修改铁东林业shiro版本及获取动态秘钥

leiSP-framework/src/main/java/com/sooka/framework/config/ShiroConfig.java

@@ -5,6 +5,8 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.util.LinkedHashMap;
 import java.util.Map;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
 import javax.servlet.Filter;
 import org.apache.commons.io.IOUtils;
 import org.apache.shiro.cache.ehcache.EhCacheManager;
@@ -368,7 +370,7 @@ public class ShiroConfig
     {
         CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
         cookieRememberMeManager.setCookie(rememberMeCookie());
-        cookieRememberMeManager.setCipherKey(Base64.decode(cipherKey));
+        cookieRememberMeManager.setCipherKey(getCipherKey());
         return cookieRememberMeManager;
     }
 
@@ -409,4 +411,16 @@ public class ShiroConfig
         authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
         return authorizationAttributeSourceAdvisor;
     }
+
+    private byte[] getCipherKey() {
+        try {
+            KeyGenerator keygen = KeyGenerator.getInstance("AES");
+            SecretKey deskey = keygen.generateKey();
+//            System.out.println(Base64.encodeToString(deskey.getEncoded()));
+            return Base64.decode(deskey.getEncoded());
+        } catch (Exception e) {
+            e.printStackTrace();
+            return Base64.decode(cipherKey);
+        }
+    }
 }

pom.xml

@@ -17,7 +17,8 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
-        <shiro.version>1.5.3</shiro.version>
+        <!--<shiro.version>1.5.3</shiro.version>-->
+        <shiro.version>1.7.1</shiro.version>
         <thymeleaf.extras.shiro.version>2.0.0</thymeleaf.extras.shiro.version>
         <mybatis.boot.version>1.3.2</mybatis.boot.version>
         <druid.version>1.1.14</druid.version>