package com.xujie.sys.config; import com.xujie.sys.modules.sys.oauth2.OAuth2Filter; import com.xujie.sys.modules.sys.oauth2.OAuth2Realm; import jakarta.servlet.Filter; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.spring.LifecycleBeanPostProcessor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; /** * Shiro配置 * * */ @Configuration public class ShiroConfig { @Bean("securityManager") public SecurityManager securityManager(OAuth2Realm oAuth2Realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(oAuth2Realm); securityManager.setRememberMeManager(null); return securityManager; } @Bean("shiroFilter") public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean(); shiroFilter.setSecurityManager(securityManager); //oauth过滤 Map filters = new HashMap<>(); filters.put("oauth2", new OAuth2Filter()); shiroFilter.setFilters(filters); Map filterMap = new LinkedHashMap<>(); // 刷新接口 filterMap.put("/tcp", "anon"); filterMap.put("/ckp-file/**", "anon"); filterMap.put("/oss/2/**", "anon"); filterMap.put("/oss/previewOssFile", "anon"); // filterMap.put("/**", "authc"); filterMap.put("/webjars/**", "anon"); filterMap.put("/druid/**", "anon"); filterMap.put("/app/**", "anon"); filterMap.put("/sys/login", "anon"); filterMap.put("/sys/loginToken", "anon"); filterMap.put("/base/getSiteData", "anon"); filterMap.put("/swagger/**", "anon"); filterMap.put("/v2/api-docs", "anon"); filterMap.put("/swagger-ui.html", "anon"); filterMap.put("/swagger-resources/**", "anon"); filterMap.put("/captcha.jpg", "anon"); filterMap.put("/aaa.txt", "anon"); filterMap.put("/login", "anon"); filterMap.put("/collect/record/list/item", "anon"); filterMap.put("/collect/info/base", "anon"); filterMap.put("/js/**", "anon"); filterMap.put("/css/**", "anon"); filterMap.put("/pda/**", "anon"); filterMap.put("/favicon.ico", "anon"); filterMap.put("/bootstrap/**", "anon"); filterMap.put("/**", "oauth2"); shiroFilter.setFilterChainDefinitionMap(filterMap); shiroFilter.setLoginUrl("/login"); //错误页面,认证不通过跳转 shiroFilter.setUnauthorizedUrl("/login"); return shiroFilter; } /** * Shiro 生命周期处理器 * * ⚠️ 必须声明为 static 方法(Shiro 1.13.0 要求) */ @Bean("lifecycleBeanPostProcessor") public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() { return new LifecycleBeanPostProcessor(); } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor; } }