自定義校驗工具類(非必須)
import java.util.Collection;
import java.util.Map;
public class CheckUtils {
public static boolean isEmpty(Object o) {
if (o == null) {
return true;
} else {
if (o instanceof String && o.toString().trim().equals("")) {
return true;
} else if (o instanceof Iterable && ((Collection) o).size() <= 0) {
return true;
} else if (o instanceof Map && ((Map) o).size() == 0) {
return true;
} else if (o instanceof Object[] && ((Object[]) ((Object[]) o)).length == 0) {
return true;
} else if (isEmptyBasicDataArray(o)) {
return true;
}
return false;
}
}
public static boolean isOneEmpty(Object ... o){
for (Object obj :o ) {
if(isEmpty(obj)){
return true;
}
}
return false;
}
public static boolean isAllEmpty(Object ... o){
for (Object obj :o ) {
if(!isEmpty(obj)){
return false;
}
}
return true;
}
public static boolean isOneNotEmpty(Object ... o){
for (Object obj :o ) {
if(!isEmpty(obj)){
return true;
}
}
return false;
}
public static boolean isAllNotEmpty(Object ... o){
for (Object obj :o ) {
if(isEmpty(obj)){
return false;
}
}
return true;
}
public static boolean isNotEmpty(Object o ){
return !isEmpty(o);
}
public static boolean isEmptyBasicDataArray(Object o) {
if (o == null) {
return true;
} else {
if (o instanceof int[] && ((int[]) ((int[]) o)).length == 0) {
return true;
} else if (o instanceof long[] && ((long[]) ((long[]) o)).length == 0) {
return true;
} else if (o instanceof byte[] && ((byte[]) ((byte[]) o)).length == 0) {
return true;
} else if (o instanceof char[] && ((char[]) ((char[]) o)).length == 0) {
return true;
} else if (o instanceof double[] && ((double[]) ((double[]) o)).length == 0) {
return true;
} else if (o instanceof float[] && ((float[]) ((float[]) o)).length == 0) {
return true;
} else if (o instanceof short[] && ((short[]) ((short[]) o)).length == 0) {
return true;
} else if (o instanceof boolean[] && ((boolean[]) ((boolean[]) o)).length == 0) {
return true;
}
}
return false;
}
public static boolean isNotEmptyBasicDataArray(Object o){
return !isEmptyBasicDataArray(o);
}
public static boolean isOneEmptyBasicDataArray(Object ... o){
for (Object obj :o ) {
if(isEmptyBasicDataArray(obj)){
return true;
}
}
return false;
}
public static boolean isOneNotEmptyBasicDataArray(Object ... o){
for (Object obj :o ) {
if(!isEmptyBasicDataArray(obj)){
return true;
}
}
return false;
}
public static boolean isAllEmptyBasicDataArray(Object ... o){
for (Object obj :o ) {
if(!isEmptyBasicDataArray(obj)){
return false;
}
}
return true;
}
public static boolean isAllNotEmptyBasicDataArray(Object ... o){
for (Object obj :o ) {
if(isEmptyBasicDataArray(obj)){
return false;
}
}
return true;
}
}
自定義錯誤碼枚舉
public enum ErrorCodeEnum {
DICT_EXISTED(400, "字典已經存在"),
ERROR_CREATE_DICT(500, "創建字典失敗"),
ERROR_WRAPPER_FIELD(500, "包裝字典屬性失敗"),
ERROR_CODE_EMPTY(500, "字典類型不能爲空"),
FILE_READING_ERROR(400, "FILE_READING_ERROR!"),
FILE_NOT_FOUND(400, "FILE_NOT_FOUND!"),
UPLOAD_ERROR(500, "上傳圖片出錯"),
DB_RESOURCE_NULL(400, "數據庫中沒有該資源"),
NO_PERMITION_AUTHORITY(403, "無訪問權限"),
NO_PERMITION(405, "登錄認證異常"),
REQUEST_INVALIDATE(400, "請求數據格式不正確"),
INVALID_KAPTCHA(400, "驗證碼不正確"),
CANT_DELETE_ADMIN(600, "不能刪除超級管理員"),
CANT_FREEZE_ADMIN(600, "不能凍結超級管理員"),
CANT_CHANGE_ADMIN(600, "不能修改超級管理員角色"),
NOT_LOGIN(401, "當前用戶未登錄"),
USER_ALREADY_REG(401, "該用戶已經註冊"),
NO_THIS_USER(400, "沒有此用戶"),
USER_NOT_EXISTED(400, "沒有此用戶"),
OLD_PWD_NOT_RIGHT(402, "原密碼不正確"),
TWO_PWD_NOT_MATCH(405, "兩次輸入密碼不一致"),
MENU_PCODE_COINCIDENCE(400, "菜單編號和副編號不能一致"),
EXISTED_THE_MENU(400, "菜單編號重複,不能添加"),
DICT_MUST_BE_NUMBER(400, "字典的值必須爲數字"),
REQUEST_NULL(400, "請求有錯誤"),
SESSION_TIMEOUT(400, "會話超時"),
SERVER_ERROR(500, "服務器異常"),
TOKEN_EXPIRED(700, "token過期"),
TOKEN_ERROR(700, "token驗證失敗"),
SIGN_ERROR(700, "簽名驗證失敗"),
AUTH_REQUEST_ERROR(400, "賬號密碼錯誤");
ErrorCodeEnum(int code, String message) {
this.code = code;
this.message = message;
}
private Integer code;
private String message;
public Integer getCode() {
return code;
}
public void setCode(Integer code) {
this.code = code;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
}
自定義返回類
import lombok.Data;
import java.io.Serializable;
import java.util.HashMap;
@Data
public class ResponseBo extends HashMap implements Serializable {
private static final long serialVersionUID = -8713837118340960775L;
private static final boolean SUCCESS = true;
private static final boolean FAIL = false;
public static final String MESSAGE_VALUE = "message";
public static final String DATA_VALUE = "data";
public static final String CODE_VALUE = "code";
public static final String SUCCESS_VALUE = "success";
public ResponseBo() {
this.put(SUCCESS_VALUE,SUCCESS);
}
public ResponseBo(boolean success){
this.put(SUCCESS_VALUE,success);
}
public static ResponseBo ok(){
return new ResponseBo();
}
public static ResponseBo ok(String message){
ResponseBo responseBo = new ResponseBo();
responseBo.put(MESSAGE_VALUE,message);
return responseBo;
}
public static ResponseBo error(){
return new ResponseBo(FAIL);
}
public static ResponseBo error(String message){
ResponseBo responseBo = new ResponseBo(FAIL);
responseBo.put(MESSAGE_VALUE,message);
return responseBo;
}
public static ResponseBo error(ErrorCodeEnum e){
ResponseBo responseBo = new ResponseBo(FAIL);
responseBo.put(CODE_VALUE,e.getCode());
responseBo.put(MESSAGE_VALUE,e.getMessage());
return responseBo;
}
public ResponseBo(Integer code, Boolean success, String message, Object data) {
this.put(CODE_VALUE, code);
this.put(SUCCESS_VALUE, success);
this.put(MESSAGE_VALUE, message);
this.put(DATA_VALUE, data);
}
public Integer getCode() {
return (Integer) get(CODE_VALUE);
}
public void setCode(Integer code) {
this.put(CODE_VALUE, code);
}
public Boolean getSuccess() {
return (boolean) get(SUCCESS_VALUE);
}
public void setSuccess(Boolean success) {
this.put(SUCCESS_VALUE, success);
}
public ResponseBo put(String message) {
this.put(MESSAGE_VALUE, message);
return this;
}
public ResponseBo putData(Object data) {
this.put(DATA_VALUE, data);
return this;
}
public String getMessage() {
return (String) this.get(MESSAGE_VALUE);
}
public String getString(String key) {
Object str = this.get(key);
return str != null ? (String) str : "";
}
}
自定義返回數據類
import com.alibaba.fastjson.JSON;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class WebUtilsPro {
public static boolean isAjaxRequest(HttpServletRequest request) {
String requestedWith = request.getHeader("x-requested-with");
if (requestedWith != null && requestedWith.equalsIgnoreCase("XMLHttpRequest")) {
return true;
} else {
return false;
}
}
public static void writer(Object obj , ServletRequest request,ServletResponse response){
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse) response;
resp.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
resp.setHeader("Access-Control-Allow-Credentials", "true");
resp.setContentType("application/json;charset=UTF-8");
try {
resp.getWriter().write(JSON.toJSONString(obj));
} catch (IOException e) {
e.printStackTrace();
}
}
public static void out(HttpServletResponse response, Object obj){
PrintWriter out = null;
try {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
out = response.getWriter();
out.write(JSON.toJSONString(obj));
} catch (IOException e) {
e.printStackTrace();
} finally {
if (out != null) {
out.close();
}
}
}
}
定義未登錄filter
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class SystemUnauthorizedFilter extends FormAuthenticationFilter {
private static final Logger log = LoggerFactory.getLogger(SystemUnauthorizedFilter.class);
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
if (isLoginRequest(request, response)) {
if (isLoginSubmission(request, response)) {
if (log.isTraceEnabled()) {
log.trace("Login submission detected. Attempting to execute login.");
}
return executeLogin(request, response);
} else {
if (log.isTraceEnabled()) {
log.trace("Login page view.");
}
WebUtilsPro.writer(ResponseBo.error(ErrorCodeEnum.NOT_LOGIN),request,response);
return false;
}
} else {
WebUtilsPro.writer(ResponseBo.error(ErrorCodeEnum.NO_PERMITION_AUTHORITY),request,response);
return false;
}
}
}
定義無權限filter
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;
import org.apache.shiro.web.util.WebUtils;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class SystemAuthorizationFilter extends AuthorizationFilter {
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object o) throws Exception {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String url = httpRequest.getRequestURI();
String reqUrl = httpRequest.getRequestURL().toString();
System.out.println("請求地址:"+reqUrl);
System.out.println("參數地址:"+url);
String re = "\\/(.*?)\\/";
Pattern p = Pattern.compile(re);
Matcher m = p.matcher(url);
String server="";
int n=0;
while(m.find()){
server=m.group(1);
if(n==1){
break;
}
n++;
}
Subject subject = getSubject(request, response);
System.out.println("訪問服務名:"+server+";用戶角色是否存在:"+subject.hasRole(server));
if(subject.hasRole(server)){
String rsearch_cid=request.getParameter("search_cid");
if(rsearch_cid!=null){
try{
subject.checkPermission(server+"&"+rsearch_cid);
}catch(Exception e){
return false;
}
}
return true;
}
return false;
}
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
WebUtilsPro.out((HttpServletResponse) response, ResponseBo.error(ErrorCodeEnum.NO_PERMITION_AUTHORITY));
return Boolean.FALSE;
}
}
初始化filter
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import javax.servlet.Filter;
import java.util.*;
@Configuration
public class ShiroConfig {
@Autowired
private FebsProperties febsProperties;
@Autowired
private ShiroAuthMapper authMapper;
@Value("${spring.redis.host}")
private String host;
@Value("${spring.redis.port}")
private int port;
@Value("${spring.redis.password}")
private String password;
@Value("${spring.redis.timeout}")
private int timeout;
private RedisManager redisManager() {
RedisManager redisManager = new RedisManager();
redisManager.setHost(host);
redisManager.setPort(port);
if (CheckUtils.isNotEmpty(password))
redisManager.setPassword(password);
redisManager.setTimeout(timeout);
return redisManager;
}
private RedisCacheManager cacheManager() {
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(redisManager());
return redisCacheManager;
}
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
System.out.println("ShiroConfiguration.shirFilter()");
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
addFilter(shiroFilterFactoryBean);
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
String[] anonUrls = StringUtils.splitByWholeSeparatorPreserveAllTokens(febsProperties.getShiro().getAnonUrl(), ",");
if(CheckUtils.isNotEmpty(anonUrls)) {
for (String url : anonUrls) {
filterChainDefinitionMap.put(url, "anon");
}
}
List<Auth> alist = authMapper.findNeedAuth();
for (Auth auth:alist) {
if(StringUtils.isNotBlank(auth.getUrl())&&StringUtils.isNotBlank(auth.getPerms()) ){
filterChainDefinitionMap.put(auth.getUrl(),"perms["+auth.getPerms()+"]");
}
}
filterChainDefinitionMap.put(febsProperties.getShiro().getLogoutUrl(), "logout");
filterChainDefinitionMap.put("/**", "user");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRememberMeManager(rememberMeManager());
securityManager.setCacheManager(cacheManager());
securityManager.setSessionManager(sessionManager());
securityManager.setRealm(shiroRealm());
return securityManager;
}
@Bean(name = "lifecycleBeanPostProcessor")
public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public ShiroRealm shiroRealm() {
return new ShiroRealm();
}
private void addFilter(ShiroFilterFactoryBean shiroFilterFactoryBean){
Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();
filters.put("perms", authorizationFilter());
filters.put("loginF", unauthorizedFilter());
shiroFilterFactoryBean.setFilters(filters);
}
@Bean("authorizationFilter")
public SystemAuthorizationFilter authorizationFilter() {
return new SystemAuthorizationFilter();
}
@Bean("unauthorizedFilter")
public SystemUnauthorizedFilter unauthorizedFilter(){
return new SystemUnauthorizedFilter();
}
private SimpleCookie rememberMeCookie() {
SimpleCookie cookie = new SimpleCookie("rememberMe");
cookie.setMaxAge(febsProperties.getShiro().getCookieTimeout());
return cookie;
}
private CookieRememberMeManager rememberMeManager() {
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(rememberMeCookie());
cookieRememberMeManager.setCipherKey(Base64.decode("4AvVhmFLUs0KTA3Kprsdag=="));
return cookieRememberMeManager;
}
@Bean
@DependsOn({"lifecycleBeanPostProcessor"})
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
System.out.println("lifecycleBeanPostProcessor");
System.out.println(febsProperties.getClass());
DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
advisorAutoProxyCreator.setProxyTargetClass(true);
return advisorAutoProxyCreator;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
public RedisSessionDAO redisSessionDAO() {
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(redisManager());
return redisSessionDAO;
}
@Bean
public DefaultWebSessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new StatelessSessionManager();
Collection<SessionListener> listeners = new ArrayList<>();
listeners.add(new ShiroSessionListener());
sessionManager.setGlobalSessionTimeout(febsProperties.getShiro().getSessionTimeout());
sessionManager.setSessionListeners(listeners);
sessionManager.setSessionDAO(redisSessionDAO());
sessionManager.setSessionIdUrlRewritingEnabled(false);
return sessionManager;
}
}