msb_6557
/
opsli-boot
mirror of https://github.com/hiparker/opsli-boot.git
1
1
Code Issues Projects Releases Wiki Activity

优化Shiro认证权限,增加排除URL

Browse Source
v1.4.1
Parker 4 years ago
parent c5df37643f
commit b6a6c28643
2 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File

18
opsli-base-support/opsli-core/src/main/java/org/opsli/core/conf/ShiroConfig.java
Unescape View File

@ -15,6 +15,7 @@
*/
package org.opsli.core.conf;
import cn.hutool.core.collection.CollUtil;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
@ -22,6 +23,7 @@ import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSource
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.opsli.common.utils.Props;
import org.opsli.core.security.shiro.filter.OAuth2Filter;
import org.opsli.core.security.shiro.realm.OAuth2Realm;
import org.opsli.plugins.redis.conf.RedisPluginConfig;
@ -35,6 +37,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
/**
@ -49,6 +52,13 @@ import java.util.Map;
@AutoConfigureAfter(RedisPluginConfig.class)
public class ShiroConfig {
/** 获得排除URL */
private static final List<String> URL_EXCLUSION;
static{
Props props = new Props("application.yaml");
URL_EXCLUSION = props.getList("opsli.token-auth.url-exclusion");
}
/**
* filer
@ -80,6 +90,14 @@ public class ShiroConfig {
filterMap.put("/ueditor/**", "anon");
filterMap.put("/static/file/**", "anon");
filterMap.put("/**", "oauth2");
// 加载排除URL
if(CollUtil.isNotEmpty(URL_EXCLUSION)){
for (String excUrl : URL_EXCLUSION) {
filterMap.put(excUrl, "anon");
}
}
shiroFilter.setFilterChainDefinitionMap(filterMap);
return shiroFilter;

6
opsli-starter/src/main/resources/application.yaml
Unescape View File

@ -158,6 +158,12 @@ mybatis-plus:
# opsli 自定义配置
opsli:
# token 认证
token-auth:
# 排除过滤url 格式 - List
url-exclusion:
- "/test.html"
# Java 软防火墙
waf:
# 开启防护

Write Preview
Loading…
Cancel
Save