setRealm(myCasRealm);
dwsm.setSubjectFactory(new CasSubjectFactory());
return dwsm;
}
@Bean(name = "sessionManager")
public DefaultWebSessionManager getDefaultWebSessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setGlobalSessionTimeout(1000 * 60 * 60 * 24);// 24小时session超时
sessionManager.setSessionDAO(getMemorySessionDAO());
sessionManager.setSessionValidationInterval(1000 * 60 * 60 * 10);// 每10小时检查一次是否有超时session并删除
Cookie cookie = new SimpleCookie("PCSCJSESSIONID");
cookie.setHttpOnly(true);
sessionManager.setSessionIdCookie(cookie);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
return sessionManager;
}
@Bean(name = "memorySessionDAO")
public MemorySessionDAO getMemorySessionDAO() {
return new MemorySessionDAO();
}
@Bean
public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(
DefaultWebSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();
aasa.setSecurityManager(securityManager);
return aasa;
}
@Bean(name = "rBACCenterService")
public RBACCenterService getRBACCenterService() {
return new RBACCenterService(env.getProperty("rbac.center.url"), env.getProperty("sys.clientId"));
}
// @Bean(name="userFilter")
// public PcsCasFilter userFilter(){
// PcsCasFilter filter = new PcsCasFilter();
// return filter;
// }
@Bean(name = "casFilter")
public CasFilter casFilter() {
CasFilter casFilter = new CasFilter();
// PcsCasFilter casFilter = new PcsCasFilter();
casFilter.setName("casFilter");
casFilter.setEnabled(true);
// 登录失败后跳转的URL,也就是 Shiro 执行 CasRealm 的 doGetAuthenticationInfo
// 方法向CasServer验证tiket
casFilter.setFailureUrl(
env.getProperty("cas.server.url") + "/login?service=" + env.getProperty("cas.client.url") + "/login");// 认证失败后再打开登录页面
return casFilter;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,
CasFilter casFilter/* ,UserFilter userFilter */) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setName("logout");
logoutFilter.setEnabled(true);
logoutFilter.setRedirectUrl(
env.getProperty("cas.server.url") + "/logout?service=" + env.getProperty("cas.client.url"));
// 必须设置 SecurityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
shiroFilterFactoryBean.setLoginUrl(
env.getProperty("cas.server.url") + "/login?service=" + env.getProperty("cas.client.url") + "/login");
// 登录成功后要跳转的连接
shiroFilterFactoryBean.setSuccessUrl("/");
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
// SessionFilter sessionFilter = new SessionFilter();
// 添加casFilter到shiroFilter中
Map<String, Filter> filters = new LinkedHashMap<>();
// FormAuthenticationFilter authc = new FormAuthenticationFilter();
// AnonymousFilter anon = new AnonymousFilter();
filters.put("logout", logoutFilter);
filters.put("casFilter", casFilter);
// filters.put("anon", anon);
// filters.put("authc", authc);
// filters.put("sessionFilter", sessionFilter);
// filters.put("user", userFilter);
shiroFilterFactoryBean.setFilters(filters);
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/script/**", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/error/**", "anon");
filterChainDefinitionMap.put("/manage/**", "anon");// 健康检查
// 支持会员填写无预报包裹数据
filterChainDefinitionMap.put("/customer/package/prealert/**", "anon");
filterChainDefinitionMap.put("/sys/data/dictionary/**", "anon");
filterChainDefinitionMap.put("/category/**", "anon");
filterChainDefinitionMap.put("/area/**", "anon");
filterChainDefinitionMap.put("/common/**", "anon");
filterChainDefinitionMap.put("/WEB-INF/pages/error/**", "anon");
filterChainDefinitionMap.put("/images/**", "anon");
filterChainDefinitionMap.put("/imgs/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/plugins/**", "anon");
filterChainDefinitionMap.put("/layer/**", "anon");
filterChainDefinitionMap.put("/widgets/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/login", "casFilter");
filterChainDefinitionMap.put("/heartbeat", "anon");
filterChainDefinitionMap.put("/prealert/track/simulateMQTrackMessage", "anon");
filterChainDefinitionMap.put("/prealert/track/twxSendTrack", "anon"); // 淘海外系统调用此接口推送轨迹
filterChainDefinitionMap.put("/prealert/track/getSendMessageOrReSend", "anon"); // 修复数据开启,结束后关闭
filterChainDefinitionMap.put("/favicon.ico", "anon");
filterChainDefinitionMap.put("/**", "user");
// filterChainDefinitionMap.put("/**", "sessionFilter");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public MethodInvokingFactoryBean getMethodInvokingFactoryBean(DefaultWebSecurityManager securityManager) {
MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
methodInvokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
methodInvokingFactoryBean.setArguments(new Object[] { securityManager });
return methodInvokingFactoryBean;
}
@Override
public void setEnvironment(Environment env) {
this.env = env;
}
@Bean
public TomcatConnectorCustomizer tomcatConnectorCustomizer() {
return new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setURIEncoding("UTF-8");
connector.setUseBodyEncodingForURI(true);
}
};
}
@Bean
public MessageSource messageSource() {
// ResourceBundleMessageSource ms = new ResourceBundleMessageSource();
// ReloadableResourceBundleMessageSource ms = new
// PcsReloadableResourceBundleMessageSource();
ReloadableResourceBundleMessageSource ms = new ReloadableResourceBundleMessageSource();
ms.setBasenames(new String[] { "classpath:META-INF/i18n/csm", "classpath:META-INF/i18n/global" });
ms.setCacheSeconds(20);
ms.setUseCodeAsDefaultMessage(true);
return ms;
}
// public MappingJackson2HttpMessageConverter
// mappingJackson2HttpMessageConverter(){
// return new PcsMappingJackson2HttpMessageConverter();
// }
@Bean
public RequestMappingHandlerAdapter requestMappingHandlerAdapter() {
RequestMappingHandlerAdapter adapter = new RequestMappingHandlerAdapter();
adapter.getMessageConverters().add(new PcsMappingJackson2HttpMessageConverter());
return adapter;
}
// @Bean
// public DateJsonDeserializer dateJsonDeserializer(){
// return new DateJsonDeserializer();
// }
@Override
public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
PcsMappingJackson2HttpMessageConverter converter = new PcsMappingJackson2HttpMessageConverter();
//// converter.setMessageSource(messageSource);
// converters.add(converter);
converter.setObjectMapper(new JsonObjectMapper());
converter.setSupportedMediaTypes(Arrays.asList(MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON_UTF8));
converters.add(converter);
// converters.add(new PcsMappingJackson2HttpMessageConverter());
}
@Override // 这里配置后,会在HandlerExceptionResolverComposite中的处理器列表中加上这里配置的异常处理器,原默认列表中的处理器都失效
public void configureHandlerExceptionResolvers(List<HandlerExceptionResolver> exceptionResolvers) {
DefaultHandlerExceptionResolver pcsExceptionResolver = new PcsHandlerExceptionResolver();
exceptionResolvers.add(pcsExceptionResolver);
}
}
------------------------------------------------------------------------------------------------------------------------------------
Spring 静态注入讲解(MethodInvokingFactoryBean)
与其说是静态注入( IOC ),不如讲是对JavaBean 的静态成员变量进行赋值。
一般我们在使用依赖注入的时候,如果当前对象(javaBean )创建(实例化)一次,那么非静态的成员变量也会实例化一次,用来支持当前对象的正常使用。而我们有的时候,一些对象是单例(scope="singleton" )的,或者一些变量从项目启动从配置文件加载后不需要变化,那么这种情况下怎么处理呢?
静态注入配置( XML ):
<!-- 静态注入,相当于调用SecurityUtils.setSecurityManager(securityManager) --><bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"><property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/><property name="arguments" ref="securityManager"/></bean>
上面注释写的很清楚,等于调用了下面的方法:
SecurityUtils.setSecurityManager(securityManager)
就这么简单。
指定一个staticMethod ,静态的set 方法,另外一个参数是目标对象。把这个对象赋值过去。
如果arguments 是多个,采用 List 赋值。
<!-- 静态注入,相当于调用SecurityUtils.setSecurityManager(securityManager) --><bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"><property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/><property name="arguments"><list><value>securityManager</value></list></property></bean>