/*
* Copyright 2010-2015 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package cn.fh.starter.shiro.autoconfigure;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.mgt.DefaultSessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.DependsOn;
/**
* Shiro Config Manager.
*/
public class ShiroManager {
/**
* 保证实现了Shiro内部lifecycle函数的bean执行
*/
@Bean(name = "lifecycleBeanPostProcessor")
@ConditionalOnMissingBean
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
//@Bean(name = "defaultAdvisorAutoProxyCreator")
//@ConditionalOnMissingBean
//@DependsOn("lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
return defaultAdvisorAutoProxyCreator;
}
/**
* 用户授权信息Cache
*/
@Bean(name = "shiroCacheManager")
@ConditionalOnMissingBean
public CacheManager cacheManager() {
return new MemoryConstrainedCacheManager();
}
@Bean(name = "securityManager")
@ConditionalOnMissingBean
public DefaultSecurityManager securityManager(CacheManager shiroCacheManager) {
DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager();
// 用自己的Factory实现替换默认
// 用于关闭session功能
dwsm.setSubjectFactory(new StatelessSubjectFactory());
dwsm.setSessionManager(defaultSessionManager());
// 关闭session存储
((DefaultSessionStorageEvaluator) ((DefaultSubjectDAO)dwsm.getSubjectDAO()).getSessionStorageEvaluator()).setSessionStorageEnabled(false);
// <!-- 用户授权/认证信息Cache, 采用EhCache 缓存 -->
dwsm.setCacheManager(shiroCacheManager);
SecurityUtils.setSecurityManager(dwsm);
return dwsm;
}
@Bean
@ConditionalOnMissingBean
public DefaultSessionManager defaultSessionManager() {
DefaultSessionManager manager = new DefaultSessionManager();
// 关闭session定时检查
manager.setSessionValidationSchedulerEnabled(false);
return manager;
}
@Bean
@ConditionalOnMissingBean
public ShiroFilterRegistry shiroFilterRegistry() {
return new ShiroFilterRegistry();
}
@Bean
@ConditionalOnMissingBean
public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(DefaultSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();
aasa.setSecurityManager(securityManager);
return new AuthorizationAttributeSourceAdvisor();
}
}
