在使用springboot整合shiro的过程中,希望静态资源资源不受shiro过滤器‘authc’拦截,于是定义了“anon”,测试发现根本不生效,静态资源路径下的资源(如/js/**)依旧会被拦截并重定向到/login,以下是我的shiro javaconfig
@Configuration public class ShiroConfig { @Value("${shiro.credentialsMatcher.hashIterations}") private int hashIterations; @Value("${shiro.credentialsMatcher.storedCredentialsHexEncoded}") private boolean storedCredentialsHexEncoded; @Configuration protected static class Processor { @Bean public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() { return new LifecycleBeanPostProcessor(); } @Bean @DependsOn("lifecycleBeanPostProcessor") public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { final DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator(); proxyCreator.setProxyTargetClass(true); return proxyCreator; } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor; } } @Bean("credentialsMatcher") public HashedCredentialsMatcher getCredentialsMatcher() { HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName("MD5"); credentialsMatcher.setHashIterations(hashIterations); credentialsMatcher.setStoredCredentialsHexEncoded(storedCredentialsHexEncoded); return credentialsMatcher; } @Bean(name = "shiroEhcacheManager") @DependsOn("lifecycleBeanPostProcessor") public EhCacheManager getEhCacheManager() { EhCacheManager em = new EhCacheManager(); em.setCacheManagerConfigFile("classpath:conf/shiro-ehcache.xml"); return em; } @Bean("userRealm") @DependsOn("lifecycleBeanPostProcessor") public UserRealm getUserRealm(HashedCredentialsMatcher credentialsMatcher) { UserRealm userRealm = new UserRealm(); userRealm.setCachingEnabled(false); userRealm.setCredentialsMatcher(credentialsMatcher); return userRealm; } @Bean("securityManager") public DefaultWebSecurityManager getSecurityManager(UserRealm userRealm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setCacheManager(getEhCacheManager()); securityManager.setRealm(userRealm); return securityManager; } @Bean("shiroFilter") public ShiroFilterFactoryBean getShiroFilter(DefaultWebSecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); Map filterChainDefinitionMap = Maps.newHashMap(); filterChainDefinitionMap.put("/css/**", "anon"); filterChainDefinitionMap.put("/img/**", "anon"); filterChainDefinitionMap.put("/js/**", "anon"); filterChainDefinitionMap.put("/plugins/**", "anon"); filterChainDefinitionMap.put("/error/**", "anon"); filterChainDefinitionMap.put("/login", "authc"); filterChainDefinitionMap.put("/logout", "logout"); filterChainDefinitionMap.put("/**", "authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); shiroFilterFactoryBean.setLoginUrl("/login"); shiroFilterFactoryBean.setSuccessUrl("/"); shiroFilterFactoryBean.setUnauthorizedUrl("/login"); return shiroFilterFactoryBean; } }
请指正
解决了,filterChainDefinitionMap应当为LinkedHashMap