之前那篇文章介绍了普通web项目中单点登录cas与权限管理框架shiro集成方式,这里说下spring项目中的集成方式,首先还是配置一个filter
<filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
然后就是shiro的spring bean配置,其实就是把之前的shiro.ini的东西配成spring的bean,shiro-config.xml文件如下:
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd" default-lazy-init="true"> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <!-- 设定角色的登录链接,这里为cas登录页面的链接可配置回调地址 --> <property name="loginUrl" value="https://www.cas.com/login?service=http://www.example.com/shiro-cas" /> <property name="filters"> <util:map> <!-- 添加casFilter到shiroFilter --> <entry key="casFilter" value-ref="casFilter"/> </util:map> </property> <property name="filterChainDefinitions"> <value> /shiro-cas = casFilter /admin/** = roles[ROLE_USER] /** = anon </value> </property> </bean> <bean id="casFilter" class="org.apache.shiro.cas.CasFilter"> <!-- 配置验证错误时的失败页面 --> <property name="failureUrl" value="/error.jsp"/> </bean> <bean id="casRealm" class="org.apache.shiro.cas.CasRealm"> <property name="defaultRoles" value="ROLE_USER"/> <property name="casServerUrlPrefix" value="https://www.cas.com"/> <!-- 客户端的回调地址设置,必须和下面的shiro-cas过滤器拦截的地址一致 --> <property name="casService" value="http://www.example.com/shiro-cas"/> </bean> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="casRealm"/> <property name="subjectFactory" ref="casSubjectFactory"/> </bean> <!-- 如果要实现cas的remember me的功能,需要用到下面这个bean,并设置到securityManager的subjectFactory中 --> <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory"/> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/> <property name="arguments" ref="securityManager"/> </bean> </beans>