zoukankan      html  css  js  c++  java
  • shiro配置参考(一)

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://www.springframework.org/schema/beans" xmlns:util="http://www.springframework.org/schema/util"
        xmlns:context="http://www.springframework.org/schema/context" xmlns:p="http://www.springframework.org/schema/p"
        xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc"
        xmlns:aop="http://www.springframework.org/schema/aop"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/tx
        http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-4.0.xsd http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/aop
        http://www.springframework.org/schema/aop/spring-aop-4.0.xsd http://www.springframework.org/schema/util 
        http://www.springframework.org/schema/util/spring-util.xsd">
        
        <!-- 配置shiro的过滤器工厂类,id- shiroFilter要和我们在web.xml中配置的过滤器一致 -->
        <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        
            <!-- 调用我们配置的权限管理器 -->
            <property name="securityManager" ref="securityManager" />
            
            <!-- 配置我们的登录请求地址 -->
            <property name="loginUrl" value="/login.jsp" />
            
            <!-- 配置我们在登录页登录成功后的跳转地址 ,登录成功后的处理逻辑在LoginController里硬编码为home.jsp-->
            <property name="successUrl" value="/WEB-INF/jsp/home.jsp" />
            
            <!-- 如果您请求的资源不再您的权限范围,则跳转到/403请求地址 -->
            <property name="unauthorizedUrl" value="/unauthorized" />
            
            <property name="filters">
                <util:map>
                    <entry key="logout" value-ref="logoutFilter" />
                </util:map>
            </property>
            
            <!-- 权限配置 -->
            <property name="filterChainDefinitions">
                <value>
                    <!-- anon表示此地址不需要任何权限即可访问 -->
                    /login/**    =anon
                    /js/**       =anon
                    /css/**      =anon
                    /img/**      =anon
                    /image/**    =anon
                    /logout/**   =logout
                    <!--所有的请求(除去配置的静态资源请求或请求地址为anon的请求)都要通过登录验证,如果未登录则跳到/login -->
                    /** = authc
                </value>
            </property>
        </bean>
        
        <bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter">
            <property name="redirectUrl" value="/login.jsp" />
        </bean>
    
    
    
        <!-- 会话ID生成器 -->
        <bean id="sessionIdGenerator"
            class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator" />
            
        <!-- 会话Cookie模板 关闭浏览器立即失效 -->
        <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
            <constructor-arg value="sid" />
            <property name="httpOnly" value="true" />
            <property name="maxAge" value="-1" />
        </bean>
        
        <!-- 会话DAO -->
        <bean id="sessionDAO"
            class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
            <property name="sessionIdGenerator" ref="sessionIdGenerator" />
        </bean>
        
        <!-- 会话验证调度器,每30分钟执行一次验证 ,设定会话超时及保存 -->
        <bean name="sessionValidationScheduler"
            class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
            <property name="interval" value="1800000" />
            <property name="sessionManager" ref="sessionManager" />
        </bean>
        
        
        <!-- 会话管理器 -->
        <bean id="sessionManager"
            class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
            <!-- 全局会话超时时间(单位毫秒),默认30分钟 -->
            <property name="globalSessionTimeout" value="1800000" />
            <property name="deleteInvalidSessions" value="true" />
            <property name="sessionValidationSchedulerEnabled" value="true" />
            <property name="sessionValidationScheduler" ref="sessionValidationScheduler" />
            <property name="sessionDAO" ref="sessionDAO" />
            <property name="sessionIdCookieEnabled" value="true" />
            <property name="sessionIdCookie" ref="sessionIdCookie" />
            <property name="sessionIdUrlRewritingEnabled" value="false" />
        </bean>
    
        <!-- 注册自定义的Realm-->
        <bean id="adminRealm" class="com.shiro.AdminRealm"/>
        <bean id="memberRealm" class="com.shiro.MemberRealm"/>
        
        <bean id="cacheManager" class="org.apache.shiro.cache.MemoryConstrainedCacheManager" />
        
        <!-- 安全管理器 -->
        <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
            <!-- 可以配置多个Realm,其实会把realms属性赋值给ModularRealmAuthenticator的realms属性 -->
            <property name="realms">
                <list>
                    <ref bean="memberRealm" />
                    <ref bean="adminRealm"/>
                </list>
            </property>
            <property name="authenticator" ref="authenticator"></property>
            <!-- 使用下面配置的缓存管理器 -->
            <property name="cacheManager" ref="cacheManager" />
            <property name="sessionManager" ref="sessionManager" />
        </bean>
        
        
         <!-- 配置使用自定义认证器,可以实现多Realm认证,并且可以指定特定Realm处理特定类型的验证 -->
        <bean id="authenticator" class="com.ang.elearning.shiro.CustomizedModularRealmAuthenticator">
            <!-- 配置认证策略,只要有一个Realm认证成功即可,并且返回所有认证成功信息 -->
            <property name="authenticationStrategy">
                <bean class="org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy"></bean>
            </property>
        </bean>
        
        
        <!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
        <bean
            class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
            <property name="staticMethod"
                value="org.apache.shiro.SecurityUtils.setSecurityManager" />
            <property name="arguments" ref="securityManager" />
        </bean>
    
        <!-- 开启shiro注解-1-->
        <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
              depends-on="lifecycleBeanPostProcessor">
            <property name="proxyTargetClass" value="true" />
        </bean>
        <!-- 开启shiro注解-2-->
        <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
            <property name="securityManager" ref="securityManager"/>
        </bean>
        
        <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
        <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
    
        
        <!-- shiro start -->
        <!-- shiro为集成springMvc 拦截异常,使用注解时无权限的跳转 -->
        <bean
            class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
            <property name="exceptionMappings">
                <props>
                    <!-- 这里你可以根据需要定义N多个错误异常转发 -->
                    <prop key="org.apache.shiro.authz.UnauthorizedException">redirect:/unauthorized</prop>
                    <prop key="org.apache.shiro.authz.UnauthenticatedException">redirect:/unauthorized</prop>
                    <prop key="java.lang.IllegalArgumentException">/page/error</prop>  <!-- 参数错误(bizError.jsp) -->
                    <prop key="java.lang.Exception">page/error</prop>  <!-- 其他错误为'未定义错误'(unknowError.jsp) -->
                </props>
            </property>
        </bean>
       <!-- shiro end -->
        
    </beans> 
  • 相关阅读:
    Python中if __name__ == '__main__':作用
    mac 用macports给python装opencv
    (转)学习&使用技术的四种层次
    图像处理入门,一些简单的基于像素几何变换和实现
    基于水平投影,垂直投影的字符图像分割思路和代码实现
    转:Cannot make a static reference to the non-static解决办法
    BP神经网络学习和c++例子程序代码
    python中初始化一个数组用来存储多张图片
    假期第二周周总结
    假期第一周周总结
  • 原文地址:https://www.cnblogs.com/xh_Blog/p/8241231.html
Copyright © 2011-2022 走看看