likes
comments
collection
share

Java安全框架——Apache Shiro(三十六)

作者站长头像
站长
· 阅读数 63
【2.4】热加载

为了实现热加载我们需要定义以下3个类

CustomDefaultFilterChainManager:自定义的默认过滤器链管理者  
CustomPathMatchingFilterChainResolver:自定义的路径匹配过滤器链解析器  
CustomShiroFilterFactoryBean:自定义shiro过滤器工厂bean
【2.4.1】CustomDefaultFilterChainManager

下顶级接口FilterChainManager 

package com.itheima.shiro.core.impl;

import org.apache.shiro.config.Ini; import org.apache.shiro.util.CollectionUtils; import org.apache.shiro.util.Nameable; import org.apache.shiro.util.StringUtils; import org.apache.shiro.web.config.IniFilterChainResolverFactory; import org.apache.shiro.web.filter.AccessControlFilter; import org.apache.shiro.web.filter.authc.AuthenticationFilter; import org.apache.shiro.web.filter.authz.AuthorizationFilter; import org.apache.shiro.web.filter.mgt.DefaultFilterChainManager; import org.apache.shiro.web.filter.mgt.NamedFilterList; import org.apache.shiro.web.filter.mgt.SimpleNamedFilterList;

import javax.annotation.PostConstruct; import javax.servlet.Filter; import javax.servlet.FilterChain; import java.util.LinkedHashMap; import java.util.List; import java.util.Map;

/** * @Description:自定义默认过滤器管理者 */ public class CustomDefaultFilterChainManager extends DefaultFilterChainManager {

    //登录地址 private String loginUrl;

    //登录成功后默认跳转地址 private String successUrl;

    //未授权跳转地址 private String unauthorizedUrl;

    public CustomDefaultFilterChainManager() { //构建过滤器 setFilters(new LinkedHashMap<String, Filter>()); //构建过滤器链 setFilterChains(new LinkedHashMap<String, NamedFilterList>()); //构建默认过滤器 addDefaultFilters(true); }

    /** * @Description 注册我们自定义的过滤器,相当于ShiroFilterFactoryBean的filters属性 * @param customFilters 过滤器 * @return */ public void setCustomFilters(Map<String, Filter> customFilters) { for(Map.Entry<String, Filter> entry : customFilters.entrySet()) { addFilter(entry.getKey(), entry.getValue(), false); } }

    /** * @Description Spring容器启动时调用 */ @PostConstruct public void init() { //配置默认过滤器 Map<String, Filter> filters = getFilters();

        //为过滤器链配置全局URL处理属性 for (Filter filter : filters.values()) { applyGlobalPropertiesIfNecessary(filter); } }

    /** * @Description 此时交于spring容器出事化,这里忽略 */ @Override protected void initFilter(Filter filter) { }

    private void applyGlobalPropertiesIfNecessary(Filter filter) { applyLoginUrlIfNecessary(filter); applySuccessUrlIfNecessary(filter); applyUnauthorizedUrlIfNecessary(filter); }

    private void applyLoginUrlIfNecessary(Filter filter) { String loginUrl = getLoginUrl(); if (StringUtils.hasText(loginUrl) && (filter instanceof AccessControlFilter)) { AccessControlFilter acFilter = (AccessControlFilter) filter; //only apply the login url if they haven't explicitly configured one already: String existingLoginUrl = acFilter.getLoginUrl(); if (AccessControlFilter.DEFAULT_LOGIN_URL.equals(existingLoginUrl)) { acFilter.setLoginUrl(loginUrl); } } }

    private void applySuccessUrlIfNecessary(Filter filter) { String successUrl = getSuccessUrl(); if (StringUtils.hasText(successUrl) && (filter instanceof AuthenticationFilter)) { AuthenticationFilter authcFilter = (AuthenticationFilter) filter; //only apply the successUrl if they haven't explicitly configured one already: String existingSuccessUrl = authcFilter.getSuccessUrl(); if (AuthenticationFilter.DEFAULT_SUCCESS_URL.equals(existingSuccessUrl)) { authcFilter.setSuccessUrl(successUrl); } } }

    private void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = getUnauthorizedUrl(); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } }

    public String getLoginUrl() { return loginUrl; }

    public void setLoginUrl(String loginUrl) { this.loginUrl = loginUrl; }

    public String getSuccessUrl() { return successUrl; }

    public void setSuccessUrl(String successUrl) { this.successUrl = successUrl; }

    public String getUnauthorizedUrl() { return unauthorizedUrl; }

    public void setUnauthorizedUrl(String unauthorizedUrl) { this.unauthorizedUrl = unauthorizedUrl; }

}

转载自:https://juejin.cn/post/7159385393018699789
评论
请登录