|
@@ -12,19 +12,19 @@ import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
|
12
|
12
|
import org.apache.shiro.mgt.SecurityManager;
|
13
|
13
|
import org.apache.shiro.mgt.SessionStorageEvaluator;
|
14
|
14
|
import org.apache.shiro.realm.Realm;
|
|
15
|
+import org.apache.shiro.session.mgt.DefaultSessionManager;
|
|
16
|
+import org.apache.shiro.session.mgt.SessionManager;
|
15
|
17
|
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
|
16
|
18
|
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
|
17
|
19
|
import org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator;
|
18
|
20
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
19
|
21
|
import org.springframework.context.annotation.Bean;
|
20
|
|
-import org.springframework.context.annotation.Configuration;
|
21
|
22
|
|
22
|
23
|
import com.yaozhitech.spring5.filter.AnyRolesAuthorizationFilter;
|
23
|
24
|
import com.yaozhitech.spring5.filter.JwtAuthFilter;
|
24
|
25
|
import com.yaozhitech.spring5.jwt.JWTShiroRealm;
|
25
|
26
|
import com.yaozhitech.spring5.service.UserService;
|
26
|
27
|
|
27
|
|
-@Configuration
|
28
|
28
|
public abstract class ShiroConfiguration {
|
29
|
29
|
/**
|
30
|
30
|
* 注册shiro的Filter,拦截请求
|
|
@@ -59,7 +59,7 @@ public abstract class ShiroConfiguration {
|
59
|
59
|
sessionStorageEvaluator.setSessionStorageEnabled(false);
|
60
|
60
|
return sessionStorageEvaluator;
|
61
|
61
|
}
|
62
|
|
-
|
|
62
|
+
|
63
|
63
|
/**
|
64
|
64
|
* 用于JWT token认证的realm
|
65
|
65
|
*/
|
|
@@ -72,6 +72,7 @@ public abstract class ShiroConfiguration {
|
72
|
72
|
/**
|
73
|
73
|
* 设置过滤器,将自定义的Filter加入
|
74
|
74
|
*/
|
|
75
|
+ @Bean
|
75
|
76
|
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager, UserService userService) {
|
76
|
77
|
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
|
77
|
78
|
factoryBean.setSecurityManager(securityManager);
|