| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124 |
- <?xml version="1.0" encoding="UTF-8"?>
- <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd"
- default-lazy-init="true">
- <description>Shiro Configuration</description>
- <!-- 加载配置属性文件 -->
- <context:property-placeholder ignore-unresolvable="true" location="classpath:/properties/jeeplus.properties" />
-
- <!-- Shiro权限过滤过滤器定义 -->
- <bean name="shiroFilterChainDefinitions" class="java.lang.String">
- <constructor-arg>
- <value>
- /static/** = anon
- /userfiles/** = anon
- ${adminPath}/sys/file/** = anon
- ${adminPath}/sys/user/infoCareStatus = anon
- ${adminPath}/sys/user/validateLoginName = anon
- ${adminPath}/sys/user/validateMobile = anon
- ${adminPath}/sys/user/validateMobileExist = anon
- ${adminPath}/sys/user/resetPassword = anon
- ${adminPath}/sys/register = anon
- ${adminPath}/sys/register/registerUser = anon
- ${adminPath}/sys/register/getRegisterCode = anon
- ${adminPath}/sys/register/validateMobileCode = anon
- ${adminPath}/soft/sysVersion/getAndroidVer = anon
- ${adminPath}/soft/sysVersion/getIosVer = anon
- ${adminPath}/tag/fileUpload = anon
- ${adminPath}/talent/news/talentNews/data = anon
- ${adminPath}/tag/treeselect = anon
- ${adminPath}/sys/office/treeData = anon
- ${adminPath}/cas = cas
- ${adminPath}/login = authc
- ${adminPath}/logout = anon
- ${adminPath}/** = user
- /act/rest/service/editor/** = perms[act:model:edit]
- /act/rest/service/model/** = perms[act:model:edit]
- /act/rest/service/** = user
- /ReportServer/** = user
- /filetag/** = anon
- </value>
- </constructor-arg>
- </bean>
-
- <!-- 安全认证过滤器 -->
- <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
- <property name="securityManager" ref="securityManager" /><!--
- <property name="loginUrl" value="${cas.server.url}?service=${cas.project.url}${adminPath}/cas" /> -->
- <property name="loginUrl" value="${adminPath}/login" />
- <property name="successUrl" value="${adminPath}?login" />
- <property name="filters">
- <map>
- <entry key="cas" value-ref="casFilter"/>
- <entry key="authc" value-ref="formAuthenticationFilter"/>
- </map>
- </property>
- <property name="filterChainDefinitions">
- <ref bean="shiroFilterChainDefinitions"/>
- </property>
- </bean>
-
- <!-- CAS认证过滤器 -->
- <bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
- <property name="failureUrl" value="${adminPath}/login"/>
- </bean>
-
- <!-- 定义Shiro安全管理配置 -->
- <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
- <property name="realm" ref="systemAuthorizingRealm" />
- <property name="sessionManager" ref="sessionManager" />
- <property name="cacheManager" ref="shiroCacheManager" />
- </bean>
-
- <!-- 自定义会话管理配置 -->
- <bean id="sessionManager" class="com.jeeplus.core.security.shiro.session.SessionManager">
- <property name="sessionDAO" ref="sessionDAO"/>
-
- <!-- 会话超时时间,单位:毫秒 -->
- <property name="globalSessionTimeout" value="${session.sessionTimeout}"/>
-
- <!-- 定时清理失效会话, 清理用户直接关闭浏览器造成的孤立会话 -->
- <property name="sessionValidationInterval" value="${session.sessionTimeoutClean}"/>
- <!-- <property name="sessionValidationSchedulerEnabled" value="false"/> -->
- <property name="sessionValidationSchedulerEnabled" value="true"/>
-
- <property name="sessionIdCookie" ref="sessionIdCookie"/>
- <property name="sessionIdCookieEnabled" value="true"/>
- </bean>
-
- <!-- 指定本系统SESSIONID, 默认为: JSESSIONID 问题: 与SERVLET容器名冲突, 如JETTY, TOMCAT 等默认JSESSIONID,
- 当跳出SHIRO SERVLET时如ERROR-PAGE容器会为JSESSIONID重新分配值导致登录会话丢失! -->
- <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
- <constructor-arg name="name" value="jeeplus.session.id"/>
- </bean>
- <!-- 自定义Session存储容器 -->
- <bean id="sessionDAO" class="com.jeeplus.core.security.shiro.session.CacheSessionDAO">
- <property name="sessionIdGenerator" ref="idGen" />
- <property name="activeSessionsCacheName" value="activeSessionsCache" />
- <property name="cacheManager" ref="shiroCacheManager" />
- </bean>
-
- <!-- 定义授权缓存管理器 -->
- <!-- <bean id="shiroCacheManager" class="com.jeeplus.core.security.shiro.cache.SessionCacheManager" /> -->
- <bean id="shiroCacheManager" class="org.nutz.j2cache.shiro.J2CacheManager">
- </bean>
-
- <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
- <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
-
- <!-- AOP式方法级权限检查 -->
- <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
- <property name="proxyTargetClass" value="true" />
- </bean>
- <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
- <property name="securityManager" ref="securityManager"/>
- </bean>
-
- </beans>
|
