spring boot integration shiro does not take effect after the static file Filter is configured. Here is the shiroconfig code. The bosses help to see what"s wrong.
package com.example.demo.config;
import com.example.demo.shiro.RedisShiroSessionDAO;
import com.example.demo.shiro.UserRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import java.util.LinkedHashMap;
import java.util.Map;
/ *
-
The
- Description: Apache Shiro core is implemented through Filter, just as SpringMvc is master controlled through DispachServlet.
- since we can generally guess that Filter is used for Filter and permission verification through URL rules, we need to define a series of rules and access permissions about URL.
* /
@ Configuration
public class ShiroConfig {
@Bean("sessionManager")
public SessionManager sessionManager(RedisShiroSessionDAO redisShiroSessionDAO,
@Value("${redis.open}") boolean redisOpen,
@Value("${shiro.redis}") boolean shiroRedis){
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
//session1(:)30
sessionManager.setGlobalSessionTimeout(60 * 60 * 1000);
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setSessionIdUrlRewritingEnabled(false);
//redisrenren.shiro.redis=trueshiro sessionredis
if(redisOpen && shiroRedis){
sessionManager.setSessionDAO(redisShiroSessionDAO);
}
return sessionManager;
}
@Bean("securityManager")
public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm);
securityManager.setSessionManager(sessionManager);
return securityManager;
}
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setSecurityManager(securityManager);
shiroFilter.setLoginUrl("/login");/ / shiroFilter.setUnauthorizedUrl ("/ login");
shiroFilter.setUnauthorizedUrl("/");
Map<String, String> filterMap = new LinkedHashMap<>(); / / filterMap.put ("/ swagger/**", "anon");
/ / filterMap.put ("/ v2/api-docs", "anon");
/ / filterMap.put ("/ swagger-ui.html", "anon");
/ / filterMap.put ("/ webjars/**", "anon");
/ / filterMap.put ("/ swagger-resources/**", "anon");
filterMap.put("/static/**", "anon");
filterMap.put("/static/error.png", "anon"); / / filterMap.put ("/ login.html", "anon");
/ / filterMap.put ("/ sys/login", "anon");
/ / filterMap.put ("/ favicon.ico", "anon");
/ / filterMap.put ("/ captcha.jpg", "anon");
filterMap.put("/**", "authc");
shiroFilter.setFilterChainDefinitionMap(filterMap);
return shiroFilter;
}
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
proxyCreator.setProxyTargetClass(true);
return proxyCreator;
}
/ / @ Bean
/ / public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor (SecurityManager securityManager) {
/ / AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor ();
/ / advisor.setSecurityManager (securityManager);
/ / return advisor;
/ /}
}