一、先从配置类入手,主要是@Bean了一个ShiroFilterFactoryBean:
@Data @Configuration @Slf4j @EnableConfigurationProperties(ShiroProperties.class) public class ShiroConfiguration { //.......这里省略了大部分跟主题无关的配置代码 /** * 这里名字叫 shiroFilter,后续通过FilterRegistrationBean从spring容器中向servlet容器中注册filter * @param securityManager * @return * @author * @create */ @Bean(name = "shiroFilter") public ShiroFilterFactoryBean getShiroFilterFactoryBean (DefaultWebSecurityManager securityManager, ShiroProperties sp,IUserService userService){ ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); // 必须设置 SecurityManager shiroFilterFactoryBean.setSecurityManager(securityManager); //配置shiroFilter子过滤器 loadFilter(shiroFilterFactoryBean,getCasFilter(sp,userService),getJwtFilter(),getWeComFilter()); //配置拦截规则 loadShiroFilterChain(shiroFilterFactoryBean, sp); return shiroFilterFactoryBean; } /** * CAS过滤器 */ @Bean public CustomizedCasFilter getCasFilter(ShiroProperties sp, IUserService userService) { CustomizedCasFilter casFilter = new CustomizedCasFilter(); //....... return casFilter; } /** * JWT过滤器 * * @return * @author * @create 2020年8月19日 */ @Bean public CustomizedJwtFilter getJwtFilter() { CustomizedJwtFilter jwtFilter = new CustomizedJwtFilter(); return jwtFilter; } /** * 企业微信过滤器 * @param * @return */ @Bean public CustomizedWeComFilter getWeComFilter() { CustomizedWeComFilter weComFilter = new CustomizedWeComFilter(); return weComFilter; } /** * 添加过滤器 * @param bean * @param casFilter * @param jwtFilter */ private void loadFilter(ShiroFilterFactoryBean bean,CasFilter casFilter, CustomizedJwtFilter jwtFilter, CustomizedWeComFilter weComFilter) { Map<String, Filter> filters = new HashMap<>(); filters.put("cas", casFilter); filters.put("jwt", jwtFilter); filters.put("weCom",weComFilter); bean.setFilters(filters); } /** * 加载shiroFilter权限控制规则 * * @author * @create */ private void loadShiroFilterChain (ShiroFilterFactoryBean shiroFilterFactoryBean, ShiroProperties sp){ //下面这些规则配置最好配置到配置文件中 Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>(); // shiro集成cas后,首先添加该规则 filterChainDefinitionMap.put("/api/**", "jwt"); filterChainDefinitionMap.put("/cas/**", "cas"); filterChainDefinitionMap.put("/wecom/**", "weCom"); filterChainDefinitionMap.put("/test/**", "anon"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); } /** * 在spring容器处在某一声明周期时时,为shiro中的相关bean执行对应的bean生命周期方法 * * @author * @create */ @Bean(name = "lifecycleBeanPostProcessor") public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor () { return new LifecycleBeanPostProcessor(); } ....... }