<\/p>\n
1.web.xml\u4e2d\u914d\u7f6eshiro\u7684\u8fc7\u6ee4\u5668<\/p>\n
<!-- shiro \u5b89\u5168\u8fc7\u6ee4\u5668 -->\n <!-- The filter-name matches name of a 'shiroFilter' bean inside applicationContext.xml -->\n <filter>\n <filter-name>shiroFilter<\/filter-name>\n <filter-class>org.springframework.web.filter.DelegatingFilterProxy<\/filter-class>\n <async-supported>true<\/async-supported>\n <init-param>\n <param-name>targetFilterLifecycle<\/param-name>\n <param-value>true<\/param-value>\n <\/init-param>\n <\/filter>\n\n <!-- Make sure any request you want accessible to Shiro is filtered. \/* catches all -->\n <!-- requests. Usually this filter mapping is defined first (before all others) to -->\n <!-- ensure that Shiro works in subsequent filters in the filter chain: -->\n <filter-mapping>\n <filter-name>shiroFilter<\/filter-name>\n <url-pattern>\/*<\/url-pattern>\n <\/filter-mapping><\/pre>\n2.spring-shiro.xml<\/p>\n
<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<beans xmlns=\"http:\/\/www.springframework.org\/schema\/beans\"\n xmlns:util=\"http:\/\/www.springframework.org\/schema\/util\"\n xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:aop=\"http:\/\/www.springframework.org\/schema\/aop\"\n xsi:schemaLocation=\"http:\/\/www.springframework.org\/schema\/beans http:\/\/www.springframework.org\/schema\/beans\/spring-beans.xsd\n http:\/\/www.springframework.org\/schema\/util http:\/\/www.springframework.org\/schema\/util\/spring-util.xsd http:\/\/www.springframework.org\/schema\/aop http:\/\/www.springframework.org\/schema\/aop\/spring-aop.xsd\">\n <!-- \u7f13\u5b58\u7ba1\u7406\u5668 \u4f7f\u7528Ehcache\u5b9e\u73b0 -->\n <aop:config proxy-target-class=\"true\"\/>\n\n <bean class=\"org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator\"\n depends-on=\"lifecycleBeanPostProcessor\">\n <property name=\"proxyTargetClass\" value=\"true\"\/>\n <\/bean>\n\n <!-- Shiro\u751f\u547d\u5468\u671f\u5904\u7406\u5668-->\n <bean id=\"lifecycleBeanPostProcessor\" class=\"org.apache.shiro.spring.LifecycleBeanPostProcessor\"\/>\n\n <bean class=\"org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor\">\n <property name=\"securityManager\" ref=\"securityManager\"\/>\n <\/bean>\n\n\n <bean id=\"ehCacheManager\" class=\"org.springframework.cache.ehcache.EhCacheManagerFactoryBean\">\n <property name=\"configLocation\" value=\"classpath:ehcache.xml\"\/>\n <property name=\"shared\" value=\"true\"><\/property>\n <\/bean>\n\n <bean id=\"cacheManager\" class=\"org.apache.shiro.cache.ehcache.EhCacheManager\">\n <property name=\"cacheManager\" ref=\"ehCacheManager\"\/>\n <\/bean>\n <!-- \u51ed\u8bc1\u5339\u914d\u5668 -->\n <bean id=\"credentialsMatcher\"\n class=\"com.jiaqiang.pop.auth.credentials.RetryLimitHashedCredentialsMatcher\">\n <constructor-arg ref=\"cacheManager\"\/>\n <property name=\"hashAlgorithmName\" value=\"md5\"\/>\n <property name=\"hashIterations\" value=\"2\"\/>\n <property name=\"storedCredentialsHexEncoded\" value=\"true\"\/>\n <\/bean>\n\n <!-- Realm\u5b9e\u73b0 -->\n <bean id=\"userRealm\" class=\"com.jiaqiang.pop.auth.realm.UserRealm\">\n <property name=\"userService\" ref=\"userService\"\/>\n <property name=\"credentialsMatcher\" ref=\"credentialsMatcher\"\/>\n <property name=\"cachingEnabled\" value=\"true\"\/>\n <property name=\"authenticationCacheName\" value=\"authenticationCache\"\/>\n <property name=\"authorizationCacheName\" value=\"authorizationCache\"\/>\n <property name=\"authenticationCachingEnabled\" value=\"true\"\/>\n <property name=\"authorizationCachingEnabled\" value=\"true\"\/>\n <\/bean>\n\n <!-- \u4f1a\u8bddID\u751f\u6210\u5668 -->\n <bean id=\"sessionIdGenerator\" class=\"org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator\"\/>\n\n <!-- \u4f1a\u8bddCookie\u6a21\u677f -->\n <bean id=\"sessionIdCookie\" class=\"org.apache.shiro.web.servlet.SimpleCookie\">\n <constructor-arg value=\"sid\"\/>\n <property name=\"httpOnly\" value=\"true\"\/>\n <property name=\"maxAge\" value=\"-1\"\/>\n <\/bean>\n <bean id=\"rememberMeCookie\" class=\"org.apache.shiro.web.servlet.SimpleCookie\">\n <constructor-arg value=\"rememberMe\"\/>\n <property name=\"httpOnly\" value=\"true\"\/>\n <property name=\"path\" value=\"\/\"\/>\n <property name=\"maxAge\" value=\"2592000\"\/><!-- 30\u5929-->\n <\/bean>\n\n <!-- rememberMe\u7ba1\u7406\u5668-->\n <bean id=\"rememberMeManager\"\n class=\"org.apache.shiro.web.mgt.CookieRememberMeManager\">\n <property name=\"cipherKey\" value=\"#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}\"\/>\n <property name=\"cookie\" ref=\"rememberMeCookie\"\/>\n <\/bean>\n\n <!-- \u4f1a\u8bddDAO -->\n <bean id=\"sessionDAO\" class=\"org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO\">\n <property name=\"activeSessionsCacheName\" value=\"shiro-activeSessionCache\"\/>\n <property name=\"sessionIdGenerator\" ref=\"sessionIdGenerator\"\/>\n <\/bean>\n\n <!-- \u4f1a\u8bdd\u9a8c\u8bc1\u8c03\u5ea6\u5668 -->\n <bean id=\"sessionValidationScheduler\" class=\"org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler\">\n <property name=\"sessionValidationInterval\" value=\"1800000\"\/>\n <property name=\"sessionManager\" ref=\"sessionManager\"\/>\n <\/bean>\n\n <!-- \u4f1a\u8bdd\u7ba1\u7406\u5668 -->\n <bean id=\"sessionManager\" class=\"org.apache.shiro.web.session.mgt.DefaultWebSessionManager\">\n <property name=\"globalSessionTimeout\" value=\"1800000\"\/>\n <property name=\"deleteInvalidSessions\" value=\"true\"\/>\n <property name=\"sessionValidationSchedulerEnabled\" value=\"true\"\/>\n <property name=\"sessionValidationScheduler\" ref=\"sessionValidationScheduler\"\/>\n <property name=\"sessionDAO\" ref=\"sessionDAO\"\/>\n <property name=\"sessionIdCookieEnabled\" value=\"true\"\/>\n <property name=\"sessionIdCookie\" ref=\"sessionIdCookie\"\/>\n <\/bean>\n\n <!-- \u5b89\u5168\u7ba1\u7406\u5668 -->\n <bean id=\"securityManager\" class=\"org.apache.shiro.web.mgt.DefaultWebSecurityManager\">\n <property name=\"realm\" ref=\"userRealm\"\/>\n <property name=\"sessionManager\" ref=\"sessionManager\"\/>\n <property name=\"cacheManager\" ref=\"cacheManager\"\/>\n <property name=\"rememberMeManager\" ref=\"rememberMeManager\"\/>\n <\/bean>\n\n <!-- \u76f8\u5f53\u4e8e\u8c03\u7528SecurityUtils.setSecurityManager(securityManager) -->\n <bean class=\"org.springframework.beans.factory.config.MethodInvokingFactoryBean\">\n <property name=\"staticMethod\" value=\"org.apache.shiro.SecurityUtils.setSecurityManager\"\/>\n <property name=\"arguments\" ref=\"securityManager\"\/>\n <\/bean>\n\n <!-- \u57fa\u4e8eForm\u8868\u5355\u7684\u8eab\u4efd\u9a8c\u8bc1\u8fc7\u6ee4\u5668 -->\n <bean id=\"formAuthenticationFilter\" class=\"com.jiaqiang.pop.auth.realm.FormAuthenticationCaptchaFilter\">\n <property name=\"usernameParam\" value=\"username\"\/>\n <property name=\"passwordParam\" value=\"password\"\/>\n <property name=\"loginUrl\" value=\"\/login\"\/>\n <property name=\"rememberMeParam\" value=\"rememberMe\"\/>\n <property name=\"successUrl\" value=\"\/control\/index\"\/>\n <property name=\"captchaParam\" value=\"code\"\/>\n <\/bean>\n\n <bean id=\"sysUserFilter\" class=\"com.jiaqiang.pop.filter.SysUserFilter\"\/>\n <!-- Shiro\u7684Web\u8fc7\u6ee4\u5668 -->\n <bean id=\"shiroFilter\" class=\"org.apache.shiro.spring.web.ShiroFilterFactoryBean\">\n <property name=\"securityManager\" ref=\"securityManager\"\/>\n <property name=\"loginUrl\" value=\"\/login\"\/>\n <property name=\"unauthorizedUrl\" value=\"\/unauthorized.jsp\"\/>\n <property name=\"successUrl\" value=\"\/control\/index\"\/>\n <property name=\"filters\">\n <util:map>\n <entry key=\"authc\" value-ref=\"formAuthenticationFilter\"\/>\n <entry key=\"sysUser\" value-ref=\"sysUserFilter\"\/>\n <\/util:map>\n <\/property>\n <property name=\"filterChainDefinitions\">\n <value>\n \/static\/**=anon\n \/diagram-viewer\/**=anon\n \/editor-app\/**=anon\n \/modeler.html=anon\n \/favicon.ico=anon\n \/captcha-image.do = anon\n \/index.jsp = anon\n \/unauthorized.jsp = anon\n \/login = authc\n \/logout = logout\n \/** =authc,sysUser,user,perms,roles\n <!-- \/** = authc,sysUser,user,perms,roles-->\n <\/value>\n <\/property>\n <\/bean>\n<\/beans><\/pre>\n<\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[30,36],"tags":[],"class_list":["post-604","post","type-post","status-publish","format-standard","hentry","category-spring","category-web"],"_links":{"self":[{"href":"https:\/\/www.dd-home.top\/index.php?rest_route=\/wp\/v2\/posts\/604","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dd-home.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dd-home.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dd-home.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dd-home.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=604"}],"version-history":[{"count":0,"href":"https:\/\/www.dd-home.top\/index.php?rest_route=\/wp\/v2\/posts\/604\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.dd-home.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=604"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dd-home.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=604"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dd-home.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=604"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}