gfwleak/k18-ntcs-web-argus-service
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
b63147352e9b5a2c8b312ac8790697417bcdeb90
k18-ntcs-web-argus-service/src/main/resources/applicationContext-shiro.xml
zhangdongxu 13acafd43d 上传代码
2017-12-19 14:55:52 +08:00

173 lines
7.2 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd"
default-lazy-init="true">
<description>Shiro Configuration</description>
<!-- 引入jdbc.properties,加密密码 ;<context:property-placeholder location="classpath:jdbc.properties" />-->
<bean id="propertyConfigurer" class="com.nis.util.PropertyPlaceholderConfigurerCrypt">
<property name="locations" >
<list>
<value>classpath:jdbc.properties</value>
<value>classpath:nis.properties</value>
</list>
</property>
</bean>
<!-- autodetection of such annotated controllers -->
<!-- 使用Annotation自动注册Bean解决事物失效问题在主容器中不扫描@Controller注解在SpringMvc中只扫描@Controller注解。 -->
<context:component-scan base-package="com.nis.web">
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Controller"/>
</context:component-scan>
<!-- 缓存配置 -->
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<property name="configLocation" value="classpath:${ehcache.configFile}" />
</bean>
<!-- Shiro权限过滤过滤器定义 -->
<bean name="shiroFilterChainDefinitions" class="java.lang.String">
<constructor-arg>
<value>
/static/** = anon
/userfiles/** = anon
${adminPath}/cas = cas
/login = authc
/logout = logout
${adminPath}/** = user
<!--
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
-->
</value>
</constructor-arg>
</bean>
<!-- 安全认证过滤器 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"></property>
<property name="loginUrl" value="/login"></property>
<property name="successUrl" value="${adminPath}/index"></property>
<property name="unauthorizedUrl" value="/unauthorized"></property>
<property name="filters">
<map>
<entry key="cas" value-ref="casFilter"></entry>
<entry key="authc" value-ref="formAuthenticationFilter"/>
</map>
</property>
<property name="filterChainDefinitions">
<ref bean="shiroFilterChainDefinitions"/>
</property>
</bean>
<!-- CAS认证过滤器 -->
<bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
<property name="failureUrl" value="/login"/>
</bean>
<!-- 定义Shiro安全管理配置 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="systemAuthorizingRealm" />
<property name="sessionManager" ref="sessionManager" />
<property name="cacheManager" ref="shiroCacheManager" />
</bean>
<!-- 自定义会话管理配置 -->
<bean id="sessionManager" class="com.nis.web.security.SessionManager">
<property name="sessionDAO" ref="sessionDAO"/>
<!-- 会话超时时间,单位:毫秒 -->
<property name="globalSessionTimeout" value="${session.sessionTimeout}"/>
<!-- 定时清理失效会话, 清理用户直接关闭浏览器造成的孤立会话 -->
<property name="sessionValidationInterval" value="${session.sessionTimeoutClean}"/>
<!-- <property name="sessionValidationSchedulerEnabled" value="false"/> -->
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionIdCookie" ref="sessionIdCookie"/>
<property name="sessionIdCookieEnabled" value="true"/>
</bean>
<!-- 指定本系统SESSIONID, 默认为: JSESSIONID 问题: 与SERVLET容器名冲突, 如JETTY, TOMCAT 等默认JSESSIONID,
当跳出SHIRO SERVLET时如ERROR-PAGE容器会为JSESSIONID重新分配值导致登录会话丢失! -->
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg name="name" value="nis.session.id"/>
</bean>
<bean id="sessionDAO" class="com.nis.web.security.CacheSessionDAO">
<property name="sessionIdGenerator" ref="idGen" />
<property name="activeSessionsCacheName" value="activeSessionsCache" />
<property name="cacheManager" ref="shiroCacheManager" />
</bean>
<!-- 定义授权缓存管理器 -->
<!-- <bean id="shiroCacheManager" class="com.thinkgem.jeesite.common.security.shiro.cache.SessionCacheManager" /> -->
<bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="cacheManager"/>
</bean>
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<!-- AOP式方法级权限检查,enable shiro annotations for Spring-configured beans.only run after -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true" />
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- 登陆时验证码的配置 -->
<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
<property name="config">
<bean class="com.google.code.kaptcha.util.Config">
<!--通过构造函数注入属性值 -->
<constructor-arg type="java.util.Properties">
<props>
<!-- 验证码宽度 -->
<prop key="kaptcha.image.width">115</prop>
<!-- 验证码高度 -->
<prop key="kaptcha.image.height">46</prop>
<!-- 生成验证码内容范围 -->
<prop key="kaptcha.textproducer.char.string">abcde012345678gfynmnpwx</prop>
<!-- 验证码个数 -->
<prop key="kaptcha.textproducer.char.length">5</prop>
<!-- 是否有边框 -->
<prop key="kaptcha.border">no</prop>
<!-- 验证码字体颜色 -->
<prop key="kaptcha.textproducer.font.color">white</prop>
<!-- 验证码字体大小 -->
<prop key="kaptcha.textproducer.font.size">25</prop>
<!-- 验证码所属字体样式 -->
<prop key="kaptcha.textproducer.font.names">Arial, Courier</prop>
<prop key="kaptcha.background.clear.from">104,183,26</prop>
<prop key="kaptcha.background.clear.to">104,183,26</prop>
<prop key="kaptcha.obscurificator.impl">com.google.code.kaptcha.impl.ShadowGimpy</prop>
<prop key="kaptcha.noise.impl">com.google.code.kaptcha.impl.NoNoise</prop>
<!-- 干扰线颜色 -->
<prop key="kaptcha.noise.color">red</prop>
<!-- 验证码文本字符间距 -->
<prop key="kaptcha.textproducer.char.space">1</prop>
</props>
</constructor-arg>
</bean>
</property>
</bean>
</beans>
Reference in New Issue View Git Blame Copy Permalink