防止 shiro 认证失败后跳转页面,自定义shiro授权过滤器
一、注册自定义授权过滤器一、创建自定义授权过滤器
一、注册自定义授权过滤器
import org
.apache
.shiro
.spring
.LifecycleBeanPostProcessor
;
import org
.apache
.shiro
.spring
.security
.interceptor
.AuthorizationAttributeSourceAdvisor
;
import org
.apache
.shiro
.spring
.web
.ShiroFilterFactoryBean
;
import org
.apache
.shiro
.web
.mgt
.DefaultWebSecurityManager
;
import org
.apache
.shiro
.web
.servlet
.Cookie
;
import org
.apache
.shiro
.web
.session
.mgt
.DefaultWebSessionManager
;
import org
.crazycake
.shiro
.RedisCacheManager
;
import org
.crazycake
.shiro
.RedisManager
;
import org
.crazycake
.shiro
.RedisSessionDAO
;
import org
.springframework
.aop
.framework
.autoproxy
.DefaultAdvisorAutoProxyCreator
;
import org
.springframework
.beans
.factory
.annotation
.Qualifier
;
import org
.springframework
.context
.annotation
.Bean
;
import org
.springframework
.context
.annotation
.Configuration
;
import org
.springframework
.context
.annotation
.DependsOn
;
import quantity
.knowledgebase
.realm
.CustomSessionManager
;
import quantity
.knowledgebase
.realm
.MyFormAuthenticationFilter
;
import quantity
.knowledgebase
.realm
.MyRealm
;
import javax
.servlet
.Filter
;
import java
.util
.LinkedHashMap
;
import java
.util
.concurrent
.ConcurrentHashMap
;
@Configuration
public class ShiroFilterConf {
@Bean
public ShiroFilterFactoryBean
getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager
) {
ShiroFilterFactoryBean bean
= new ShiroFilterFactoryBean();
LinkedHashMap
<String, Filter> linkedHashMap
= new LinkedHashMap<>();
linkedHashMap
.put("authc", new MyFormAuthenticationFilter());
bean
.setFilters(linkedHashMap
);
bean
.setSecurityManager(defaultWebSecurityManager
);
ConcurrentHashMap
<String, String> map
= new ConcurrentHashMap<>();
map
.put("/personnel_gm/**", "authc");
map
.put("/product/**", "authc");
map
.put("/statistics_offer/**", "authc");
bean
.setFilterChainDefinitionMap(map
);
//其他资源都需要认证 authc 表示需要认证才能进行访问 user表示配置记住我或认证通过可以访问的地址
return bean
;
}
@Bean(name
= "securityManager")
public DefaultWebSecurityManager
getDefaultWebSecurityManager(@Qualifier("userRealm") MyRealm userRealm
) {
DefaultWebSecurityManager securityManager
= new DefaultWebSecurityManager();
securityManager
.setRealm(userRealm
);
securityManager
.setSessionManager(sessionManager());
securityManager
.setCacheManager(cacheManager());
return securityManager
;
}
@Bean
public MyRealm
userRealm() {
MyRealm userRealm
= new MyRealm();
return userRealm
;
}
@Bean
public DefaultWebSessionManager
sessionManager() {
CustomSessionManager sessionManager
= new CustomSessionManager();
sessionManager
.setSessionDAO(redisSessionDAO());
Cookie sessionIdCookie
= sessionManager
.getSessionIdCookie();
sessionIdCookie
.setPath("/");
sessionManager
.setSessionIdCookie(sessionIdCookie
);
return sessionManager
;
}
public RedisManager
getRedisManager() {
RedisManager redisManager
= new RedisManager();
redisManager
.setHost("192.168.0.1:6379");
redisManager
.setPassword("123456");
return redisManager
;
}
public RedisCacheManager
cacheManager() {
RedisCacheManager redisCacheManager
= new RedisCacheManager();
redisCacheManager
.setRedisManager(getRedisManager());
redisCacheManager
.setExpire(60*60*24*360*5);
redisCacheManager
.setKeyPrefix("ihrm:shiro:cache:");
return redisCacheManager
;
}
public RedisSessionDAO
redisSessionDAO() {
RedisSessionDAO redisSessionDAO
= new RedisSessionDAO();
redisSessionDAO
.setRedisManager(getRedisManager());
redisSessionDAO
.setExpire(60*60*24*360*5);
redisSessionDAO
.setKeyPrefix("ihrm:shiro:session:");
return redisSessionDAO
;
}
@Bean
public LifecycleBeanPostProcessor
lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public AuthorizationAttributeSourceAdvisor
authorizationAttributeSourceAdvisor(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager
) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor
= new
AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor
.setSecurityManager(defaultWebSecurityManager
);
return authorizationAttributeSourceAdvisor
;
}
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator
getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator
= new
DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator
.setUsePrefix(true);
return defaultAdvisorAutoProxyCreator
;
}
}
一、创建自定义授权过滤器
import org
.apache
.shiro
.web
.filter
.authc
.FormAuthenticationFilter
;
import org
.json
.JSONObject
;
import quantity
.knowledgebase
.util
.HttpGetIpUtil
;
import javax
.servlet
.ServletRequest
;
import javax
.servlet
.ServletResponse
;
import javax
.servlet
.http
.Cookie
;
import javax
.servlet
.http
.HttpServletRequest
;
import javax
.servlet
.http
.HttpServletResponse
;
import java
.io
.PrintWriter
;
public class MyFormAuthenticationFilter extends FormAuthenticationFilter {
@Override
protected boolean onAccessDenied(ServletRequest request
, ServletResponse response
) throws Exception
{
System
.out
.println("验证失败");
HttpServletResponse httpServletResponse
= (HttpServletResponse
) response
;
httpServletResponse
.setStatus(200);
httpServletResponse
.setContentType("application/json;charset=utf-8");
PrintWriter out
= httpServletResponse
.getWriter();
JSONObject json
= new JSONObject();
json
.put("code", -1);
json
.put("msg", "登录已失效,请重新登录!");
out
.println(json
);
out
.flush();
out
.close();
return false;
}
}
