java - shiro anon 不生效
問題描述
在使用springboot整合shiro的過程中,希望靜態資源資源不受shiro過濾器‘authc’攔截,于是定義了“anon”,測試發現根本不生效,靜態資源路徑下的資源(如/js/**)依舊會被攔截并重定向到/login,以下是我的shiro javaconfig
ShiroConfig.java@Configurationpublic class ShiroConfig { @Value('${shiro.credentialsMatcher.hashIterations}') private int hashIterations; @Value('${shiro.credentialsMatcher.storedCredentialsHexEncoded}') private boolean storedCredentialsHexEncoded; @Configuration protected static class Processor {@Beanpublic LifecycleBeanPostProcessor lifecycleBeanPostProcessor() { return new LifecycleBeanPostProcessor();}@Bean@DependsOn('lifecycleBeanPostProcessor')public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { final DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator(); proxyCreator.setProxyTargetClass(true); return proxyCreator;}@Beanpublic AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor;} } @Bean('credentialsMatcher') public HashedCredentialsMatcher getCredentialsMatcher() {HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();credentialsMatcher.setHashAlgorithmName('MD5');credentialsMatcher.setHashIterations(hashIterations);credentialsMatcher.setStoredCredentialsHexEncoded(storedCredentialsHexEncoded);return credentialsMatcher; } @Bean(name = 'shiroEhcacheManager') @DependsOn('lifecycleBeanPostProcessor') public EhCacheManager getEhCacheManager() {EhCacheManager em = new EhCacheManager();em.setCacheManagerConfigFile('classpath:conf/shiro-ehcache.xml');return em; } @Bean('userRealm') @DependsOn('lifecycleBeanPostProcessor') public UserRealm getUserRealm(HashedCredentialsMatcher credentialsMatcher) {UserRealm userRealm = new UserRealm();userRealm.setCachingEnabled(false);userRealm.setCredentialsMatcher(credentialsMatcher);return userRealm; } @Bean('securityManager') public DefaultWebSecurityManager getSecurityManager(UserRealm userRealm) {DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();securityManager.setCacheManager(getEhCacheManager());securityManager.setRealm(userRealm);return securityManager; } @Bean('shiroFilter') public ShiroFilterFactoryBean getShiroFilter(DefaultWebSecurityManager securityManager) {ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();shiroFilterFactoryBean.setSecurityManager(securityManager);Map<String, String> filterChainDefinitionMap = Maps.newHashMap();filterChainDefinitionMap.put('/css/**', 'anon');filterChainDefinitionMap.put('/img/**', 'anon');filterChainDefinitionMap.put('/js/**', 'anon');filterChainDefinitionMap.put('/plugins/**', 'anon');filterChainDefinitionMap.put('/error/**', 'anon');filterChainDefinitionMap.put('/login', 'authc');filterChainDefinitionMap.put('/logout', 'logout');filterChainDefinitionMap.put('/**', 'authc');shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);shiroFilterFactoryBean.setLoginUrl('/login');shiroFilterFactoryBean.setSuccessUrl('/');shiroFilterFactoryBean.setUnauthorizedUrl('/login');return shiroFilterFactoryBean; }}
請指正
問題解答
回答1:解決了,filterChainDefinitionMap應當為LinkedHashMap
相關文章:
1. java中返回一個對象,和輸出對像的值,意義在哪兒2. docker網絡端口映射,沒有方便點的操作方法么?3. mysql - 在不允許改動數據表的情況下,如何優化以varchar格式存儲的時間的比較?4. vim - docker中新的ubuntu12.04鏡像,運行vi提示,找不到命名.5. css - chrome下a標簽嵌套img 顯示會多個小箭頭?6. javascript - 網頁打印頁另存為pdf的代碼一個問題7. docker start -a dockername 老是卡住,什么情況?8. javascript - 關于apply()與call()的問題9. docker - 各位電腦上有多少個容器啊?容器一多,自己都搞混了,咋辦呢?10. 第10分鐘的地方構造方法有問題,代碼寫亂了,實例化了2次Request對象
網公網安備