package com.ygj.yuemum.shiro; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.session.mgt.SessionManager; import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.LinkedHashMap; import java.util.Map; @Configuration public class ShiroConfig { @Bean public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); // 必须设置 SecurityManager shiroFilterFactoryBean.setSecurityManager(securityManager); // setLoginUrl 如果不设置值,默认会自动寻找Web工程根目录下的"/login.jsp"页面 或 "/login" 映射 shiroFilterFactoryBean.setLoginUrl("/webLogin"); // 设置无权限时跳转的 url; shiroFilterFactoryBean.setUnauthorizedUrl("/unauth"); // 设置拦截器 Map filterChainDefinitionMap = new LinkedHashMap<>(); //小程序开放权限 filterChainDefinitionMap.put("/addEquipmenteHireDetail", "anon"); filterChainDefinitionMap.put("/addEquipmenteHireHeadOnline", "anon"); filterChainDefinitionMap.put("/deleteEquipmenteHireHead", "anon"); filterChainDefinitionMap.put("/deleteWXUserDefAddress", "anon"); filterChainDefinitionMap.put("/checkStockDate", "anon"); filterChainDefinitionMap.put("/getBanners", "anon"); filterChainDefinitionMap.put("/getConsultant", "anon"); filterChainDefinitionMap.put("/getCustomerEq", "anon"); filterChainDefinitionMap.put("/getEquipmentTypes", "anon"); filterChainDefinitionMap.put("/getEqUserAddress", "anon"); filterChainDefinitionMap.put("/getIndexs", "anon"); filterChainDefinitionMap.put("/getMktInfos", "anon"); filterChainDefinitionMap.put("/getPackageDetail", "anon"); filterChainDefinitionMap.put("/getPackageLists", "anon"); filterChainDefinitionMap.put("/getPackageShowname", "anon"); filterChainDefinitionMap.put("/getPIClasses", "anon"); filterChainDefinitionMap.put("/getPIGroups", "anon"); filterChainDefinitionMap.put("/getPIServices", "anon"); filterChainDefinitionMap.put("/getPromotions", "anon"); filterChainDefinitionMap.put("/getWXCustomerCoupons", "anon"); filterChainDefinitionMap.put("/getWxDecrypt", "anon"); filterChainDefinitionMap.put("/getWXOpenid", "anon"); filterChainDefinitionMap.put("/getWXUserAddress", "anon"); filterChainDefinitionMap.put("/getYueSuo", "anon"); filterChainDefinitionMap.put("/insertCustomerBooking", "anon"); filterChainDefinitionMap.put("/insertEqCustomerBooking", "anon"); filterChainDefinitionMap.put("/insertWXUserAddress", "anon"); filterChainDefinitionMap.put("/updateWXUser", "anon"); filterChainDefinitionMap.put("/updateWXUserAddress", "anon"); filterChainDefinitionMap.put("/updateWXUserDefAddress", "anon"); filterChainDefinitionMap.put("/WXSendBookingMessage", "anon"); filterChainDefinitionMap.put("/WXSendOrderMessage", "anon"); filterChainDefinitionMap.put("/WXSendYSOrderMessage", "anon"); filterChainDefinitionMap.put("/getEquipmentAmount", "anon"); filterChainDefinitionMap.put("/getValidPO", "anon"); filterChainDefinitionMap.put("/getValidPosition", "anon"); filterChainDefinitionMap.put("/getWxPosition", "anon"); filterChainDefinitionMap.put("/insertPromotionUserInfo", "anon"); filterChainDefinitionMap.put("/checkDcIntroducers", "anon"); filterChainDefinitionMap.put("/getDcIntroduceLogs", "anon"); filterChainDefinitionMap.put("/getDcIntroducerExtracts", "anon"); filterChainDefinitionMap.put("/date_DcIntroducerExtracts", "anon"); filterChainDefinitionMap.put("/getAccountNumber", "anon"); filterChainDefinitionMap.put("/queryOneDcIntroducerExtract", "anon"); filterChainDefinitionMap.put("/insertDcIntroducerExtract", "anon"); filterChainDefinitionMap.put("/WXSendExtractMessage", "anon"); filterChainDefinitionMap.put("/insertDcIntroduceLog", "anon"); filterChainDefinitionMap.put("/getDcIntroducerConsultants", "anon"); filterChainDefinitionMap.put("/queryMineOrder", "anon"); filterChainDefinitionMap.put("/getYSOrder", "anon"); filterChainDefinitionMap.put("/insertYsOrderPay", "anon"); filterChainDefinitionMap.put("/checkCustomerPay", "anon"); filterChainDefinitionMap.put("/queryYSOrderReturn", "anon"); filterChainDefinitionMap.put("/updateEquipmenteHireHeadOnline", "anon"); filterChainDefinitionMap.put("/getIndexPromotions", "anon"); filterChainDefinitionMap.put("/CreatePOP", "anon"); filterChainDefinitionMap.put("/getPromotionDC", "anon"); filterChainDefinitionMap.put("/checkMkt", "anon"); filterChainDefinitionMap.put("/getBranches", "anon"); filterChainDefinitionMap.put("/insertPromotionDCUserInfo", "anon"); filterChainDefinitionMap.put("/updateDcIntroducerApplicant", "anon"); filterChainDefinitionMap.put("/updateAccountNumber", "anon"); filterChainDefinitionMap.put("/insertPromotionChannelLog", "anon"); filterChainDefinitionMap.put("/getPromotionTestByPrxID", "anon"); filterChainDefinitionMap.put("/getPromotionTestResultByPtID", "anon"); filterChainDefinitionMap.put("/insertPromotionTestUserScore", "anon"); filterChainDefinitionMap.put("/CreateTestShare", "anon"); filterChainDefinitionMap.put("/getPromotionDCByID", "anon"); filterChainDefinitionMap.put("/getPromotionTestUserScoreByOpenID", "anon"); filterChainDefinitionMap.put("/getPromotionTestResultShowByPrxID", "anon"); filterChainDefinitionMap.put("/getWXDianPing", "anon"); filterChainDefinitionMap.put("/getWXContentTypes", "anon"); filterChainDefinitionMap.put("/queryUserContent", "anon"); filterChainDefinitionMap.put("/getWXUser", "anon"); filterChainDefinitionMap.put("/getWXMMSearchQuestion", "anon"); filterChainDefinitionMap.put("/queryUserMMSearch", "anon"); filterChainDefinitionMap.put("/getMmInfoResume", "anon"); filterChainDefinitionMap.put("/getPackageImagesByID", "anon"); //萌动开放权限 filterChainDefinitionMap.put("/getNewUserCoupon", "anon"); filterChainDefinitionMap.put("/getConsultTaskCoupon", "anon"); filterChainDefinitionMap.put("/getDetectionTaskCoupon", "anon"); filterChainDefinitionMap.put("/getRechargeTaskCoupon", "anon"); //文件上传临时解决方案 filterChainDefinitionMap.put("/uploadPromotionImg","anon"); filterChainDefinitionMap.put("/uploadImg","anon"); filterChainDefinitionMap.put("/uploadPayImg","anon"); filterChainDefinitionMap.put("/uploadMiniImg","anon"); filterChainDefinitionMap.put("/uploadDianPingImg","anon"); //简历分享问题 filterChainDefinitionMap.put("/getWeChatInfo","anon"); //超人妈妈学院 filterChainDefinitionMap.put("/college/queryUserPoints","anon"); filterChainDefinitionMap.put("/college/queryUserLearningCore","anon"); filterChainDefinitionMap.put("/college/queryUserLearningPractice","anon"); filterChainDefinitionMap.put("/college/queryUserLearningExperience","anon"); filterChainDefinitionMap.put("/college/queryUserLearningCoreDetail","anon"); filterChainDefinitionMap.put("/college/queryCoreDetail","anon"); filterChainDefinitionMap.put("/college/queryTests","anon"); filterChainDefinitionMap.put("/college/addTestDetail","anon"); filterChainDefinitionMap.put("/college/queryPracticeDetail","anon"); filterChainDefinitionMap.put("/college/queryExperienceDetail","anon"); filterChainDefinitionMap.put("/college/addCollegeBooking","anon"); filterChainDefinitionMap.put("/college/corePositive","anon"); filterChainDefinitionMap.put("/college/coreLearningUpdate","anon"); filterChainDefinitionMap.put("/college/coreLearningFinish","anon"); filterChainDefinitionMap.put("/college/getCollegeBooking","anon"); filterChainDefinitionMap.put("/college/bookingCancel","anon"); filterChainDefinitionMap.put("/eLearning/index","anon"); filterChainDefinitionMap.put("/eLearning/courseworkList","anon"); filterChainDefinitionMap.put("/eLearning/courseworkDetail","anon"); filterChainDefinitionMap.put("/eLearning/testList","anon"); filterChainDefinitionMap.put("/eLearning/testComplete","anon"); filterChainDefinitionMap.put("/eLearning/courseworkComplete","anon"); filterChainDefinitionMap.put("/eLearning/courseworkUpdate","anon"); // //用户,需要角色权限 “user” // filterChainDefinitionMap.put("/user/**", "roles[user]"); // //管理员,需要角色权限 “admin” // filterChainDefinitionMap.put("/admin/**", "roles[admin]"); //开放登陆接口 filterChainDefinitionMap.put("/login", "anon"); //其余接口一律拦截 //主要这行代码必须放在所有权限设置的最后,不然会导致所有 url 都被拦截 filterChainDefinitionMap.put("/**", "authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return shiroFilterFactoryBean; } /** * 自定义身份认证 realm; *

* 必须写这个类,并加上 @Bean 注解,目的是注入 CustomRealm, * 否则会影响 CustomRealm类 中其他类的依赖注入 */ @Bean public CustomRealm customRealm() { return new CustomRealm(); } @Bean public SessionManager sessionManager(){ ShiroSessionManager shiroSessionManager = new ShiroSessionManager(); //这里可以不设置。Shiro有默认的session管理。如果缓存为Redis则需改用Redis的管理 shiroSessionManager.setSessionDAO(new EnterpriseCacheSessionDAO()); return shiroSessionManager; } @Bean public SecurityManager securityManager(){ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(customRealm()); //自定义session管理 securityManager.setSessionManager(sessionManager()); //自定义缓存实现 // securityManager.setCacheManager(ehCacheManager()); return securityManager; } }