likes
comments
collection
share

Java安全框架——Apache Shiro(三十七)

作者站长头像
站长
· 阅读数 36

CustomDefaultFilterChainManager:主要是把原来对象的创建交于spring容器,同时指定过滤器,然后构建过滤器链

package com.itheima.shiro.core.impl;

import org.apache.shiro.config.Ini; import org.apache.shiro.util.CollectionUtils; import org.apache.shiro.util.Nameable; import org.apache.shiro.util.StringUtils; import org.apache.shiro.web.config.IniFilterChainResolverFactory; import org.apache.shiro.web.filter.AccessControlFilter; import org.apache.shiro.web.filter.authc.AuthenticationFilter; import org.apache.shiro.web.filter.authz.AuthorizationFilter; import org.apache.shiro.web.filter.mgt.DefaultFilterChainManager; import org.apache.shiro.web.filter.mgt.NamedFilterList; import org.apache.shiro.web.filter.mgt.SimpleNamedFilterList;

import javax.annotation.PostConstruct; import javax.servlet.Filter; import javax.servlet.FilterChain; import java.util.LinkedHashMap; import java.util.List; import java.util.Map;

/** * @Description:自定义默认过滤器管理者 */ public class CustomDefaultFilterChainManager extends DefaultFilterChainManager {

    //登录地址 private String loginUrl;

    //登录成功后默认跳转地址 private String successUrl;

    //未授权跳转地址 private String unauthorizedUrl;

    public CustomDefaultFilterChainManager() { //构建过滤器 setFilters(new LinkedHashMap<String, Filter>()); //构建过滤器链 setFilterChains(new LinkedHashMap<String, NamedFilterList>()); //构建默认过滤器 addDefaultFilters(true); }

    /** * @Description 注册我们自定义的过滤器,相当于ShiroFilterFactoryBean的filters属性 * @param customFilters 过滤器 * @return */ public void setCustomFilters(Map<String, Filter> customFilters) { for(Map.Entry<String, Filter> entry : customFilters.entrySet()) { addFilter(entry.getKey(), entry.getValue(), false); } }

    /** * @Description Spring容器启动时调用 */ @PostConstruct public void init() { //配置默认过滤器 Map<String, Filter> filters = getFilters(); if (!CollectionUtils.isEmpty(filters)) { //注册过滤器 for (Map.Entry<String, Filter> entry : filters.entrySet()) { //过滤器名称 String name = entry.getKey(); //过滤器 Filter filter = entry.getValue(); if (filter instanceof Nameable) { ((Nameable) filter).setName(name); } //配置3个URL applyGlobalPropertiesIfNecessary(filter); } } }

    /** * @Description 此时交于spring容器出事化,这里忽略 */ @Override protected void initFilter(Filter filter) { }

    private void applyGlobalPropertiesIfNecessary(Filter filter) { applyLoginUrlIfNecessary(filter); applySuccessUrlIfNecessary(filter); applyUnauthorizedUrlIfNecessary(filter); }

    private void applyLoginUrlIfNecessary(Filter filter) { String loginUrl = getLoginUrl(); if (StringUtils.hasText(loginUrl) && (filter instanceof AccessControlFilter)) { AccessControlFilter acFilter = (AccessControlFilter) filter; //only apply the login url if they haven't explicitly configured one already: String existingLoginUrl = acFilter.getLoginUrl(); if (AccessControlFilter.DEFAULT_LOGIN_URL.equals(existingLoginUrl)) { acFilter.setLoginUrl(loginUrl); } } }

    private void applySuccessUrlIfNecessary(Filter filter) { String successUrl = getSuccessUrl(); if (StringUtils.hasText(successUrl) && (filter instanceof AuthenticationFilter)) { AuthenticationFilter authcFilter = (AuthenticationFilter) filter; //only apply the successUrl if they haven't explicitly configured one already: String existingSuccessUrl = authcFilter.getSuccessUrl(); if (AuthenticationFilter.DEFAULT_SUCCESS_URL.equals(existingSuccessUrl)) { authcFilter.setSuccessUrl(successUrl); } } }

    private void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = getUnauthorizedUrl(); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } }

    public String getLoginUrl() { return loginUrl; }

    public void setLoginUrl(String loginUrl) { this.loginUrl = loginUrl; }

    public String getSuccessUrl() { return successUrl; }

    public void setSuccessUrl(String successUrl) { this.successUrl = successUrl; }

    public String getUnauthorizedUrl() { return unauthorizedUrl; }

    public void setUnauthorizedUrl(String unauthorizedUrl) { this.unauthorizedUrl = unauthorizedUrl; }

}

转载自:https://juejin.cn/post/7159813076768784420
评论
请登录