2017.2.13 开涛shiro教程-第十二章-与Spring集成(一)配置文件详解
原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398
根据下载的pdf学习。
第十二章-与Spring集成(一)配置文件详解
1.pom.xml
1 junit 2 3 common-logging 4 common-collections 5 6 shiro-core 7 shiro-web 8 shiro-ehcache 9 shiro-quartz 10 shiro-spring 11 12 spring-context 13 spring-aop 14 spring-jdbc 15 spring-web 16 spring-webmvc 17 spring-test 18 19 mysql-connector-java 20 druid 21 22 javax.servlet-api 23 javax.servlet-jsp 24 25 aspectjrt 26 aspectjweaver
1 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 2 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 3 <parent> 4 <artifactId>shiro-example</artifactId> 5 <groupId>com.github.zhangkaitao</groupId> 6 <version>1.0-SNAPSHOT</version> 7 </parent> 8 <modelVersion>4.0.0</modelVersion> 9 <artifactId>shiro-example-chapter12</artifactId> 10 <packaging>war</packaging> 11 <name>shiro-example-chapter12</name> 12 <url>http://maven.apache.org</url> 13 14 <dependencies> 15 <dependency> 16 <groupId>junit</groupId> 17 <artifactId>junit</artifactId> 18 <version>4.9</version> 19 <scope>test</scope> 20 </dependency> 21 <dependency> 22 <groupId>org.springframework</groupId> 23 <artifactId>spring-test</artifactId> 24 <version>4.0.0.RELEASE</version> 25 <scope>test</scope> 26 </dependency> 27 28 <dependency> 29 <groupId>commons-logging</groupId> 30 <artifactId>commons-logging</artifactId> 31 <version>1.1.3</version> 32 </dependency> 33 <dependency> 34 <groupId>commons-collections</groupId> 35 <artifactId>commons-collections</artifactId> 36 <version>3.2.1</version> 37 </dependency> 38 39 <dependency> 40 <groupId>org.apache.shiro</groupId> 41 <artifactId>shiro-core</artifactId> 42 <version>1.2.2</version> 43 </dependency> 44 45 <dependency> 46 <groupId>org.apache.shiro</groupId> 47 <artifactId>shiro-web</artifactId> 48 <version>1.2.2</version> 49 </dependency> 50 51 <dependency> 52 <groupId>org.apache.shiro</groupId> 53 <artifactId>shiro-ehcache</artifactId> 54 <version>1.2.2</version> 55 </dependency> 56 57 <dependency> 58 <groupId>org.apache.shiro</groupId> 59 <artifactId>shiro-quartz</artifactId> 60 <version>1.2.2</version> 61 </dependency> 62 63 <dependency> 64 <groupId>org.apache.shiro</groupId> 65 <artifactId>shiro-spring</artifactId> 66 <version>1.2.2</version> 67 </dependency> 68 69 70 <dependency> 71 <groupId>mysql</groupId> 72 <artifactId>mysql-connector-java</artifactId> 73 <version>5.1.25</version> 74 </dependency> 75 <dependency> 76 <groupId>com.alibaba</groupId> 77 <artifactId>druid</artifactId> 78 <version>0.2.23</version> 79 </dependency> 80 81 <dependency> 82 <groupId>javax.servlet</groupId> 83 <artifactId>javax.servlet-api</artifactId> 84 <version>3.0.1</version> 85 <scope>provided</scope> 86 </dependency> 87 <dependency> 88 <groupId>javax.servlet.jsp</groupId> 89 <artifactId>jsp-api</artifactId> 90 <version>2.2</version> 91 </dependency> 92 <dependency> 93 <groupId>javax.servlet</groupId> 94 <artifactId>jstl</artifactId> 95 <version>1.2</version> 96 </dependency> 97 98 99 <!-- aspectj相关jar包--> 100 <dependency> 101 <groupId>org.aspectj</groupId> 102 <artifactId>aspectjrt</artifactId> 103 <version>1.7.4</version> 104 </dependency> 105 <dependency> 106 <groupId>org.aspectj</groupId> 107 <artifactId>aspectjweaver</artifactId> 108 <version>1.7.4</version> 109 </dependency> 110 111 <dependency> 112 <groupId>org.springframework</groupId> 113 <artifactId>spring-context</artifactId> 114 <version>4.0.0.RELEASE</version> 115 </dependency> 116 117 <dependency> 118 <groupId>org.springframework</groupId> 119 <artifactId>spring-aop</artifactId> 120 <version>4.0.0.RELEASE</version> 121 </dependency> 122 123 124 <dependency> 125 <groupId>org.springframework</groupId> 126 <artifactId>spring-jdbc</artifactId> 127 <version>4.0.0.RELEASE</version> 128 </dependency> 129 130 <dependency> 131 <groupId>org.springframework</groupId> 132 <artifactId>spring-web</artifactId> 133 <version>4.0.0.RELEASE</version> 134 </dependency> 135 136 <dependency> 137 <groupId>org.springframework</groupId> 138 <artifactId>spring-webmvc</artifactId> 139 <version>4.0.0.RELEASE</version> 140 </dependency> 141 142 143 </dependencies> 144 145 <build> 146 <finalName>chapter12</finalName> 147 <plugins> 148 <plugin> 149 <groupId>org.mortbay.jetty</groupId> 150 <artifactId>jetty-maven-plugin</artifactId> 151 <version>8.1.8.v20121106</version> 152 <configuration> 153 <webAppConfig> 154 <contextPath>/${project.build.finalName}</contextPath> 155 </webAppConfig> 156 </configuration> 157 </plugin> 158 159 <plugin> 160 <groupId>org.apache.tomcat.maven</groupId> 161 <artifactId>tomcat7-maven-plugin</artifactId> 162 <version>2.2</version> 163 <configuration> 164 <path>/${project.build.finalName}</path> 165 </configuration> 166 167 </plugin> 168 </plugins> 169 170 171 </build> 172 173 </project>
2.web.xml
1 Spring配置 2 涉及配置文件: classpath:spring-beans.xml,classpath:spring-shiro-web.xml 4 ShiroFilter配置 5 Springmvc 配置 6 涉及配置文件:classpath:spring-mvc.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <web-app 3 xmlns="http://java.sun.com/xml/ns/javaee" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 5 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 6 version="3.0" 7 metadata-complete="false"> 8 9 <!-- Spring配置文件开始 --> 10 <context-param> 11 <param-name>contextConfigLocation</param-name> 12 <param-value> 13 classpath:spring-beans.xml, 14 classpath:spring-shiro-web.xml 15 </param-value> 16 </context-param> 17 <listener> 18 <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 19 </listener> 20 <!-- Spring配置文件结束 --> 21 22 <!-- shiro 安全过滤器 --> 23 <!-- The filter-name matches name of a 'shiroFilter' bean inside applicationContext.xml --> 24 <filter> 25 <filter-name>shiroFilter</filter-name> 26 <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 27 <async-supported>true</async-supported> 28 <init-param> 29 <param-name>targetFilterLifecycle</param-name> 30 <param-value>true</param-value> 31 </init-param> 32 </filter> 33 34 <filter-mapping> 35 <filter-name>shiroFilter</filter-name> 36 <url-pattern>/*</url-pattern> 37 </filter-mapping> 38 39 <!--spring mvc--> 40 <servlet> 41 <servlet-name>spring</servlet-name> 42 <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 43 <init-param> 44 <param-name>contextConfigLocation</param-name> 45 <param-value>classpath:spring-mvc.xml</param-value> 46 </init-param> 47 <load-on-startup>1</load-on-startup> 48 <async-supported>true</async-supported> 49 </servlet> 50 <servlet-mapping> 51 <servlet-name>spring</servlet-name> 52 <url-pattern>/</url-pattern> 53 </servlet-mapping> 54 55 56 </web-app>
3.spring-beans.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 4 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> 5 6 <!-- 数据库连接池 --> 7 <bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource"> 8 <property name="driverClassName" value="com.mysql.jdbc.Driver"/> 9 <property name="url" value="jdbc:mysql://localhost:3306/shiro"/> 10 <property name="username" value="root"/> 11 <property name="password" value=""/> 12 </bean> 13 14 <!-- Base DAO --> 15 <bean id="baseDao" abstract="true"> 16 <property name="dataSource" ref="dataSource"/> 17 </bean> 18 19 <!-- DAO --> 20 <bean id="permissionDao" class="com.github.zhangkaitao.shiro.chapter12.dao.PermissionDaoImpl" parent="baseDao"/> 21 <bean id="roleDao" class="com.github.zhangkaitao.shiro.chapter12.dao.RoleDaoImpl" parent="baseDao"/> 22 <bean id="userDao" class="com.github.zhangkaitao.shiro.chapter12.dao.UserDaoImpl" parent="baseDao"/> 23 24 <!-- Service --> 25 <bean id="permissionService" class="com.github.zhangkaitao.shiro.chapter12.service.PermissionServiceImpl"> 26 <property name="permissionDao" ref="permissionDao"/> 27 </bean> 28 29 <bean id="roleService" class="com.github.zhangkaitao.shiro.chapter12.service.RoleServiceImpl"> 30 <property name="roleDao" ref="roleDao"/> 31 </bean> 32 33 <bean id="passwordHelper" class="com.github.zhangkaitao.shiro.chapter12.service.PasswordHelper"> 34 <property name="algorithmName" value="md5"/> 35 <property name="hashIterations" value="2"/> 36 </bean> 37 38 <bean id="userService" class="com.github.zhangkaitao.shiro.chapter12.service.UserServiceImpl"> 39 <property name="userDao" ref="userDao"/> 40 <property name="passwordHelper" ref="passwordHelper"/> 41 </bean> 42 43 44 </beans>
4.spring-shiro.xml
提供了普通JavaSE独立应用的spring-shiro配置。即只要把之前的ini参数,翻译为此处的spring xml配置方式即可。
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 4 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> 5 6 <!-- 缓存管理器 使用Ehcache实现 --> 7 <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> 8 <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/> 9 </bean> 10 11 <!-- 凭证匹配器 --> 12 <bean id="credentialsMatcher" class="com.github.zhangkaitao.shiro.chapter12.credentials.RetryLimitHashedCredentialsMatcher"> 13 <constructor-arg ref="cacheManager"/> 14 <property name="hashAlgorithmName" value="md5"/> 15 <property name="hashIterations" value="2"/> 16 <property name="storedCredentialsHexEncoded" value="true"/> 17 </bean> 18 19 <!-- Realm实现 --> 20 <bean id="userRealm" class="com.github.zhangkaitao.shiro.chapter12.realm.UserRealm"> 21 <property name="userService" ref="userService"/> 22 <property name="credentialsMatcher" ref="credentialsMatcher"/> 23 <property name="cachingEnabled" value="true"/> 24 <property name="authenticationCachingEnabled" value="true"/> 25 <property name="authenticationCacheName" value="authenticationCache"/> 26 <property name="authorizationCachingEnabled" value="true"/> 27 <property name="authorizationCacheName" value="authorizationCache"/> 28 </bean> 29 30 <!-- 会话ID生成器 --> 31 <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/> 32 <!-- 会话DAO --> 33 <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"> 34 <property name="activeSessionsCacheName" value="shiro-activeSessionCache"/> 35 <property name="sessionIdGenerator" ref="sessionIdGenerator"/> 36 </bean> 37 <!-- 会话验证调度器 --> 38 <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler"> 39 <property name="sessionValidationInterval" value="1800000"/> 40 <property name="sessionManager" ref="sessionManager"/> 41 </bean> 42 <!-- 会话管理器 --> 43 <bean id="sessionManager" class="org.apache.shiro.session.mgt.DefaultSessionManager"> 44 <property name="globalSessionTimeout" value="1800000"/> 45 <property name="deleteInvalidSessions" value="true"/> 46 <property name="sessionValidationSchedulerEnabled" value="true"/> 47 <property name="sessionValidationScheduler" ref="sessionValidationScheduler"/> 48 <property name="sessionDAO" ref="sessionDAO"/> 49 </bean> 50 <!-- 安全管理器 --> 51 <bean id="securityManager" class="org.apache.shiro.mgt.DefaultSecurityManager"> 52 <property name="realms"> 53 <list> 54 <ref bean="userRealm"/> 55 </list> 56 </property> 57 <property name="sessionManager" ref="sessionManager"/> 58 <property name="cacheManager" ref="cacheManager"/> 59 </bean> 60 <!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) --> 61 <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> 62 <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/> 63 <property name="arguments" ref="securityManager"/> 64 </bean> 65 66 <!-- Shiro生命周期处理器--> 67 <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> 68 69 70 </beans>
5.spring-shiro-web.xml
提供了web应用的spring-shiro配置。
1 <!-- 缓存管理器 使用Ehcache实现 -->cacheManager ,涉及配置文件:ehcache.xml 2 <!-- 凭证匹配器 -->credentialsMatcher 3 <!-- Realm实现 -->userRealm 4 5 <!-- 会话ID生成器 -->sessionIdGenerator 6 <!-- 会话Cookie模板 -->sessionIdCookie 7 <!-- 会话DAO -->sessionDAO 8 <!-- 会话验证调度器 -->sessionValidationScheduler 9 <!-- 会话管理器 -->sessionManager 10 11 <!-- 安全管理器 -->securityManager 12 <!-- 基于Form表单的身份验证过滤器 -->formAuthenticationFilter 13 <!-- Shiro的Web过滤器 -->shiroFilter 14 <!-- Shiro生命周期处理器-->lifecycleBeanPostProcessor
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:util="http://www.springframework.org/schema/util" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 5 xsi:schemaLocation=" 6 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 7 http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"> 8 9 <!-- 缓存管理器 使用Ehcache实现 --> 10 <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> 11 <property name="cacheManagerConfigFile" value="classpath:ehcache.xml"/> 12 </bean> 13 14 <!-- 凭证匹配器 --> 15 <bean id="credentialsMatcher" class="com.github.zhangkaitao.shiro.chapter12.credentials.RetryLimitHashedCredentialsMatcher"> 16 <constructor-arg ref="cacheManager"/> 17 <property name="hashAlgorithmName" value="md5"/> 18 <property name="hashIterations" value="2"/> 19 <property name="storedCredentialsHexEncoded" value="true"/> 20 </bean> 21 22 <!-- Realm实现 --> 23 <bean id="userRealm" class="com.github.zhangkaitao.shiro.chapter12.realm.UserRealm"> 24 <property name="userService" ref="userService"/> 25 <property name="credentialsMatcher" ref="credentialsMatcher"/> 26 <property name="cachingEnabled" value="true"/> 27 <property name="authenticationCachingEnabled" value="true"/> 28 <property name="authenticationCacheName" value="authenticationCache"/> 29 <property name="authorizationCachingEnabled" value="true"/> 30 <property name="authorizationCacheName" value="authorizationCache"/> 31 </bean> 32 33 <!-- 会话ID生成器 --> 34 <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/> 35 36 <!-- 会话Cookie模板 --> 37 <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> 38 <constructor-arg value="sid"/> 39 <property name="httpOnly" value="true"/> 40 <property name="maxAge" value="180000"/> 41 </bean> 42 43 <!-- 会话DAO --> 44 <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"> 45 <property name="activeSessionsCacheName" value="shiro-activeSessionCache"/> 46 <property name="sessionIdGenerator" ref="sessionIdGenerator"/> 47 </bean> 48 49 <!-- 会话验证调度器 --> 50 <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler"> 51 <property name="sessionValidationInterval" value="1800000"/> 52 <property name="sessionManager" ref="sessionManager"/> 53 </bean> 54 55 <!-- 会话管理器 --> 56 <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> 57 <property name="globalSessionTimeout" value="1800000"/> 58 <property name="deleteInvalidSessions" value="true"/> 59 <property name="sessionValidationSchedulerEnabled" value="true"/> 60 <property name="sessionValidationScheduler" ref="sessionValidationScheduler"/> 61 <property name="sessionDAO" ref="sessionDAO"/> 62 <property name="sessionIdCookieEnabled" value="true"/> 63 <property name="sessionIdCookie" ref="sessionIdCookie"/> 64 </bean> 65 66 <!-- 安全管理器 --> 67 <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> 68 <property name="realm" ref="userRealm"/> 69 <property name="sessionManager" ref="sessionManager"/> 70 <property name="cacheManager" ref="cacheManager"/> 71 </bean> 72 73 <!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) --> 74 <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> 75 <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/> 76 <property name="arguments" ref="securityManager"/> 77 </bean> 78 79 <!-- 基于Form表单的身份验证过滤器 --> 80 <bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter"> 81 <property name="usernameParam" value="username"/> 82 <property name="passwordParam" value="password"/> 83 <property name="loginUrl" value="/login.jsp"/> 84 </bean> 85 86 <!-- Shiro的Web过滤器 --> 87 <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> 88 <property name="securityManager" ref="securityManager"/> 89 <property name="loginUrl" value="/login.jsp"/> 90 <property name="unauthorizedUrl" value="/unauthorized.jsp"/> 91 <property name="filters"> 92 <util:map> 93 <entry key="authc" value-ref="formAuthenticationFilter"/> 94 </util:map> 95 </property> 96 <property name="filterChainDefinitions"> 97 <value> 98 /index.jsp = anon 99 /unauthorized.jsp = anon 100 /login.jsp = authc 101 /logout = logout 102 /** = user 103 </value> 104 </property> 105 </bean> 106 107 <!-- Shiro生命周期处理器--> 108 <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> 109 110 </beans>
6.ehcache.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <ehcache name="shirocache"> 3 4 <diskStore path="java.io.tmpdir"/> 5 6 <!-- 登录记录缓存 锁定10分钟 --> 7 <cache name="passwordRetryCache" 8 maxEntriesLocalHeap="2000" 9 eternal="false" 10 timeToIdleSeconds="3600" 11 timeToLiveSeconds="0" 12 overflowToDisk="false" 13 statistics="true"> 14 </cache> 15 16 <cache name="authorizationCache" 17 maxEntriesLocalHeap="2000" 18 eternal="false" 19 timeToIdleSeconds="3600" 20 timeToLiveSeconds="0" 21 overflowToDisk="false" 22 statistics="true"> 23 </cache> 24 25 <cache name="authenticationCache" 26 maxEntriesLocalHeap="2000" 27 eternal="false" 28 timeToIdleSeconds="3600" 29 timeToLiveSeconds="0" 30 overflowToDisk="false" 31 statistics="true"> 32 </cache> 33 34 <cache name="shiro-activeSessionCache" 35 maxEntriesLocalHeap="2000" 36 eternal="false" 37 timeToIdleSeconds="3600" 38 timeToLiveSeconds="0" 39 overflowToDisk="false" 40 statistics="true"> 41 </cache> 42 43 </ehcache>
7.spring-mvc.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <beans xmlns="http://www.springframework.org/schema/beans" 3 xmlns:context="http://www.springframework.org/schema/context" 4 xmlns:aop="http://www.springframework.org/schema/aop" 5 xmlns:mvc="http://www.springframework.org/schema/mvc" 6 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 7 xsi:schemaLocation=" 8 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 9 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd 10 http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd 11 http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd"> 12 13 <context:component-scan base-package="com.github.zhangkaitao" use-default-filters="false"> 14 <context:include-filter type="annotation" expression="org.springframework.stereotype.Controller"/> 15 <context:include-filter type="annotation" expression="org.springframework.web.bind.annotation.ControllerAdvice"/> 16 </context:component-scan> 17 18 <aop:config proxy-target-class="true"></aop:config> 19 <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> 20 <property name="securityManager" ref="securityManager"/> 21 </bean> 22 23 <mvc:annotation-driven/> 24 <mvc:view-controller path="/" view-name="index"/> 25 26 <!-- 默认的视图解析器 在上边的解析错误时使用 (默认使用html)- --> 27 <bean id="defaultViewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 28 <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/> 29 <property name="contentType" value="text/html"/> 30 <property name="prefix" value="/"/> 31 <property name="suffix" value=".jsp"/> 32 </bean> 33 34 <!-- 控制器异常处理 --> 35 <bean id="exceptionHandlerExceptionResolver" class="org.springframework.web.servlet.mvc.method.annotation.ExceptionHandlerExceptionResolver"> 36 </bean> 37 <bean class="com.github.zhangkaitao.shiro.chapter12.web.exception.DefaultExceptionHandler"/> 38 39 40 </beans>
注意,shiroFilter在web.xml、spring-shiro-web.xml中都出现了。他们之间的联系是什么?
DelegatingFilterProxy 会自动到 Spring 容器中查找名字为 shiroFilter 的 bean 并把 filter 请求交给它处理。
web.xml:
1 <filter> 2 <filter-name>shiroFilter</filter-name> 3 <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 4 <async-supported>true</async-supported> 5 <init-param> 6 <param-name>targetFilterLifecycle</param-name> 7 <param-value>true</param-value> 8 </init-param> 9 </filter>
spring-shiro-web.xml:
1 <!-- Shiro的Web过滤器 --> 2 <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> 3 <property name="securityManager" ref="securityManager"/> 4 <property name="loginUrl" value="/login.jsp"/> 5 <property name="unauthorizedUrl" value="/unauthorized.jsp"/> 6 <property name="filters"> 7 <util:map> 8 <entry key="authc" value-ref="formAuthenticationFilter"/> 9 </util:map> 10 </property> 11 <property name="filterChainDefinitions"> 12 <value> 13 /index.jsp = anon 14 /unauthorized.jsp = anon 15 /login.jsp = authc 16 /logout = logout 17 /** = user 18 </value> 19 </property> 20 </bean>
fighting for this