package com.ruixin.config;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import com.ruixin.common.security.URLPermissionsFilter;
import com.ruixin.common.security.UserRealm;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.config.CacheConfiguration;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.AnonymousFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.web.filter.DelegatingFilterProxy;
/**
* shiro配置类
*/
@Configuration
public class ShiroConfiguration {
/**
* FilterRegistrationBean
* @return
*/
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
filterRegistration.setDispatcherTypes(DispatcherType.REQUEST);
return filterRegistration;
}
/**
* @see org.apache.shiro.spring.web.ShiroFilterFactoryBean
* @return
*/
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilter(){
ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
bean.setSecurityManager(securityManager());
bean.setLoginUrl("/login");
bean.setUnauthorizedUrl("/unauthor");
Map<String, Filter>filters = new HashMap<String, Filter>();
filters.put("perms", urlPermissionsFilter());
filters.put("anon", new AnonymousFilter());
bean.setFilters(filters);
Map<String, String> chains = new HashMap<String, String>();
chains.put("/login", "anon");
chains.put("/admin/**", "perms");
chains.put("/user/**", "perms");
chains.put("/news/**", "perms");
chains.put("/unauthor", "anon");
chains.put("/logout", "anon");
chains.put("/static/**", "anon");
bean.setFilterChainDefinitionMap(chains);
return bean;
}
/**
* @see org.apache.shiro.mgt.SecurityManager
* @return
*/
@Bean(name="securityManager")
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
manager.setRealm(userRealm());
manager.setCacheManager(ehCacheManager());
manager.setSessionManager(defaultWebSessionManager());
return manager;
}
/**
* @see DefaultWebSessionManager
* @return
*/
@Bean(name="sessionManager")
public DefaultWebSessionManager defaultWebSessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setCacheManager(ehCacheManager());
sessionManager.setGlobalSessionTimeout(1800000);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setDeleteInvalidSessions(true);
return sessionManager;
}
/**
* @see UserRealm--->AuthorizingRealm
* @return
*/
@Bean
@DependsOn(value="lifecycleBeanPostProcessor")
public UserRealm userRealm() {
UserRealm userRealm = new UserRealm();
userRealm.setCacheManager(ehCacheManager());
userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
return userRealm;
}
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher(){
HashedCredentialsMatcher matcher=new HashedCredentialsMatcher();
matcher.setStoredCredentialsHexEncoded(true);
matcher.setHashAlgorithmName("MD5");
matcher.setHashIterations(1024);
return matcher;
}
@Bean
public URLPermissionsFilter urlPermissionsFilter() {
return new URLPermissionsFilter();
}
@Bean
public EhCacheManager ehCacheManager() {
EhCacheManager ehCacheManager=new EhCacheManager();
//ehCacheManager.setCacheManagerConfigFile("classpath:cache/ehcache.xml");
ehCacheManager.setCacheManager(cacheManager());
return ehCacheManager;
}
@Bean(name = "shiroCacheManager")
public CacheManager cacheManager(){
return new CacheManager(getClass().getResource("cache/ehcache.xml"));
}
@Bean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
}