Merge branch 'master' of http://10.153.19.25:10101/r/CanadaMes

wu

2023-11-30 0ece3ba8c92df0438af52b8de6b9225d8ada4103

 springboot-vue3/src/main/java/com/example/springboot/security/config/ShiroConfig.java

@@ -1,5 +1,5 @@
package com.example.springboot.security.config;

 
import com.example.springboot.security.JWTRealm;
import com.example.springboot.security.NoSessionFilter;
import com.example.springboot.security.StatelessDefaultSubjectFactory;
@@ -18,17 +18,17 @@
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

 
import javax.servlet.Filter;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

 
@Configuration
public class ShiroConfig {


 
 
    /**
     * Shiro生命周期处理器
     *
@@ -38,7 +38,7 @@
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

 
    /**
     * 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证
     * DefaultAdvisorAutoProxyCreator的顺序必须在shiroFilterFactoryBean之前，不然SecurityUtils.getSubject().getPrincipal()获取不到参数
@@ -52,24 +52,24 @@
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }

 
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultSecurityManager());
        return authorizationAttributeSourceAdvisor;
    }

 
    @Bean(name = "shiroFilterFactoryBean")
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager());

 
        // 过滤规则
        Map<String, String> linkedHashMap = new LinkedHashMap<>();
        // 无状态登录情况下关闭了shiro中的session，导致所有需要加上authc接口请求时候都会报错，
        // 所以使用@RequiresRoles,@RequiresPermissions注解,aop方式实现接口的权限校验

 
        /* 添加shiro的内置过滤器，自定义url规则
         * Shiro自带拦截器配置规则
         * rest：比如/admins/user/**=rest[user],根据请求的方法，相当于/admins/user/**=perms[user：method] ,其中method为post，get，delete等
@@ -110,7 +110,7 @@
//        // 授权的权限
//        linkedHashMap.put("/api/rolePermission/saveOrUpdate", "perms[rolePermission:add]");
//        linkedHashMap.put("/api/rolePermission/removeByIds", "perms[rolePermission:delete]");

 
        // 自定义过滤器
        HashMap<String, Filter> filterHashMap = new HashMap<>();
        filterHashMap.put("jwt", new NoSessionFilter());
@@ -120,7 +120,7 @@
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        return shiroFilterFactoryBean;
    }

 
    @Bean
    public DefaultWebSecurityManager defaultSecurityManager() {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
@@ -134,7 +134,7 @@
        defaultWebSecurityManager.setSubjectFactory(subjectFactory());
        return defaultWebSecurityManager;
    }

 
    /**
     * 登录的认证和授权
     *
@@ -146,7 +146,7 @@
        userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return userRealm;
    }

 
    /**
     * token的认证和授权
     *
@@ -156,12 +156,12 @@
    public JWTRealm jwtRealm() {
        return new JWTRealm();
    }

 
    @Bean
    public StatelessDefaultSubjectFactory subjectFactory() {
        return new StatelessDefaultSubjectFactory();
    }

 
    /*
     * 凭证匹配器 由于我们的密码校验交给Shiro的SimpleAuthenticationInfo进行处理了
     */
@@ -172,7 +172,7 @@
        hashedCredentialsMatcher.setHashIterations(1024);// 散列的次数，比如散列两次，相当于MD5(MD5(""));
        return hashedCredentialsMatcher;
    }

 
    @Bean
    public CookieRememberMeManager cookieRememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();