spring-shiro（权限、用户认证配置）

spring-shiro.xml（权限、用户认证配置）

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop"    xmlns:mvc="http://www.springframework.org/schema/mvc"xsi:schemaLocation="http://www.springframework.org/schema/beans        http://www.springframework.org/schema/beans/spring-beans.xsd        http://www.springframework.org/schema/aop        http://www.springframework.org/schema/aop/spring-aop.xsd        http://www.springframework.org/schema/context        http://www.springframework.org/schema/context/spring-context.xsd        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd        http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd"><!-- Realm实现 --><bean id="statelessRealm" class="com.sys.shiro.AuthorizationRealm"><property name="cachingEnabled" value="false" /></bean><!-- Subject工厂 --><bean id="subjectFactory" class="com.sys.shiro.StatelessDefaultSubjectFactory" /><!-- 会话管理器 --><bean id="sessionManager" class="org.apache.shiro.session.mgt.DefaultSessionManager"><property name="sessionValidationSchedulerEnabled" value="false" /></bean><!-- 安全管理器 --><bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"><property name="realm" ref="statelessRealm" /><property name="subjectDAO.sessionStorageEvaluator.sessionStorageEnabled"value="false" /><property name="subjectFactory" ref="subjectFactory" /><property name="sessionManager" ref="sessionManager" /></bean><!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) --><beanclass="org.springframework.beans.factory.config.MethodInvokingFactoryBean"><property name="staticMethod"value="org.apache.shiro.SecurityUtils.setSecurityManager" /><property name="arguments" ref="securityManager" /></bean><bean id="statelessAuthcFilter" class="com.sys.shiro.StatelessAuthcFilter" /><!-- Shiro的Web过滤器 --><bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"><property name="securityManager" ref="securityManager" /><property name="loginUrl" value="/pt/register" />        <property name="successUrl" value="/pt/home" />        <property name="unauthorizedUrl" value="/pt/login" /><property name="filters"><util:map><entry key="statelessAuthc" value-ref="statelessAuthcFilter" /></util:map></property><property name="filterChainDefinitions"><value>/ = anon/index.html = anon /pt/register = anon /pt/login = anon /browersDownload.html = anon/pageNotFound.html= anon/version/* = anon/favicon.ico = anon/rest/static/**=anon/help/*=anon/rest/error/** = anon/login.html = anon/rest/login = anon/rest/logout = anon/**/scripts/** = anon/**/images/** = anon/**/styles/** = anon    /** = statelessAuthc</value></property></bean><mvc:interceptors><!-- 允许通过的URL --><mvc:interceptor><mvc:mapping path="/web/**" /><bean class="com.sys.shiro.WebInterceptor"/></mvc:interceptor></mvc:interceptors><!-- Shiro生命周期处理器 --><bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /><!-- 取消对images和js两个文件夹的拦截，可以访问静态文件的文件夹 -->    <mvc:resources location="/resources/" mapping="/resources/**"/>      <!-- 对模型视图名称的解析，在请求时模型视图名称添加前后缀 -->      <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/WEB-INF/view/" p:suffix=".jsp" /> </beans>

web.xml

<?xml version="1.0" encoding="UTF-8"?><web-app id="WebApp_ID" version="3.1"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee"xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee                              http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"><welcome-file-list><welcome-file>index.html</welcome-file></welcome-file-list><error-page><error-code>404</error-code><location>/pageNotFound.html</location></error-page><!--项目名称 --><display-name>gdecsppt</display-name><context-param><param-name>contextConfigLocation</param-name><param-value>    classpath:applicationContext.xml    classpath:quartz-task.xml          classpath:spring-shiro.xml        </param-value></context-param><listener><listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener><!--系统初始化操作 --><listener><listener-class>com.sys.core.init.InitListener</listener-class></listener><filter><description>处理编码的过滤器</description><filter-name>encodingFilter</filter-name><filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class><init-param><param-name>encoding</param-name><param-value>UTF-8</param-value></init-param><init-param><param-name>forceEncoding</param-name><param-value>true</param-value></init-param></filter><filter-mapping><filter-name>encodingFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter><filter-name>WebFilter</filter-name><filter-class>com.sys.filter.WebFilter</filter-class></filter><filter-mapping><filter-name>WebFilter</filter-name><url-pattern>/web/*</url-pattern></filter-mapping>    <!--用户登出 --><filter><filter-name>LogoutFilter</filter-name><filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class></filter><!--用户认证 --><filter><filter-name>UserAuthenticationFilter</filter-name><filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class><init-param><param-name>casServerLoginUrl</param-name><param-value>https://www.gdecc.com:8443/cas/login</param-value></init-param><init-param><param-name>serverName</param-name><param-value>http://gdecsppt.gdecc.com:8080</param-value></init-param></filter><!--Ticket校验 --><filter><filter-name>TicketValidationFilter</filter-name><filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class><init-param><param-name>casServerUrlPrefix</param-name><param-value>https://www.gdecc.com:8443/cas</param-value></init-param><init-param><param-name>serverName</param-name><param-value>http://gdecsppt.gdecc.com:8080</param-value></init-param><init-param><param-name>redirectAfterValidation</param-name><param-value>true</param-value></init-param></filter><!-- 该过滤器通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名 --><filter><filter-name>CASHttpServletRequestWrapperFilter</filter-name><filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class></filter><!-- 该过滤器通过org.jasig.cas.client.util.AssertionHolder来获取用户信息。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 --><filter><filter-name>CASAssertionThreadLocalFilter</filter-name><filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class></filter><filter-mapping><filter-name>LogoutFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>UserAuthenticationFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>TicketValidationFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>CASHttpServletRequestWrapperFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>CASAssertionThreadLocalFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><listener><listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class></listener>    <!--shiro权限处理过滤器 --><filter><filter-name>shiroFilter</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class><async-supported>true</async-supported><init-param><param-name>targetFilterLifecycle</param-name><param-value>true</param-value></init-param></filter><filter-mapping><filter-name>shiroFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!--SQL &HTML 注入过滤器 --><filter><filter-name>HtmlAndSQlInjection</filter-name><filter-class>com.sys.filter.SqlAndHtmlValidatefilter</filter-class><async-supported>true</async-supported></filter><filter-mapping><filter-name>HtmlAndSQlInjection</filter-name><url-pattern>/*</url-pattern></filter-mapping><servlet><servlet-name>Jersey Web Application</servlet-name><servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class><init-param><param-name>javax.ws.rs.Application</param-name><param-value>com.dyiaw.gdecsppt.rest.RestApplication</param-value></init-param><load-on-startup>1</load-on-startup><async-supported>true</async-supported></servlet><servlet-mapping><servlet-name>Jersey Web Application</servlet-name><url-pattern>/rest/*</url-pattern></servlet-mapping></web-app>

pom.xml

<!-- shiro start --><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-core</artifactId><version>${shiro.version}</version></dependency><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-spring</artifactId><version>${shiro.version}</version></dependency><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-web</artifactId><version>${shiro.version}</version></dependency><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-ehcache</artifactId><version>${shiro.version}</version><exclusions><exclusion><groupId>*</groupId><artifactId>*</artifactId></exclusion></exclusions></dependency><dependency><groupId>org.apache.shiro</groupId><artifactId>shiro-cas</artifactId><version>${shiro.version}</version></dependency><!-- shiro end -->