Shiro - HITSUN2015/Util GitHub Wiki

配置文件

web.xml shiroFilter org.springframework.web.filter.DelegatingFilterProxy targetFilterLifecycle true shiroFilter /*

spring-shiro.xml

<!-- 退出登录过滤器 -->
<bean id="logoutFilter" class="cn.egenie.web.common.shiro.CustomLogoutFilter">
    <property name="redirectUrl" value="/shiro_login"/>
</bean>

<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
    <property name="securityManager" ref="securityManager"/>
    <!-- override these for application-specific URLs if you like:-->
    <property name="loginUrl" value="/shiro_login"/>
    <property name="unauthorizedUrl" value="/shiro_login"/>
    <!-- The 'filters' property is not necessary since any declared javax.servlet.Filter bean  -->
    <!-- defined will be automatically acquired and available via its beanName in chain        -->
    <!-- definitions, but you can perform instance overrides or name aliases here if you like: -->
    <property name="filters">
        <util:map>
            <entry key="authc" value-ref="formAuthenticationFilter"/>
            <entry key="authc_mute" value-ref="muteAuthenticationFilter"/>
            <entry key="authc_pda" value-ref="pdaAuthenticationFilter"/>
            <entry key="logout" value-ref="logoutFilter"/>
            <!--<entry key="sysUser" value-ref="sysUserFilter"/>-->
            <!--<entry key="onlineSession" value-ref="onlineSessionFilter"/>-->
            <!--<entry key="syncOnlineSession" value-ref="syncOnlineSessionFilter"/>-->
            <!--<entry key="jCaptchaValidate" value-ref="jCaptchaValidateFilter"/>-->
        </util:map>
    </property>
    <property name="filterChainDefinitions">
        <value>
            /static/** = anon
            /favicon.ico = anon
            /api/tenant/tenant = anon
            /api/tenant/integrate/tenant = anon
            /api/user/password = anon
            /api/pda/** = anon
            /download/** = anon
            /register = anon
            /password = anon
            /api/dts/server/** = anon
            /api/open/order/** = anon
            /api/management/**=anon
            /logout = logout
            /shiro_login = authc
            /api/tenant/integrate/login = authc_mute
            /** = user,perms,roles<!--,sysUser,onlineSession,syncOnlineSession-->
        </value>
    </property>
</bean>
试验:这里的bean 要想通过property属性注入,需要提供set方法

这里 在自己尝试使用时,web.xml 报错,我就以为是没找到我在新建的spring-test.xml定义的bean,但是这种xml配置,只有在启动时才会跳转寻找(TOdo prove),所以这个红线是 web.xml文件内部的错误!!!

关于如何加载其他的spring-.xml配置文件 web.xml中 contextConfigLocation /WEB-INF/spring-.xml tip:在全局搜索spring-shiro.xml文件没找到:很可能是这种:spring-*的格式,以后搜索时要注意 import javax.servlet.http.HttpSession;

草稿

父类 功能
CustomFormAuthenticationFilter
CustomLogoutFilter
FileHandleExportVO
LoginFormController
NonFormAuthenticationFilter
TokenWithSMSCode
UserRealm
⚠️ **GitHub.com Fallback** ⚠️