本文介绍了一个使用Spring框架配置Apache Shiro与CAS单点登录系统的示例。详细展示了ShiroFilterFactoryBean、CasFilter和CasRealm等组件的具体配置方式。
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.1.xsd"
default-lazy-init="true">
<bean id="securityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl"
value="${security.casServer}/casServer/login?service=${security.local.project}/cas" />
<property name="successUrl" value="/index.html" />
<property name="filters">
<util:map>
<entry key="casFilter" value-ref="casFilter" />
<entry key="casLogout" value-ref="casLogout" />
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/cas=casFilter
/logout=casLogout
/service/public = anon
/**=roles[ROLE_USER]
</value>
</property>
</bean>
<bean id="casLogout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
<property name="redirectUrl" value="${security.casServer}/casServer/logout?service=${security.local.project}" />
</bean>
<bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
<property name="failureUrl" value="/WEB-INF/error/500.jsp" />
</bean>
<bean id="casRealm" class="com.creditcities.framework.security.CasRealm">
<property name="defaultRoles" value="ROLE_USER" />
<property name="roleAttributeNames" value="roles"/>
<property name="cacheManager" ref="shirocacheManager"/>
<property name="authorizationCacheName" value="shiro-activeRealmCache"/>
<property name="permissionAttributeNames" value="permissions"/>
<property name="casServerUrlPrefix" value="${security.casServer}/casServer" />
<property name="casService" value="${security.local.project}/cas" />
</bean>
<bean id="memcachedClientFactoryBean" class="net.spy.memcached.spring.MemcachedClientFactoryBean">
<property name="servers" value="${memcached.url}" />
<property name="protocol" value="TEXT" />
<property name="locatorType" value="CONSISTENT" />
<property name="opTimeout" value="1000" />
</bean>
<bean id="spyMemcachedClient" class="com.creditcities.framework.cache.SpyMemcachedClient">
<property name="memcachedClient" ref="memcachedClientFactoryBean"/>
</bean>
<bean id="shirocacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:/ehcache.xml" />
</bean>
<!--
<bean id="shirocacheManager" class="com.creditcities.framework.security.MemcachedManager">
<property name="memcachedClient" ref="memcachedClientFactoryBean"/>
<property name="expiredTime" value="1800" />
</bean>
-->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/>
<property name="cacheManager" ref="shirocacheManager"/>
<property name="sessionListeners">
<list>
<bean class="com.creditcities.framework.security.SessionListener"></bean>
</list>
</property>
</bean>
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="cacheManager" ref="shirocacheManager"/>
</bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="sessionManager" ref="sessionManager"/>
<property name="sessionMode" value="http" />
<property name="realm" ref="casRealm" />
<property name="subjectFactory" ref="casSubjectFactory" />
</bean>
<bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory" />
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- <bean -->
<!-- class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> -->
<!-- <property name="staticMethod" -->
<!-- value="org.apache.shiro.SecurityUtils.setSecurityManager" /> -->
<!-- <property name="arguments" ref="securityManager" /> -->
<!-- </bean> -->
<bean id="securityMethodMatcherPointcutAdvisor"
class="com.creditcities.framework.security.SecurityMethodPointcutAdvisor">
</bean>
</beans>
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.1.xsd"
default-lazy-init="true">
<bean id="securityFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl"
value="${security.casServer}/casServer/login?service=${security.local.project}/cas" />
<property name="successUrl" value="/index.html" />
<property name="filters">
<util:map>
<entry key="casFilter" value-ref="casFilter" />
<entry key="casLogout" value-ref="casLogout" />
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/cas=casFilter
/logout=casLogout
/service/public = anon
/**=roles[ROLE_USER]
</value>
</property>
</bean>
<bean id="casLogout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
<property name="redirectUrl" value="${security.casServer}/casServer/logout?service=${security.local.project}" />
</bean>
<bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
<property name="failureUrl" value="/WEB-INF/error/500.jsp" />
</bean>
<bean id="casRealm" class="com.creditcities.framework.security.CasRealm">
<property name="defaultRoles" value="ROLE_USER" />
<property name="roleAttributeNames" value="roles"/>
<property name="cacheManager" ref="shirocacheManager"/>
<property name="authorizationCacheName" value="shiro-activeRealmCache"/>
<property name="permissionAttributeNames" value="permissions"/>
<property name="casServerUrlPrefix" value="${security.casServer}/casServer" />
<property name="casService" value="${security.local.project}/cas" />
</bean>
<bean id="memcachedClientFactoryBean" class="net.spy.memcached.spring.MemcachedClientFactoryBean">
<property name="servers" value="${memcached.url}" />
<property name="protocol" value="TEXT" />
<property name="locatorType" value="CONSISTENT" />
<property name="opTimeout" value="1000" />
</bean>
<bean id="spyMemcachedClient" class="com.creditcities.framework.cache.SpyMemcachedClient">
<property name="memcachedClient" ref="memcachedClientFactoryBean"/>
</bean>
<bean id="shirocacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="classpath:/ehcache.xml" />
</bean>
<!--
<bean id="shirocacheManager" class="com.creditcities.framework.security.MemcachedManager">
<property name="memcachedClient" ref="memcachedClientFactoryBean"/>
<property name="expiredTime" value="1800" />
</bean>
-->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/>
<property name="cacheManager" ref="shirocacheManager"/>
<property name="sessionListeners">
<list>
<bean class="com.creditcities.framework.security.SessionListener"></bean>
</list>
</property>
</bean>
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="cacheManager" ref="shirocacheManager"/>
</bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="sessionManager" ref="sessionManager"/>
<property name="sessionMode" value="http" />
<property name="realm" ref="casRealm" />
<property name="subjectFactory" ref="casSubjectFactory" />
</bean>
<bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory" />
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- <bean -->
<!-- class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> -->
<!-- <property name="staticMethod" -->
<!-- value="org.apache.shiro.SecurityUtils.setSecurityManager" /> -->
<!-- <property name="arguments" ref="securityManager" /> -->
<!-- </bean> -->
<bean id="securityMethodMatcherPointcutAdvisor"
class="com.creditcities.framework.security.SecurityMethodPointcutAdvisor">
</bean>
</beans>
扫一扫
2982
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
